Electron error when trying to install Truffle

Question

When I try install truffle using npm install -g truffle@5.4.29 I get a warning that there are 15 vunerabilities (10 moderate, 4 high and 1 critical). When I run npm audit fix I get the following errors

electron <=13.6.3 Severity: high

Context isolation bypass via leaked cross-context objects in Electron - https://github.com/advisories/GHSA-m93v-9qjc-3g79

Sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage API - https://github.com/advisories/GHSA-mpjm-v997-c4h4

IPC messages delivered to the wrong frame in Electron - https://github.com/advisories/GHSA-hvf8-h2qh-37m9

Context isolation bypass via Promise in Electron - https://github.com/advisories/GHSA-6vrv-94jv-crrg

Renderers can obtain access to random bluetooth device without permission in Electron - https://github.com/advisories/GHSA-3p22-ghq8-v749

fix available via npm audit fix

node_modules/electron-eval/node_modules/electron

electron-eval >=0.9.8
Depends on vulnerable versions of electron node_modules/electron-eval

the version of electron installed is 19.0.3

I've tried to uninstall electron and change the version but nothing is working, I'm not sure why electron is installed, I don't think I have used it for anything

Thanks Noelle

Answer 1

The latest version of truffle requires c++ development tools as per this SO question Getting Error on installing Truffle on windows 10 using npm install truffle -g

I think there may have been some compatibility issues, I had versions of VS from 2005 and onwards on my machine. The only solution I could come up with was to remove all instances of Visual Studio, I was then able to install truffle version 5.4.29 without issue. I have since installed VS code and it works grand.