• Recent
  • Tags
  • Unsolved
  • Solved
  • MagicMirror² Repository
  • Documentation
  • 3rd-Party-Modules
  • Donate
  • Discord
  • Register
  • Login
MagicMirror Forum
  • Recent
  • Tags
  • Unsolved
  • Solved
  • MagicMirror² Repository
  • Documentation
  • 3rd-Party-Modules
  • Donate
  • Discord
  • Register
  • Login
A New Chapter for MagicMirror: The Community Takes the Lead
Read the statement by Michael Teeuw here.

How to 'manual review' vulnerabilities and what are 'breaking changes'?

Scheduled Pinned Locked Moved Unsolved Troubleshooting
6 Posts 3 Posters 1.9k Views 3 Watching
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D Offline
    DæmonEyes
    last edited by Apr 5, 2019, 1:35 PM

    So I just managed to update my MM (with help from @thedoorsfanatic ) and it said I had 27 vulnerabilities and to do an audit fix which I promptly did.

    0_1554471049642_20190405_080358.jpg

    And after that I got that message saying
    2 vulnerabilities require manual review and could not be updated
    1 package update for 9 vulns involved breaking changes

    0_1554471253294_20190405_080816.jpg

    How do I do a manual review? And what are breaking changes? Can I run the npm audit fix --force or should I avoid doing that?

    D 1 Reply Last reply Apr 5, 2019, 1:41 PM Reply Quote 0
    • D Offline
      DæmonEyes @DæmonEyes
      last edited by Apr 5, 2019, 1:41 PM

      @DæmonEyes I tried npm audit as well

      0_1554471613526_20190405_083648.jpg

      T 1 Reply Last reply Apr 5, 2019, 2:18 PM Reply Quote 0
      • T Offline
        thedoorsfanatic @DæmonEyes
        last edited by Apr 5, 2019, 2:18 PM

        @DæmonEyes
        me again
        have you tried sudo npm audit fix?

        My Smart Mirror YouTube playlist: https://www.youtube.com/playlist?list=PL9Iv_4Mvy6o2tnvdhNBstVWNefgUP9ELp

        D 1 Reply Last reply Apr 5, 2019, 3:37 PM Reply Quote 0
        • S Offline
          sdetweil
          last edited by Apr 5, 2019, 2:20 PM

          i can’t answer on the how to review and resolve the manual issues…

          breaking changes are between version x and current version, so api changed how it worked, and all using applications MUST change to the new way or they are broken (won’t work)…

          in my old world and IBM, this was NEVER allowed… same data produces same results forever…
          u want to change it so NEW data produces NEW results… ok… but old format MUST remain…

          developers have a lot of NEW work to do, they don’t need to run around and fix old versions of the app…
          (usually don’t get paid for fixes like this)

          Sam

          How to add modules

          learning how to use browser developers window for css changes

          D 1 Reply Last reply Apr 5, 2019, 3:35 PM Reply Quote 0
          • D Offline
            DæmonEyes @sdetweil
            last edited by Apr 5, 2019, 3:35 PM

            @sdetweil hmmm that makes sense. So would npm audit fix --force help? or just make things worse?

            1 Reply Last reply Reply Quote 0
            • D Offline
              DæmonEyes @thedoorsfanatic
              last edited by Apr 5, 2019, 3:37 PM

              @thedoorsfanatic Just gave it a go in both the MM directory as well as in general

              0_1554478608092_20190405_103411.jpg

              1 Reply Last reply Reply Quote 0
              • 1 / 1
              1 / 1
              • First post
                6/6
                Last post
              Enjoying MagicMirror? Please consider a donation!
              MagicMirror created by Michael Teeuw.
              Forum managed by Sam, technical setup by Karsten.
              This forum is using NodeBB as its core | Contributors
              Contact | Privacy Policy