• Recent
  • Tags
  • Unsolved
  • Solved
  • MagicMirror² Repository
  • Documentation
  • 3rd-Party-Modules
  • Donate
  • Discord
  • Register
  • Login
MagicMirror Forum
  • Recent
  • Tags
  • Unsolved
  • Solved
  • MagicMirror² Repository
  • Documentation
  • 3rd-Party-Modules
  • Donate
  • Discord
  • Register
  • Login
A New Chapter for MagicMirror: The Community Takes the Lead
Read the statement by Michael Teeuw here.

Need Help - Absolute Beginner - Code Posted!

Scheduled Pinned Locked Moved Troubleshooting
20 Posts 3 Posters 1.8k Views 3 Watching
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B Offline
    bumrocks
    last edited by bumrocks May 31, 2020, 8:43 PM May 31, 2020, 8:37 PM

    This is on a fresh Rasbian w/Desktop install and Node v10 install on a Rasberry Pi 4, as per the manual install directions. I just completed the Magic Mirror 2 install but it makes the following statement at end of install…

    MagicMirror installation finished successfully! 
    
    npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.2 (node_modules/fsevents):
    npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.2: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"arm"})
    
    added 1052 packages from 1150 contributors and audited 1054 packages in 1236.54s
    
    75 packages are looking for funding
      run `npm fund` for details
    
    found 25 vulnerabilities (23 low, 2 moderate)
      run `npm audit fix` to fix them, or `npm audit` for details
    
    

    ^ Above is the part that worries me…Thank you for any help and suggestions!

    Edit: I just viewed the funding part and originally did not expect 75 different app contributors and believe it was in reference to actual funding…So, my concern is just in regards to the vulnerabilities…I will post an audit of them in just a minute…

    S 2 Replies Last reply May 31, 2020, 8:41 PM Reply Quote 0
    • S Away
      sdetweil @bumrocks
      last edited by May 31, 2020, 8:41 PM

      @bumrocks yes, just a warning… nothing u can do about it…

      should use the installer script from here
      https://github.com/sdetweil/MagicMirror_scripts

      Sam

      How to add modules

      learning how to use browser developers window for css changes

      B 1 Reply Last reply May 31, 2020, 8:47 PM Reply Quote 0
      • S Away
        sdetweil @bumrocks
        last edited by May 31, 2020, 8:44 PM

        @bumrocks as I said, nothing u can do… u can run audit fix, and u might get better, or might end with it not running…

        many of the ‘fixes’ require breaking changes…

        Sam

        How to add modules

        learning how to use browser developers window for css changes

        1 Reply Last reply Reply Quote 0
        • B Offline
          bumrocks @sdetweil
          last edited by May 31, 2020, 8:47 PM

          @sdetweil
          Thank you for such a quick response! Going by magicmirrors.builders installation guidelines I was scared out of using any scripts and opted to go the manual route as it was the only way that was technically supported, at least by Michael and his “team”…At this point are you recommending I wipe my current install and use the script you recommend? Does it include Node v10 and I therefore need to wipe it too?

          S 1 Reply Last reply May 31, 2020, 8:51 PM Reply Quote 0
          • S Away
            sdetweil @bumrocks
            last edited by May 31, 2020, 8:51 PM

            @bumrocks my scripts are listed as ‘alternative’ right below
            it also uses node 10, and would have installed for you … also fixes some odds and ends
            you can go ahead, or rename you magicmirror folder to some other name and run the script…
            it will also setup pm2 for restart after boot and disable screensaver (if u say yes at the respective prompts)

            Alternative Installation Methods
            The following installation methods are not maintained by the MagicMirror² core team. Use these scripts and methods at your own risk.
            
            #Automatic Installation Scripts
            Sam (@sdetweil, long time contributor of the MagicMirror² framework) maintains a easy to use installation and update script: https://github.com/sdetweil/MagicMirror_scripts
            

            Sam

            How to add modules

            learning how to use browser developers window for css changes

            B 1 Reply Last reply May 31, 2020, 8:55 PM Reply Quote 0
            • B Offline
              bumrocks @sdetweil
              last edited by May 31, 2020, 8:55 PM

              @sdetweil

              Good looking out! And yes, I saw where you were listed as an alternate “authorized” way to install but let the “manual” message put the grip of fear on me, lol! I will do as you suggested and appreciate the help and tips!

              1 Reply Last reply Reply Quote 0
              • B Offline
                BKeyport Module Developer
                last edited by May 31, 2020, 9:58 PM

                vulnerabilities aren’t to be worried about if the project isn’t going to peek out to the internet.

                The "E" in "Javascript" stands for "Easy"

                1 Reply Last reply Reply Quote 0
                • B Offline
                  bumrocks
                  last edited by May 31, 2020, 10:33 PM

                  @BKeyport
                  Which makes perfect sense but I am unclear what exactly might be peeking out if it connects to Internet for calendar stuff (intend to connect Google Calendar), updates for weather, Youtube module, and Amazon Alexa (if module is available)…I assume that all of these are in some way peeking and that most Magic Mirrors do in various ways. But, I am just a noob and can not say with any certainty. At the least, it is a daunting statement using the word “vulnerabilities”.

                  Let me also add, it is quite confusing that the developer and his team recommend doing the manual install but leave out such specifics and how to handle them when they arise. I am not the first or last person to make this attempt with a Rasberry Pi 4 and with me following the directions given within the terminal I still end up with…

                  fixed 15 of 20 vulnerabilities in 1052 scanned packages
                    3 vulnerabilities required manual review and could not be updated
                    2 package updates for 2 vulnerabilities involved breaking changes
                    (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)
                  
                  

                  Which absolutely leaves a noob such as I in a state of confusion as to what to do. Continuing on and leaving that by the wayside I get to the configuration of the config file and low and behold things that the instructions say I can alter or change are not available at all…zoom, electronOptions, & customCss are nonexistent from my config file. I see great care to help absolute beginners in various ways but some of the most basic instructions are either wrong or completely missing. I am thankful, do not get me wrong, for this site, this app, the developers, the input, etc. Figuring out stuff on my own will help me retain the knowledge and only better me in the future but I can’t help but feel bad for those that are less computer savvy as an absolute beginner. Sorry for my slight rant! Not sure why I started on it but my intention is not to be a negative dick. I have spent way more hours and $ on this project that I originally planned or anticipated as I assumed wrongfully that this would be easy. Nobody’s fault but my own.

                  S B 2 Replies Last reply May 31, 2020, 10:44 PM Reply Quote 0
                  • S Away
                    sdetweil @bumrocks
                    last edited by May 31, 2020, 10:44 PM

                    @bumrocks they CAN be altered, but are not there by default… yes, you have to discover them , if u have the need

                    as for the issues and vulnerabilities, they are not in the MM code, but code it uses and that those use… where the MM owners have little to no control (or exposure to the problem)

                    but many of the issues you present are why I built up the installer and updater scripts, to get you up and running, regardless of your platform choice

                    this remains a volunteer project, where, if u are interested you can contribute. It is NOT a ‘product’

                    Sam

                    How to add modules

                    learning how to use browser developers window for css changes

                    B 1 Reply Last reply Jun 6, 2020, 6:22 PM Reply Quote 1
                    • B Offline
                      BKeyport Module Developer @bumrocks
                      last edited by Jun 1, 2020, 1:48 AM

                      @bumrocks In this case, if it’s not serving anything to the public, it’s generally fine. Grabbing things off the internet is usually fine… so, as long as you’re just grabbing things from the net, and it’s webports are not outside, you’re golden.

                      The "E" in "Javascript" stands for "Easy"

                      1 Reply Last reply Reply Quote 0
                      • 1
                      • 2
                      • 1 / 2
                      1 / 2
                      • First post
                        1/20
                        Last post
                      Enjoying MagicMirror? Please consider a donation!
                      MagicMirror created by Michael Teeuw.
                      Forum managed by Sam, technical setup by Karsten.
                      This forum is using NodeBB as its core | Contributors
                      Contact | Privacy Policy