redos | examples of regular expression dos attack | Regex library

As has been commented in the comments section, the issue has been solved by moving the project folder outside the OneDrive directory.

Because it's a synchronized cloud folder, as soon as you install/add/delete/update anything, it's being updated in the OneDrive cloud so the file/folder it's being used in the background and potentially unreachable. If at this time you try to develop the project (gatsby develop or gatsby build) and the file is being used, you won't be able to run it.

I don't think it's a good practice to use a cloud folder because the amount of data synchronized (mainly because of the node_modules) it's something to care about (it's also ignored in the .gitignore for a reason) so moving it to any other folder outside the OneDrive directory should be enough to run your project because the rest of global dependencies, according to your logs, were successfully installed.

Define variables and functions outside build method. As setState method, calls build, every time it is called. Like this :

If you have cloned the repo you can run

As you are using node version 17, I can see that this problem happens,

Downgrading to node version 16 will solve the problem(using nvm):

The node-sass package suggests that the Node 16 is supported in node-sass version 6+. So, install the latest version of node-sass (npm i node-sass@latest) or update the package.json dependency to "node-sass": "^7.0.1" and then try a full install again (npm install).

Edit

I had to perform a couple of extra steps to get this to work.

1. Add "node-sass": "^7.0.1" as the dependency in package.json
2. Install react-scripts version 4.0.3: npm install react-scripts@4.0.3
3. Rebuild node-sass with npm rebuild node-sass
4. Start the application with npm start

You could even investigate updating react-scripts to the latest version 5.

I had the same problem with literally the exact same number of vulnerabilities.

Check out the solution here

That means that the package-lock.json file was created while performing an npm install with an npm version less than 7.

npm 7 has changed not only the format of package-lock.json, but also how it handles peer dependencies. When you upgrade to a newer npm version ( >=7 ) make sure to test everything properly with a freshly checked out repo that still has the old file version.

You can resolve the issue (when all testing went well) by committing and pushing the package-lock.json in the new format.

Browsing through the source code on github i have found this comment:

Initializations that potentially take place as a priveleged user: If the executable is setuid root, then these initializations are run as root, before discarding privileges.

The function which this comment addresses:

As said by default Equals checks for reference equality for classes which is not what you want to do and what afaik for struct fails per default since they are value types and therefore never the same instance.

You would rather want to see whether the before and after value are different.

You can of course implement any method checking the equality but the best practice is implementing IEquatable

Therefore you could use something like e.g.