Can't get MM to start, says it can't find electron, then electron won't start

jmartin1009

@sdetweil I erased node_modules and reinstalled magicmirror and got this

Cloning MagicMirror Done!
Installing dependencies ...
npm WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning ENODATA: Cache input stream was empty
npm WARN registry Using stale package data from https://registry.npmjs.org/ due to a request error during revalidation.
npm ERR! code EINTEGRITY
npm ERR! errno EINTEGRITY
npm ERR! Invalid response body while trying to fetch https://registry.npmjs.org/feedme: Integrity verification failed for sha512-neorTWnU+xIGoFGw5xKt8oa6Zrp4OIAdLKdTJkmTvESrU1kHYWBEQbxKaFtPAPPX7OiREkBnp0E0/gPN4QnmQg== (/home/pi/.npm/_cacache/content-v2/sha512/9d/ea/2b4d69d4fb1206a051b0e712adf286ba66ba7838801d2ca753264993bc44ab53590761604441bc4a685b4f00f3d7ece891124067a74134fe03cde109e642)

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/pi/.npm/_logs/2019-02-20T17_49_38_341Z-debug.log
Unable to install dependencies!

What do I do now?

sdetweil

from the /hom/pi folder do

rm -rf .npm
cd MagicMirror
rm -rf node_modules
npm install

jmartin1009

@sdetweil I am now given this, what do I do next?

MagicMirror installation successful!

> magicmirror@2.6.0 install-fonts /home/pi/MagicMirror
> cd fonts && npm install

added 1 package from 1 contributor and audited 1 package in 5.243s
found 0 vulnerabilities

npm WARN grunt-stylelint@0.10.1 requires a peer of stylelint@^9.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN acorn-jsx@5.0.1 requires a peer of acorn@^6.0.0 but none is installed. You must install peer dependencies yourself.

added 930 packages from 1367 contributors and audited 2433 packages in 160.197s
found 23 vulnerabilities (8 low, 14 moderate, 1 high)
  run `npm audit fix` to fix them, or `npm audit` for details

sdetweil

@jmartin1009 if your mirror is not accessible from the internet I would not worry about these vulnerabilities.

jmartin1009

@sdetweil does that mean I can’t use any modules that use the internet? im using ssh to do these codes and I plan to use alexa and stuff with it so it will require internet use, so what did you mean by that?

sdetweil

@jmartin1009 good point. I would run npm audit to get a list of the issues. These generally end up being challenging to solve completely.

jmartin1009

@sdetweil I ran the audit and then I ran the audit fix and I got this:

found 23 vulnerabilities (8 low, 14 moderate, 1 high) in 2433 scanned packages
  run `npm audit fix` to fix 13 of them.
  8 vulnerabilities require semver-major dependency updates.
  2 vulnerabilities require manual review. See the full report for details.
pi@raspberrypi:~/MagicMirror $ npm audit fix
-bash: pm: command not found
pi@raspberrypi:~/MagicMirror $ npm audit fix
npm WARN acorn-jsx@5.0.1 requires a peer of acorn@^6.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN grunt-stylelint@0.10.1 requires a peer of stylelint@^9.0.0 but none is installed. You must install peer dependencies yourself.

+ jshint@2.10.1
added 4 packages from 4 contributors, removed 7 packages and updated 13 packages in 39.446s
fixed 13 of 23 vulnerabilities in 2433 scanned packages
  2 vulnerabilities required manual review and could not be updated
  1 package update for 8 vulns involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)


   ╭───────────────────────────────────────────────────────────────╮
   │                                                               │
   │       New minor version of npm available! 6.4.1 → 6.8.0       │
   │   Changelog: https://github.com/npm/cli/releases/tag/v6.8.0   │
   │               Run npm install -g npm to update!               │
   │                                                               │
   ╰───────────────────────────────────────────────────────────────╯

what should I do now?

sdetweil

@jmartin1009 I would see what that 1 high priority issue is.

At the bottom it says some breaking changes required to fix one issue. Breaking changes mean other code needs to be changed. So I would stay away from that fix

jmartin1009

@sdetweil I ran the audit again and I believe the fix I did fixed it, but it says I still have 11 vulnerabilities, which are:

pi@raspberrypi:~/MagicMirror $ npm audit

                       === npm audit security report ===

# Run  npm install --save-dev stylelint@9.10.1  to resolve 8 vulnerabilities
SEMVER WARNING: Recommended action is a potentially breaking change
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Regular Expression Denial of Service                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ braces                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ stylelint [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ stylelint > micromatch > braces                              │
├───────────────���──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/786                       │
└───────────────┴──────────────────────────────────────────────────────────────┘


┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate      │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ stylelint [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ stylelint > lodash                                           │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/782                       │
└───────────────┴──────────────────────────────────────────────────────────────┘


┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate      │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ stylelint [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ stylelint > postcss-reporter > lodash                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/782                       │
└───────────────┴──────────────────────────────────────────────────────────────┘


┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate      │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ stylelint [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ stylelint > table > lodash                                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/782                       │
└───────────────┴──────────────────────────────────────────────────────────────┘


┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ stylelint [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ stylelint > lodash                                           │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/577                       │
└───────────────┴──────────────────────────────────────────────────────────────┘


┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ stylelint [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ stylelint > postcss-reporter > lodash                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/577                       │
└───────────────┴──────────────────────────────────────────────────────────────┘


┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ stylelint [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ stylelint > table > lodash                                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/577                       │
└───────────────┴──────────────────────────────────────────────────────────────┘


┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Cryptographically Weak PRNG                                  │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ randomatic                                                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ stylelint [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ stylelint > micromatch > braces > expand-range > fill-range  │
│               │ > randomatic                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/157                       │
└───────────────┴──────────────────────────────────────────────────────────────┘


# Run  npm update lodash --depth 5  to resolve 1 vulnerability
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate      │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ spectron [dev]                                               │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ spectron > webdriverio > gaze > globule > lodash             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/782                       │
└───────────────┴──────────────────────────────────────────────────────────────┘


┌──────────────────────────────────────────────────────────────────────────────┐
│                                Manual Review                                 │
│            Some vulnerabilities require your attention to resolve            │
│                                                                              │
│         Visit https://go.npm.me/audit-guide for additional guidance          │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate      │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=4.17.11                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ express-ipfilter                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ express-ipfilter > lodash                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/782                       │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=4.17.5                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ express-ipfilter                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ express-ipfilter > lodash                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/577                       │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 11 vulnerabilities (6 low, 5 moderate) in 2427 scanned packages
  run `npm audit fix` to fix 1 of them.
  8 vulnerabilities require semver-major dependency updates.
  2 vulnerabilities require manual review. See the full report for details.

sorry for it being long, just easiest to copy and paste over from the ssh lol

sdetweil

As they are low or moderate risk, I would not worry about them.