Getting Plugins to Load in Generator-Core

by | Nov 12, 2020 | Development | 0 comments

Downgrade generator-core to version 3.12.0.

As has become a regular thing now, I ran into an issue recently while following Davide Barranca‘s Native Photoshop Apps course. During video #15 – Generator SocketIO Server, Davide instructs that we are to install and simply run the Generator app like in the previous video. Unfortunately, doing so spits out an error message:

[error:app 10:31:32.339 C:\Users\<username>\dev\projects\js-ps-app\generator\generator-core\app.js:336:37] Unable to load plugin at 'C:\Users\<username>\dev\projects\js-ps-app\generator\plugins\generator-starter': Could not load plugin at path 'C:\Users\<username>\dev\projects\js-ps-app\generator\plugins\generator-starter': Cannot find module ''

Not knowing what to do about this, since I followed the instructions precisely, I posted my plea for help on StackOverflow. Thankfully, someone with more knowledge about—and/or time to investigate the changelogs of—generator-core, responded with a solution.

Apparently, there was a recent vulnerability in NodeJS that caused the developers of generator-core to block the app from accepting any dependencies outside of the plugin’s own node_modules folder. This very strict policy has caused any node modules installed in the sibling plugins directory to be ignored. I’ve already brought up the issue with the devs and hopefully, they can come up with some sort of resolution to this.

In the meantime, however, the only way to get it working again—according to jwatkins, who wrote the answer to my SO question—is to “downgrade” to version 3.12.0 of generator-core. As it turns out, that version is the most recent one released anyway (as of this writing), so it doesn’t really feel like downgrading. At any rate, once I did so, running the app as instructed in the video works perfectly.

So, until the security issues with NodeJS have been resolved and generator-core removes the node_modules restriction, this is the solution that I will have to go with, regardless of the security implications.

Related Posts:


Submit a Comment

Your email address will not be published. Required fields are marked *