TypeScript (2307) 'Cannot Find Module' Error for 'express' and 'apollo-server-express'

Question

Im working on a TypeScript project where I'm trying to use modules from the express, apollo-server-express, and other libraries in my index.ts file. However, I'm facing the following error:

"Cannot find module 'express' or its corresponding type declarations."

I'm using Yarn (3.6.4) to manage my packages. My package.json file lists the dependencies and devDependencies, including "express" and "apollo-server-express".

package.json

{
  "name": "FlirtyZone-API",
  "compilerOptions": {
    "types": [
      "node",
      "express",
      "apollo-server-express"
    ],
    "typeRoots": [
      "./node_modules/@types"
    ]
  },
  "dependencies": {
    "@nestjs/typeorm": "^10.0.0",
    "apollo-server": "^3.12.1",
    "apollo-server-express": "^3.12.1",
    "dotenv": "^16.3.1",
    "graphql": "^16.8.1",
    "graphql-import": "^1.0.2",
    "graphql-tools": "^9.0.0",
    "mysql2": "^3.6.2",
    "reflect-metadata": "^0.1.13"
  },
  "devDependencies": {
    "@types/express": "^4.17.20",
    "@types/jest": "^29.5.6",
    "@types/node": "^20.8.7",
    "eslint": "^8.51.0",
    "eslint-config-prettier": "^9.0.0",
    "eslint-plugin-prettier": "^5.0.1",
    "jest": "^29.7.0",
    "prettier": "^3.0.3",
    "ts-jest": "^29.1.1",
    "ts-node": "^10.9.1",
    "typescript": "^5.2.2"
  }
}

My tsconfig.json file specifies "target": "esnext", "module": "commonjs", "esModuleInterop": true, and "outDir": "./", among other settings.

tsconfig file

{
  "compilerOptions": {
    "target": "esnext",
    "module": "commonjs",
    "forceConsistentCasingInFileNames": true,
    "strict": true,
    "noImplicitAny": true,
    "strictNullChecks": true,
    "noUnusedLocals": true,
    "noUnusedParameters": true,
    "noImplicitReturns": true,
    "noFallthroughCasesInSwitch": true,
    "allowSyntheticDefaultImports": true,
    "esModuleInterop": true,
    "skipLibCheck": true,
    "sourceMap": true,
    "outDir": "./",
  },
  "include": [
    "src/**/*.ts"
  ],
  "exclude": [
    "node_modules"
  ]
}

I've checked that I've installed the required packages using Yarn, and they are present in my node_modules directory. I've also ensured that I have included "express" and "apollo-server-express" in my "types" and "typeRoots" settings in tsconfig.json.

When I run npm outdated gives me no error seems everything looks good. But when I run npm audit it gives me a bunch of critical errors.

npm outdated

npm audit

PS C:\FlirtyZone\FlirtyZone-API>  npm audit
#npm audit report

@babel/traverse  <7.23.2
Severity: critical
Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code - https://github.com/advisories/GHSA-67hx-6x53-jw92
fix available via `npm audit fix`
node_modules/graphql-import/node_modules/@babel/traverse
  @graphql-toolkit/graphql-tag-pluck  *
  Depends on vulnerable versions of @babel/traverse
  Depends on vulnerable versions of @graphql-toolkit/common
  node_modules/graphql-import/node_modules/@graphql-toolkit/code-file-loader/node_modules/@graphql-toolkit/graphql-tag-pluck
    @graphql-toolkit/code-file-loader  *
    Depends on vulnerable versions of @graphql-toolkit/common
    Depends on vulnerable versions of @graphql-toolkit/graphql-tag-pluck
    node_modules/graphql-import/node_modules/@graphql-toolkit/code-file-loader

cross-fetch  <=2.2.3 || 2.2.5 || 3.0.0 - 3.1.4 || 3.2.0-alpha.0 - 3.2.0-alpha.2
Severity: high
Incorrect Authorization in cross-fetch - https://github.com/advisories/GHSA-7gc6-qh9x-w6h8
Depends on vulnerable versions of node-fetch
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/cross-fetch
  @graphql-toolkit/url-loader  *
  Depends on vulnerable versions of @graphql-toolkit/common
  Depends on vulnerable versions of cross-fetch
  node_modules/graphql-import/node_modules/@graphql-toolkit/url-loader
    graphql-import  >=0.7.2-0c828d9.0
    Depends on vulnerable versions of @graphql-toolkit/code-file-loader
    Depends on vulnerable versions of @graphql-toolkit/core
    Depends on vulnerable versions of @graphql-toolkit/graphql-file-loader
    Depends on vulnerable versions of @graphql-toolkit/json-file-loader
    Depends on vulnerable versions of @graphql-toolkit/schema-merging
    Depends on vulnerable versions of @graphql-toolkit/url-loader
    node_modules/graphql-import

lodash  <=4.17.20
Severity: high
Prototype Pollution in lodash - https://github.com/advisories/GHSA-p6mc-m468-83gw
Command Injection in lodash - https://github.com/advisories/GHSA-35jh-r3h4-6jhm
Regular Expression Denial of Service (ReDoS) in lodash - https://github.com/advisories/GHSA-29mw-wpgm-hmr9
fix available via `npm audit fix`
node_modules/lodash
  @graphql-toolkit/common  *
  Depends on vulnerable versions of lodash
  node_modules/graphql-import/node_modules/@graphql-toolkit/code-file-loader/node_modules/@graphql-toolkit/common
  node_modules/graphql-import/node_modules/@graphql-toolkit/core/node_modules/@graphql-toolkit/common
  node_modules/graphql-import/node_modules/@graphql-toolkit/graphql-file-loader/node_modules/@graphql-toolkit/common
  node_modules/graphql-import/node_modules/@graphql-toolkit/json-file-loader/node_modules/@graphql-toolkit/common
  node_modules/graphql-import/node_modules/@graphql-toolkit/schema-merging/node_modules/@graphql-toolkit/common
  node_modules/graphql-import/node_modules/@graphql-toolkit/url-loader/node_modules/@graphql-toolkit/common
    @graphql-toolkit/core  *
    Depends on vulnerable versions of @graphql-toolkit/common
    Depends on vulnerable versions of @graphql-toolkit/schema-merging
    Depends on vulnerable versions of lodash
    node_modules/graphql-import/node_modules/@graphql-toolkit/core
    @graphql-toolkit/graphql-file-loader  *
    Depends on vulnerable versions of @graphql-toolkit/common
    node_modules/graphql-import/node_modules/@graphql-toolkit/graphql-file-loader
    @graphql-toolkit/json-file-loader  *
    Depends on vulnerable versions of @graphql-toolkit/common
    node_modules/graphql-import/node_modules/@graphql-toolkit/json-file-loader
    @graphql-toolkit/schema-merging  *
    Depends on vulnerable versions of @graphql-toolkit/common
    node_modules/graphql-import/node_modules/@graphql-toolkit/schema-merging

node-fetch  <=2.6.6
Severity: high
The `size` option isn't honored after following a redirect in node-fetch - https://github.com/advisories/GHSA-w7rc-rwvf-8q5r
node-fetch forwards secure headers to untrusted sites - https://github.com/advisories/GHSA-r683-j2x4-v87g
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/cross-fetch/node_modules/node-fetch

13 vulnerabilities (9 high, 4 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

I would appreciate any guidance on resolving this error. I've tried several approaches, including checking my project configuration, updating packages, and modifying my TypeScript settings, but I'm still facing this issue.

Answer 1

make sure that the versions of your dependencies are compatible with each other to avoid version conflicts in the project. You can check for version conflicts by running

$ npm audit
Or $ npm outdated

Regards