Ah, ok! This is an issue I've updated on a bunch of other projects, but not got to this one yet. This broke because of event-stream was compromised and then got yanked from the registry.
I've pushed updates to the package.json, so you should be able to pull the latest and try again.
Very interesting and unfortunate about event-stream (I hadn't known). I'm excited to try you're updated app :)
Changing the topic a bit, do you know of a site for checking whether an npm package is compromised.. something like Have I Been Pwnd? I couldn't find one in 30 seconds of googling...
Compromised packages tend to be removed as soon as npm finds out about it, so there's not much need for a service like that.
There are services for checking whether a package has a vulnerability in. You can run npm audit or use something like Snyk to achieve this.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.