2

I'm getting this error after npm install, 

6397 verbose stack Error: 404 Not Found: flatmap-stream@0.1.2
6397 verbose stack     at fetch.then.res (C:\Users\\AppData\Roaming\npm\node_modules\npm\node_modules\pacote\lib\fetchers\registry\fetch.js:42:19)
6397 verbose stack     at tryCatcher (C:\Users\\AppData\Roaming\npm\node_modules\npm\node_modules\bluebird\js\release\util.js:16:23)
6397 verbose stack     at Promise._settlePromiseFromHandler (C:\Users\\AppData\Roaming\npm\node_modules\npm\node_modules\bluebird\js\release\promise.js:512:31)
6397 verbose stack     at Promise._settlePromise (C:\Users\\AppData\Roaming\npm\node_modules\npm\node_modules\bluebird\js\release\promise.js:569:18)
6397 verbose stack     at Promise._settlePromise0 (C:\Users\\AppData\Roaming\npm\node_modules\npm\node_modules\bluebird\js\release\promise.js:614:10)
6397 verbose stack     at Promise._settlePromises (C:\Users\\AppData\Roaming\npm\node_modules\npm\node_modules\bluebird\js\release\promise.js:693:18)
6397 verbose stack     at Async._drainQueue (C:\Users\\AppData\Roaming\npm\node_modules\npm\node_modules\bluebird\js\release\async.js:133:16)
6397 verbose stack     at Async._drainQueues (C:\Users\\AppData\Roaming\npm\node_modules\npm\node_modules\bluebird\js\release\async.js:143:10)
6397 verbose stack     at Immediate.Async.drainQueues (C:\Users\\AppData\Roaming\npm\node_modules\npm\node_modules\bluebird\js\release\async.js:17:14)
6397 verbose stack     at runCallback (timers.js:810:20)
6397 verbose stack     at tryOnImmediate (timers.js:768:5)
6397 verbose stack     at processImmediate [as _immediateCallback] (timers.js:745:5)

Node version is: 8.12.0, NPM version is 6.1.0 ,

Any help will be appreciated.

Shahar Shokrani
  • 7,598
  • 9
  • 48
  • 91

1 Answers1

4

flatmap-stream was unpublished by npm since malicious code was presumedly injected into the source.

If this is a direct dependency of your package, remove it and try npm installing again. If it's a nested dependency of any of your installed packages, either stop using the package or override it with another one using shrinkwrap

Tom M
  • 2,815
  • 2
  • 20
  • 47
  • 3
    if you want to read more about the attack here is a link: https://www.theregister.co.uk/2018/11/26/npm_repo_bitcoin_stealer/ – sbattou Dec 20 '18 at 15:17