Hey guys,
I just installed a fresh Debian 11.5.0 and updated it before.
Then I installed openhabian as written in the docu.
I get an error when I want to install frontail.
2022-11-25_15:11:19_CET [openHABian] Installing openHAB Log Viewer (frontail)… Removing any old installations…
$ npm uninstall -g frontail
removed 1 package, and audited 1 package in 465ms
found 0 vulnerabilities
$ frontail_download /opt
2022-11-25_15:11:19_CET [openHABian] Downloading frontail…
Update…$ update_git_repo /opt/frontail master
2022-11-25_15:11:19_CET [openHABian] Updating frontail, master branch from git…
$ git -C /opt/frontail fetch origin$ git -C /opt/frontail fetch --tags --force --prune
$ git -C /opt/frontail reset --hard origin/master
HEAD is now at 621cda8 Update README.md$ git -C /opt/frontail clean --force -x -d
Removing node_modules/$ git -C /opt/frontail checkout master
Already on ‘master’
Your branch is up to date with ‘origin/master’.
OK
OK$ npm install --force -g
npm WARN using --force Recommended protections disabled.added 1 package, and audited 3 packages in 415ms
found 0 vulnerabilities
$ npm audit fix --force
npm WARN using --force Recommended protections disabled.
npm WARN old lockfile
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile
npm WARN old lockfile This is a one-time fix-up, please be patient…
npm WARN old lockfile
npm WARN audit Updating jsdom to 20.0.3, which is a SemVer major change.
npm WARN audit Updating mocha to 10.1.0, which is a SemVer major change.
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated debug@3.2.6: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (ReDos Vulnerability Regression Visibility Notice · Issue #797 · debug-js/debug · GitHub)
npm WARN deprecated debug@4.1.1: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (ReDos Vulnerability Regression Visibility Notice · Issue #797 · debug-js/debug · GitHub)
npm WARN deprecated formidable@1.2.1: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: formidable/VERSION_NOTES.md at master · node-formidable/formidable · GitHub
npm WARN deprecated uuid@3.3.2: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.0: request has been deprecated, see Request’s Past, Present and Future · Issue #3142 · request/request · GitHub
npm WARN deprecated request@2.88.2: request has been deprecated, see Request’s Past, Present and Future · Issue #3142 · request/request · GitHub
npm WARN deprecated superagent@3.8.3: Please upgrade to v7.0.2+ of superagent. We have fixed numerous issues with streams, form-data, attach(), filesystem errors not bubbling up (ENOENT on attach()), and all tests are now passing. See the releases tab for more information at https://github.com/visionmedia/superagent/releases.
npm WARN deprecated buster-core@0.6.4: No longer maintainedadded 505 packages, and audited 506 packages in 6s
43 packages are looking for funding
runnpm fund
for detailsnpm audit report
engine.io 4.0.0 - 6.2.0
Severity: high
Uncaught exception in engine.io - https://github.com/advisories/GHSA-r7qp-cfhv-p84w
fix available vianpm audit fix --force
Will install socket.io@4.5.4, which is a breaking change
node_modules/engine.io
socket.io 3.0.0-rc1 - 4.4.1
Depends on vulnerable versions of engine.io
node_modules/socket.io2 high severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
FAILED (install)