1

Im working on a TypeScript project where I'm trying to use modules from the express, apollo-server-express, and other libraries in my index.ts file. However, I'm facing the following error:

"Cannot find module 'express' or its corresponding type declarations."

I'm using Yarn (3.6.4) to manage my packages. My package.json file lists the dependencies and devDependencies, including "express" and "apollo-server-express".

package.json

{
  "name": "FlirtyZone-API",
  "compilerOptions": {
    "types": [
      "node",
      "express",
      "apollo-server-express"
    ],
    "typeRoots": [
      "./node_modules/@types"
    ]
  },
  "dependencies": {
    "@nestjs/typeorm": "^10.0.0",
    "apollo-server": "^3.12.1",
    "apollo-server-express": "^3.12.1",
    "dotenv": "^16.3.1",
    "graphql": "^16.8.1",
    "graphql-import": "^1.0.2",
    "graphql-tools": "^9.0.0",
    "mysql2": "^3.6.2",
    "reflect-metadata": "^0.1.13"
  },
  "devDependencies": {
    "@types/express": "^4.17.20",
    "@types/jest": "^29.5.6",
    "@types/node": "^20.8.7",
    "eslint": "^8.51.0",
    "eslint-config-prettier": "^9.0.0",
    "eslint-plugin-prettier": "^5.0.1",
    "jest": "^29.7.0",
    "prettier": "^3.0.3",
    "ts-jest": "^29.1.1",
    "ts-node": "^10.9.1",
    "typescript": "^5.2.2"
  }
}

My tsconfig.json file specifies "target": "esnext", "module": "commonjs", "esModuleInterop": true, and "outDir": "./", among other settings.

tsconfig file

{
  "compilerOptions": {
    "target": "esnext",
    "module": "commonjs",
    "forceConsistentCasingInFileNames": true,
    "strict": true,
    "noImplicitAny": true,
    "strictNullChecks": true,
    "noUnusedLocals": true,
    "noUnusedParameters": true,
    "noImplicitReturns": true,
    "noFallthroughCasesInSwitch": true,
    "allowSyntheticDefaultImports": true,
    "esModuleInterop": true,
    "skipLibCheck": true,
    "sourceMap": true,
    "outDir": "./",
  },
  "include": [
    "src/**/*.ts"
  ],
  "exclude": [
    "node_modules"
  ]
}

enter image description here

I've checked that I've installed the required packages using Yarn, and they are present in my node_modules directory. I've also ensured that I have included "express" and "apollo-server-express" in my "types" and "typeRoots" settings in tsconfig.json.

When I run npm outdated gives me no error seems everything looks good. But when I run npm audit it gives me a bunch of critical errors.

npm outdated

enter image description here

npm audit

PS C:\FlirtyZone\FlirtyZone-API>  npm audit
#npm audit report

@babel/traverse  <7.23.2
Severity: critical
Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code - https://github.com/advisories/GHSA-67hx-6x53-jw92
fix available via `npm audit fix`
node_modules/graphql-import/node_modules/@babel/traverse
  @graphql-toolkit/graphql-tag-pluck  *
  Depends on vulnerable versions of @babel/traverse
  Depends on vulnerable versions of @graphql-toolkit/common
  node_modules/graphql-import/node_modules/@graphql-toolkit/code-file-loader/node_modules/@graphql-toolkit/graphql-tag-pluck
    @graphql-toolkit/code-file-loader  *
    Depends on vulnerable versions of @graphql-toolkit/common
    Depends on vulnerable versions of @graphql-toolkit/graphql-tag-pluck
    node_modules/graphql-import/node_modules/@graphql-toolkit/code-file-loader

cross-fetch  <=2.2.3 || 2.2.5 || 3.0.0 - 3.1.4 || 3.2.0-alpha.0 - 3.2.0-alpha.2
Severity: high
Incorrect Authorization in cross-fetch - https://github.com/advisories/GHSA-7gc6-qh9x-w6h8
Depends on vulnerable versions of node-fetch
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/cross-fetch
  @graphql-toolkit/url-loader  *
  Depends on vulnerable versions of @graphql-toolkit/common
  Depends on vulnerable versions of cross-fetch
  node_modules/graphql-import/node_modules/@graphql-toolkit/url-loader
    graphql-import  >=0.7.2-0c828d9.0
    Depends on vulnerable versions of @graphql-toolkit/code-file-loader
    Depends on vulnerable versions of @graphql-toolkit/core
    Depends on vulnerable versions of @graphql-toolkit/graphql-file-loader
    Depends on vulnerable versions of @graphql-toolkit/json-file-loader
    Depends on vulnerable versions of @graphql-toolkit/schema-merging
    Depends on vulnerable versions of @graphql-toolkit/url-loader
    node_modules/graphql-import

lodash  <=4.17.20
Severity: high
Prototype Pollution in lodash - https://github.com/advisories/GHSA-p6mc-m468-83gw
Command Injection in lodash - https://github.com/advisories/GHSA-35jh-r3h4-6jhm
Regular Expression Denial of Service (ReDoS) in lodash - https://github.com/advisories/GHSA-29mw-wpgm-hmr9
fix available via `npm audit fix`
node_modules/lodash
  @graphql-toolkit/common  *
  Depends on vulnerable versions of lodash
  node_modules/graphql-import/node_modules/@graphql-toolkit/code-file-loader/node_modules/@graphql-toolkit/common
  node_modules/graphql-import/node_modules/@graphql-toolkit/core/node_modules/@graphql-toolkit/common
  node_modules/graphql-import/node_modules/@graphql-toolkit/graphql-file-loader/node_modules/@graphql-toolkit/common
  node_modules/graphql-import/node_modules/@graphql-toolkit/json-file-loader/node_modules/@graphql-toolkit/common
  node_modules/graphql-import/node_modules/@graphql-toolkit/schema-merging/node_modules/@graphql-toolkit/common
  node_modules/graphql-import/node_modules/@graphql-toolkit/url-loader/node_modules/@graphql-toolkit/common
    @graphql-toolkit/core  *
    Depends on vulnerable versions of @graphql-toolkit/common
    Depends on vulnerable versions of @graphql-toolkit/schema-merging
    Depends on vulnerable versions of lodash
    node_modules/graphql-import/node_modules/@graphql-toolkit/core
    @graphql-toolkit/graphql-file-loader  *
    Depends on vulnerable versions of @graphql-toolkit/common
    node_modules/graphql-import/node_modules/@graphql-toolkit/graphql-file-loader
    @graphql-toolkit/json-file-loader  *
    Depends on vulnerable versions of @graphql-toolkit/common
    node_modules/graphql-import/node_modules/@graphql-toolkit/json-file-loader
    @graphql-toolkit/schema-merging  *
    Depends on vulnerable versions of @graphql-toolkit/common
    node_modules/graphql-import/node_modules/@graphql-toolkit/schema-merging

node-fetch  <=2.6.6
Severity: high
The `size` option isn't honored after following a redirect in node-fetch - https://github.com/advisories/GHSA-w7rc-rwvf-8q5r
node-fetch forwards secure headers to untrusted sites - https://github.com/advisories/GHSA-r683-j2x4-v87g
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/cross-fetch/node_modules/node-fetch

13 vulnerabilities (9 high, 4 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

I would appreciate any guidance on resolving this error. I've tried several approaches, including checking my project configuration, updating packages, and modifying my TypeScript settings, but I'm still facing this issue.

Improve this question

1 Answer 1

Reset to default
0

make sure that the versions of your dependencies are compatible with each other to avoid version conflicts in the project. You can check for version conflicts by running

$ npm audit
Or $ npm outdated

Regards

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.