Problem
In Brief
In my current project with old libraries, I am having '1 high severity vulnerability' as can be seen with 'npm audit'. So I want to update the libraries to latest verions. But updating them breaks my build.
+ Detail
I am building a multi-page Vue project with Vite by using a Multi-page-plugin: vite-plugin-virtual-mpa and vite-vue plugin: @vitejs/plugin-vue. But after the build, the generated html files are not having links to generated asset files. Have a look at images below.
How it should be: Code with proper asset urls
How it is: Code without asset urls
( I made a minimum reproducible version of the project. https://github.com/shivamrawal19/testmpa It has both old and new version of package.json & package-lock.json files, so you can test it in both cases. )
What I've tried
I tried to update packages one by one to see, when the issue is coming, but no matter which library I update first, it fails.
-
- I found out that even if I run
npm installon just oldpackage.json( i.e. without oldpackage-lock.json) it is generating wrongpackage-lock.jsonfile which inturn generates wrongnode_modulesand wrongnpm run build. - So only if I use both old
package.jsonand oldpackage-lock.jsonand then runnpm installthen only it works. So the oldpackage-lock.jsonis somehow built properly.
- I found out that even if I run
I am not sure about which package is causing error so I am posting this on StackOverflow, instead of respective package's github issues page.
I think the issue is with some library as my code seems quite simple and bug-free to me, but do correct me if that's not the case.