NEWS
Error 25 bei Adapterupdates nach Node.JS 16.15.1 Update
Error/Bug
169
Beiträge
15
Kommentatoren
24.2k
Aufrufe
12
Watching
-
@taba_luga sagte in Error 25 bei Adapterupdates nach Node.JS 16.15.1 Update:
Was kann ich tun, um die Fehler zu beheben?
Verzeichnisse umbenennen.
Und das node16-Repository nochmal anlegen oder die nodesource.list bearbeiten. Das fehlt bei dir und das node16-Paket hängt gerade in der Luft.@thomas-braun
Die Verzeichnisse sind umbenannt. Jetzt lautet die Fehlermeldung:iobroker upgrade info --debug Installation broken or unknown objects type: jsonl configured.Was meinst du genau mit:
Und das node16-Repository nochmal anlegen oder die nodesource.list bearbeiten.
Was muss ich hier genau machen? Entschuldige bitte, ich bin nicht der Linux Profi. ;-)
-
@thomas-braun
Die Verzeichnisse sind umbenannt. Jetzt lautet die Fehlermeldung:iobroker upgrade info --debug Installation broken or unknown objects type: jsonl configured.Was meinst du genau mit:
Und das node16-Repository nochmal anlegen oder die nodesource.list bearbeiten.
Was muss ich hier genau machen? Entschuldige bitte, ich bin nicht der Linux Profi. ;-)
Schau in meiner Signatur, da erkläre ich wie man mit Repos anlegt, insbesondere das nodesource/nodejs-Repository.
In deiner nodesource.list fehlt eine Zeile die sich auf node16 bezieht
-
@thomas-braun
Die Verzeichnisse sind umbenannt. Jetzt lautet die Fehlermeldung:iobroker upgrade info --debug Installation broken or unknown objects type: jsonl configured.Was meinst du genau mit:
Und das node16-Repository nochmal anlegen oder die nodesource.list bearbeiten.
Was muss ich hier genau machen? Entschuldige bitte, ich bin nicht der Linux Profi. ;-)
-
-
iobroker update -i Installation broken or unknown objects type: jsonl configured.Mehr nicht? Bitte besser die kompletten Ein- und Ausgabezeilen zeigen, dann kann man das besser einordnen.
iobroker status iobroker list instances iobroker list adapters -
Mehr nicht? Bitte besser die kompletten Ein- und Ausgabezeilen zeigen, dann kann man das besser einordnen.
iobroker status iobroker list instances iobroker list adapters@thomas-braun mehr wird nicht in der Console angezeigt:
xx@iobroker-prod:~$ iobroker update -i Installation broken or unknown objects type: jsonl configured. xx@iobroker-prod:~$ iobroker list instances Installation broken or unknown objects type: jsonl configured. xx@iobroker-prod:~$ iobroker list adapters Installation broken or unknown objects type: jsonl configured. xx@iobroker-prod:~$ -
@thomas-braun mehr wird nicht in der Console angezeigt:
xx@iobroker-prod:~$ iobroker update -i Installation broken or unknown objects type: jsonl configured. xx@iobroker-prod:~$ iobroker list instances Installation broken or unknown objects type: jsonl configured. xx@iobroker-prod:~$ iobroker list adapters Installation broken or unknown objects type: jsonl configured. xx@iobroker-prod:~$Installier den js-controller nochmal drüber
-
@thomas-braun mehr wird nicht in der Console angezeigt:
xx@iobroker-prod:~$ iobroker update -i Installation broken or unknown objects type: jsonl configured. xx@iobroker-prod:~$ iobroker list instances Installation broken or unknown objects type: jsonl configured. xx@iobroker-prod:~$ iobroker list adapters Installation broken or unknown objects type: jsonl configured. xx@iobroker-prod:~$@taba_luga xx ist auch ein einfallsreicher Username :joy:
-
Installier den js-controller nochmal drüber
xx@iobroker-prod:~$ npm install iobroker.js-controller npm WARN deprecated har-validator@5.1.5: this library is no longer supported npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details. npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142 added 309 packages, and audited 310 packages in 1m 18 packages are looking for funding run `npm fund` for details 4 vulnerabilities (3 moderate, 1 high) To address all issues, run: npm audit fix Run `npm audit` for details. xx@iobroker-prod:~$und hier npm audit und npm audit --force
xx@iobroker-prod:~$ npm audit # npm audit report node-forge <=1.2.1 Severity: high Open Redirect in node-forge - https://github.com/advisories/GHSA-8fr3-hfg3-gpgp Prototype Pollution in node-forge debug API. - https://github.com/advisories/GHSA-5rrq-pxf6-6jx5 Prototype Pollution in node-forge util.setPath API - https://github.com/advisories/GHSA-wxgw-qj99-44c2 URL parsing in node-forge could lead to undesired behavior. - https://github.com/advisories/GHSA-gf8q-jrpm-jvxq Prototype Pollution in node-forge - https://github.com/advisories/GHSA-92xj-mqp7-vmcj Improper Verification of Cryptographic Signature in `node-forge` - https://github.com/advisories/GHSA-2r2c-g63r-vccr Improper Verification of Cryptographic Signature in node-forge - https://github.com/advisories/GHSA-x4jg-mjrx-434g Improper Verification of Cryptographic Signature in node-forge - https://github.com/advisories/GHSA-cfm4-qjh2-4765 fix available via `npm audit fix --force` Will install iobroker.js-controller@1.5.3, which is a breaking change node_modules/rsa-compat/node_modules/node-forge rsa-compat <=1.9.4 Depends on vulnerable versions of node-forge node_modules/rsa-compat le-acme-core * Depends on vulnerable versions of rsa-compat node_modules/le-acme-core iobroker.js-controller >=1.5.4 Depends on vulnerable versions of le-acme-core node_modules/iobroker.js-controller 4 vulnerabilities (3 moderate, 1 high) To address all issues (including breaking changes), run: npm audit fix --force xx@iobroker-prod:~$ npm audit fix --force npm WARN using --force Recommended protections disabled. npm WARN audit Updating iobroker.js-controller to 1.5.3,which is a SemVer major change. npm WARN deprecated json3@3.3.2: Please use the native JSON object instead of JSON 3 npm WARN deprecated mkdirp@0.5.1: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.) added 173 packages, removed 145 packages, changed 48 packages, and audited 334 packages in 51s 13 packages are looking for funding run `npm fund` for details # npm audit report debug <2.6.9 Regular Expression Denial of Service in debug - https://github.com/advisories/GHSA-gxpj-cx7g-858c fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/engine.io-client/node_modules/debug node_modules/engine.io/node_modules/debug node_modules/socket.io-adapter/node_modules/debug node_modules/socket.io-client/node_modules/debug node_modules/socket.io-parser/node_modules/debug node_modules/socket.io/node_modules/debug engine.io <=4.0.0-alpha.1 Depends on vulnerable versions of debug Depends on vulnerable versions of ws node_modules/engine.io socket.io <=2.4.1 Depends on vulnerable versions of debug Depends on vulnerable versions of engine.io Depends on vulnerable versions of socket.io-adapter Depends on vulnerable versions of socket.io-client Depends on vulnerable versions of socket.io-parser node_modules/socket.io iobroker.js-controller <=2.1.1 Depends on vulnerable versions of redis Depends on vulnerable versions of socket.io Depends on vulnerable versions of socket.io-client Depends on vulnerable versions of winston-daily-rotate-file Depends on vulnerable versions of yargs node_modules/iobroker.js-controller engine.io-client <=3.3.2 || 3.4.0 - 3.5.1 || 4.0.0-alpha.0 - 4.1.3 Depends on vulnerable versions of debug Depends on vulnerable versions of parsejson Depends on vulnerable versions of ws Depends on vulnerable versions of xmlhttprequest-ssl node_modules/engine.io-client socket.io-client 1.0.0-pre - 2.1.1 || 2.3.0 - 2.3.1 || 3.0.0-rc1 - 3.0.5 Depends on vulnerable versions of debug Depends on vulnerable versions of engine.io-client Depends on vulnerable versions of socket.io-parser node_modules/socket.io-client socket.io-adapter <=1.1.0 Depends on vulnerable versions of debug Depends on vulnerable versions of socket.io-parser node_modules/socket.io-adapter socket.io-parser <=3.3.1 Depends on vulnerable versions of debug node_modules/socket.io-parser minimist <=1.2.5 Severity: critical Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h Prototype Pollution in minimist - https://github.com/advisories/GHSA-vh95-rmgr-6w4m fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/winston-daily-rotate-file/node_modules/minimist mkdirp 0.4.1 - 0.5.1 Depends on vulnerable versions of minimist node_modules/winston-daily-rotate-file/node_modules/mkdirp winston-daily-rotate-file 1.7.0 - 1.7.2 Depends on vulnerable versions of mkdirp node_modules/winston-daily-rotate-file parsejson * Severity: high Regular Expression Denial of Service in parsejson - https://github.com/advisories/GHSA-q75g-2496-mxpp fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/parsejson redis 2.6.0 - 3.1.0 Severity: high Potential exponential regex in monitor mode - https://github.com/advisories/GHSA-35q2-47q7-3pc3 fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/redis ws <=1.1.4 Severity: high Denial of Service in ws - https://github.com/advisories/GHSA-5v72-xg48-5rpm fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/engine.io-client/node_modules/ws node_modules/engine.io/node_modules/ws xmlhttprequest-ssl <=1.6.1 Severity: critical Improper Certificate Validation in xmlhttprequest-ssl - https://github.com/advisories/GHSA-72mh-269x-7mh5 Arbitrary Code Injection - https://github.com/advisories/GHSA-h4j5-c7cj-74xg fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/xmlhttprequest-ssl yargs-parser 6.0.0 - 13.1.1 Severity: moderate Prototype Pollution in yargs-parser - https://github.com/advisories/GHSA-p9pc-299p-vxgp fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/yargs-parser yargs 8.0.0-candidate.0 - 12.0.5 Depends on vulnerable versions of yargs-parser node_modules/yargs 17 vulnerabilities (1 low, 4 moderate, 8 high, 4 critical) To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force xx@iobroker-prod:~$Das hat leider zu keiner Verbesserung geführt
-
xx@iobroker-prod:~$ npm install iobroker.js-controller npm WARN deprecated har-validator@5.1.5: this library is no longer supported npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details. npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142 added 309 packages, and audited 310 packages in 1m 18 packages are looking for funding run `npm fund` for details 4 vulnerabilities (3 moderate, 1 high) To address all issues, run: npm audit fix Run `npm audit` for details. xx@iobroker-prod:~$und hier npm audit und npm audit --force
xx@iobroker-prod:~$ npm audit # npm audit report node-forge <=1.2.1 Severity: high Open Redirect in node-forge - https://github.com/advisories/GHSA-8fr3-hfg3-gpgp Prototype Pollution in node-forge debug API. - https://github.com/advisories/GHSA-5rrq-pxf6-6jx5 Prototype Pollution in node-forge util.setPath API - https://github.com/advisories/GHSA-wxgw-qj99-44c2 URL parsing in node-forge could lead to undesired behavior. - https://github.com/advisories/GHSA-gf8q-jrpm-jvxq Prototype Pollution in node-forge - https://github.com/advisories/GHSA-92xj-mqp7-vmcj Improper Verification of Cryptographic Signature in `node-forge` - https://github.com/advisories/GHSA-2r2c-g63r-vccr Improper Verification of Cryptographic Signature in node-forge - https://github.com/advisories/GHSA-x4jg-mjrx-434g Improper Verification of Cryptographic Signature in node-forge - https://github.com/advisories/GHSA-cfm4-qjh2-4765 fix available via `npm audit fix --force` Will install iobroker.js-controller@1.5.3, which is a breaking change node_modules/rsa-compat/node_modules/node-forge rsa-compat <=1.9.4 Depends on vulnerable versions of node-forge node_modules/rsa-compat le-acme-core * Depends on vulnerable versions of rsa-compat node_modules/le-acme-core iobroker.js-controller >=1.5.4 Depends on vulnerable versions of le-acme-core node_modules/iobroker.js-controller 4 vulnerabilities (3 moderate, 1 high) To address all issues (including breaking changes), run: npm audit fix --force xx@iobroker-prod:~$ npm audit fix --force npm WARN using --force Recommended protections disabled. npm WARN audit Updating iobroker.js-controller to 1.5.3,which is a SemVer major change. npm WARN deprecated json3@3.3.2: Please use the native JSON object instead of JSON 3 npm WARN deprecated mkdirp@0.5.1: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.) added 173 packages, removed 145 packages, changed 48 packages, and audited 334 packages in 51s 13 packages are looking for funding run `npm fund` for details # npm audit report debug <2.6.9 Regular Expression Denial of Service in debug - https://github.com/advisories/GHSA-gxpj-cx7g-858c fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/engine.io-client/node_modules/debug node_modules/engine.io/node_modules/debug node_modules/socket.io-adapter/node_modules/debug node_modules/socket.io-client/node_modules/debug node_modules/socket.io-parser/node_modules/debug node_modules/socket.io/node_modules/debug engine.io <=4.0.0-alpha.1 Depends on vulnerable versions of debug Depends on vulnerable versions of ws node_modules/engine.io socket.io <=2.4.1 Depends on vulnerable versions of debug Depends on vulnerable versions of engine.io Depends on vulnerable versions of socket.io-adapter Depends on vulnerable versions of socket.io-client Depends on vulnerable versions of socket.io-parser node_modules/socket.io iobroker.js-controller <=2.1.1 Depends on vulnerable versions of redis Depends on vulnerable versions of socket.io Depends on vulnerable versions of socket.io-client Depends on vulnerable versions of winston-daily-rotate-file Depends on vulnerable versions of yargs node_modules/iobroker.js-controller engine.io-client <=3.3.2 || 3.4.0 - 3.5.1 || 4.0.0-alpha.0 - 4.1.3 Depends on vulnerable versions of debug Depends on vulnerable versions of parsejson Depends on vulnerable versions of ws Depends on vulnerable versions of xmlhttprequest-ssl node_modules/engine.io-client socket.io-client 1.0.0-pre - 2.1.1 || 2.3.0 - 2.3.1 || 3.0.0-rc1 - 3.0.5 Depends on vulnerable versions of debug Depends on vulnerable versions of engine.io-client Depends on vulnerable versions of socket.io-parser node_modules/socket.io-client socket.io-adapter <=1.1.0 Depends on vulnerable versions of debug Depends on vulnerable versions of socket.io-parser node_modules/socket.io-adapter socket.io-parser <=3.3.1 Depends on vulnerable versions of debug node_modules/socket.io-parser minimist <=1.2.5 Severity: critical Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h Prototype Pollution in minimist - https://github.com/advisories/GHSA-vh95-rmgr-6w4m fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/winston-daily-rotate-file/node_modules/minimist mkdirp 0.4.1 - 0.5.1 Depends on vulnerable versions of minimist node_modules/winston-daily-rotate-file/node_modules/mkdirp winston-daily-rotate-file 1.7.0 - 1.7.2 Depends on vulnerable versions of mkdirp node_modules/winston-daily-rotate-file parsejson * Severity: high Regular Expression Denial of Service in parsejson - https://github.com/advisories/GHSA-q75g-2496-mxpp fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/parsejson redis 2.6.0 - 3.1.0 Severity: high Potential exponential regex in monitor mode - https://github.com/advisories/GHSA-35q2-47q7-3pc3 fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/redis ws <=1.1.4 Severity: high Denial of Service in ws - https://github.com/advisories/GHSA-5v72-xg48-5rpm fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/engine.io-client/node_modules/ws node_modules/engine.io/node_modules/ws xmlhttprequest-ssl <=1.6.1 Severity: critical Improper Certificate Validation in xmlhttprequest-ssl - https://github.com/advisories/GHSA-72mh-269x-7mh5 Arbitrary Code Injection - https://github.com/advisories/GHSA-h4j5-c7cj-74xg fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/xmlhttprequest-ssl yargs-parser 6.0.0 - 13.1.1 Severity: moderate Prototype Pollution in yargs-parser - https://github.com/advisories/GHSA-p9pc-299p-vxgp fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/yargs-parser yargs 8.0.0-candidate.0 - 12.0.5 Depends on vulnerable versions of yargs-parser node_modules/yargs 17 vulnerabilities (1 low, 4 moderate, 8 high, 4 critical) To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force xx@iobroker-prod:~$Das hat leider zu keiner Verbesserung geführt
@taba_luga sagte in Error 25 bei Adapterupdates nach Node.JS 16.15.1 Update:
und hier npm audit und npm audit --force
wieso machst du so etwas?
-
@taba_luga sagte in Error 25 bei Adapterupdates nach Node.JS 16.15.1 Update:
und hier npm audit und npm audit --force
wieso machst du so etwas?
-
xx@iobroker-prod:~$ npm install iobroker.js-controller npm WARN deprecated har-validator@5.1.5: this library is no longer supported npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details. npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142 added 309 packages, and audited 310 packages in 1m 18 packages are looking for funding run `npm fund` for details 4 vulnerabilities (3 moderate, 1 high) To address all issues, run: npm audit fix Run `npm audit` for details. xx@iobroker-prod:~$und hier npm audit und npm audit --force
xx@iobroker-prod:~$ npm audit # npm audit report node-forge <=1.2.1 Severity: high Open Redirect in node-forge - https://github.com/advisories/GHSA-8fr3-hfg3-gpgp Prototype Pollution in node-forge debug API. - https://github.com/advisories/GHSA-5rrq-pxf6-6jx5 Prototype Pollution in node-forge util.setPath API - https://github.com/advisories/GHSA-wxgw-qj99-44c2 URL parsing in node-forge could lead to undesired behavior. - https://github.com/advisories/GHSA-gf8q-jrpm-jvxq Prototype Pollution in node-forge - https://github.com/advisories/GHSA-92xj-mqp7-vmcj Improper Verification of Cryptographic Signature in `node-forge` - https://github.com/advisories/GHSA-2r2c-g63r-vccr Improper Verification of Cryptographic Signature in node-forge - https://github.com/advisories/GHSA-x4jg-mjrx-434g Improper Verification of Cryptographic Signature in node-forge - https://github.com/advisories/GHSA-cfm4-qjh2-4765 fix available via `npm audit fix --force` Will install iobroker.js-controller@1.5.3, which is a breaking change node_modules/rsa-compat/node_modules/node-forge rsa-compat <=1.9.4 Depends on vulnerable versions of node-forge node_modules/rsa-compat le-acme-core * Depends on vulnerable versions of rsa-compat node_modules/le-acme-core iobroker.js-controller >=1.5.4 Depends on vulnerable versions of le-acme-core node_modules/iobroker.js-controller 4 vulnerabilities (3 moderate, 1 high) To address all issues (including breaking changes), run: npm audit fix --force xx@iobroker-prod:~$ npm audit fix --force npm WARN using --force Recommended protections disabled. npm WARN audit Updating iobroker.js-controller to 1.5.3,which is a SemVer major change. npm WARN deprecated json3@3.3.2: Please use the native JSON object instead of JSON 3 npm WARN deprecated mkdirp@0.5.1: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.) added 173 packages, removed 145 packages, changed 48 packages, and audited 334 packages in 51s 13 packages are looking for funding run `npm fund` for details # npm audit report debug <2.6.9 Regular Expression Denial of Service in debug - https://github.com/advisories/GHSA-gxpj-cx7g-858c fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/engine.io-client/node_modules/debug node_modules/engine.io/node_modules/debug node_modules/socket.io-adapter/node_modules/debug node_modules/socket.io-client/node_modules/debug node_modules/socket.io-parser/node_modules/debug node_modules/socket.io/node_modules/debug engine.io <=4.0.0-alpha.1 Depends on vulnerable versions of debug Depends on vulnerable versions of ws node_modules/engine.io socket.io <=2.4.1 Depends on vulnerable versions of debug Depends on vulnerable versions of engine.io Depends on vulnerable versions of socket.io-adapter Depends on vulnerable versions of socket.io-client Depends on vulnerable versions of socket.io-parser node_modules/socket.io iobroker.js-controller <=2.1.1 Depends on vulnerable versions of redis Depends on vulnerable versions of socket.io Depends on vulnerable versions of socket.io-client Depends on vulnerable versions of winston-daily-rotate-file Depends on vulnerable versions of yargs node_modules/iobroker.js-controller engine.io-client <=3.3.2 || 3.4.0 - 3.5.1 || 4.0.0-alpha.0 - 4.1.3 Depends on vulnerable versions of debug Depends on vulnerable versions of parsejson Depends on vulnerable versions of ws Depends on vulnerable versions of xmlhttprequest-ssl node_modules/engine.io-client socket.io-client 1.0.0-pre - 2.1.1 || 2.3.0 - 2.3.1 || 3.0.0-rc1 - 3.0.5 Depends on vulnerable versions of debug Depends on vulnerable versions of engine.io-client Depends on vulnerable versions of socket.io-parser node_modules/socket.io-client socket.io-adapter <=1.1.0 Depends on vulnerable versions of debug Depends on vulnerable versions of socket.io-parser node_modules/socket.io-adapter socket.io-parser <=3.3.1 Depends on vulnerable versions of debug node_modules/socket.io-parser minimist <=1.2.5 Severity: critical Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h Prototype Pollution in minimist - https://github.com/advisories/GHSA-vh95-rmgr-6w4m fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/winston-daily-rotate-file/node_modules/minimist mkdirp 0.4.1 - 0.5.1 Depends on vulnerable versions of minimist node_modules/winston-daily-rotate-file/node_modules/mkdirp winston-daily-rotate-file 1.7.0 - 1.7.2 Depends on vulnerable versions of mkdirp node_modules/winston-daily-rotate-file parsejson * Severity: high Regular Expression Denial of Service in parsejson - https://github.com/advisories/GHSA-q75g-2496-mxpp fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/parsejson redis 2.6.0 - 3.1.0 Severity: high Potential exponential regex in monitor mode - https://github.com/advisories/GHSA-35q2-47q7-3pc3 fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/redis ws <=1.1.4 Severity: high Denial of Service in ws - https://github.com/advisories/GHSA-5v72-xg48-5rpm fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/engine.io-client/node_modules/ws node_modules/engine.io/node_modules/ws xmlhttprequest-ssl <=1.6.1 Severity: critical Improper Certificate Validation in xmlhttprequest-ssl - https://github.com/advisories/GHSA-72mh-269x-7mh5 Arbitrary Code Injection - https://github.com/advisories/GHSA-h4j5-c7cj-74xg fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/xmlhttprequest-ssl yargs-parser 6.0.0 - 13.1.1 Severity: moderate Prototype Pollution in yargs-parser - https://github.com/advisories/GHSA-p9pc-299p-vxgp fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/yargs-parser yargs 8.0.0-candidate.0 - 12.0.5 Depends on vulnerable versions of yargs-parser node_modules/yargs 17 vulnerabilities (1 low, 4 moderate, 8 high, 4 critical) To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force xx@iobroker-prod:~$Das hat leider zu keiner Verbesserung geführt
@taba_luga hoffe das npm install war im richtigen ordner (/opt/iobroker) und ja audit fix lassen
-
xx@iobroker-prod:~$ npm install iobroker.js-controller npm WARN deprecated har-validator@5.1.5: this library is no longer supported npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details. npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142 added 309 packages, and audited 310 packages in 1m 18 packages are looking for funding run `npm fund` for details 4 vulnerabilities (3 moderate, 1 high) To address all issues, run: npm audit fix Run `npm audit` for details. xx@iobroker-prod:~$und hier npm audit und npm audit --force
xx@iobroker-prod:~$ npm audit # npm audit report node-forge <=1.2.1 Severity: high Open Redirect in node-forge - https://github.com/advisories/GHSA-8fr3-hfg3-gpgp Prototype Pollution in node-forge debug API. - https://github.com/advisories/GHSA-5rrq-pxf6-6jx5 Prototype Pollution in node-forge util.setPath API - https://github.com/advisories/GHSA-wxgw-qj99-44c2 URL parsing in node-forge could lead to undesired behavior. - https://github.com/advisories/GHSA-gf8q-jrpm-jvxq Prototype Pollution in node-forge - https://github.com/advisories/GHSA-92xj-mqp7-vmcj Improper Verification of Cryptographic Signature in `node-forge` - https://github.com/advisories/GHSA-2r2c-g63r-vccr Improper Verification of Cryptographic Signature in node-forge - https://github.com/advisories/GHSA-x4jg-mjrx-434g Improper Verification of Cryptographic Signature in node-forge - https://github.com/advisories/GHSA-cfm4-qjh2-4765 fix available via `npm audit fix --force` Will install iobroker.js-controller@1.5.3, which is a breaking change node_modules/rsa-compat/node_modules/node-forge rsa-compat <=1.9.4 Depends on vulnerable versions of node-forge node_modules/rsa-compat le-acme-core * Depends on vulnerable versions of rsa-compat node_modules/le-acme-core iobroker.js-controller >=1.5.4 Depends on vulnerable versions of le-acme-core node_modules/iobroker.js-controller 4 vulnerabilities (3 moderate, 1 high) To address all issues (including breaking changes), run: npm audit fix --force xx@iobroker-prod:~$ npm audit fix --force npm WARN using --force Recommended protections disabled. npm WARN audit Updating iobroker.js-controller to 1.5.3,which is a SemVer major change. npm WARN deprecated json3@3.3.2: Please use the native JSON object instead of JSON 3 npm WARN deprecated mkdirp@0.5.1: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.) added 173 packages, removed 145 packages, changed 48 packages, and audited 334 packages in 51s 13 packages are looking for funding run `npm fund` for details # npm audit report debug <2.6.9 Regular Expression Denial of Service in debug - https://github.com/advisories/GHSA-gxpj-cx7g-858c fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/engine.io-client/node_modules/debug node_modules/engine.io/node_modules/debug node_modules/socket.io-adapter/node_modules/debug node_modules/socket.io-client/node_modules/debug node_modules/socket.io-parser/node_modules/debug node_modules/socket.io/node_modules/debug engine.io <=4.0.0-alpha.1 Depends on vulnerable versions of debug Depends on vulnerable versions of ws node_modules/engine.io socket.io <=2.4.1 Depends on vulnerable versions of debug Depends on vulnerable versions of engine.io Depends on vulnerable versions of socket.io-adapter Depends on vulnerable versions of socket.io-client Depends on vulnerable versions of socket.io-parser node_modules/socket.io iobroker.js-controller <=2.1.1 Depends on vulnerable versions of redis Depends on vulnerable versions of socket.io Depends on vulnerable versions of socket.io-client Depends on vulnerable versions of winston-daily-rotate-file Depends on vulnerable versions of yargs node_modules/iobroker.js-controller engine.io-client <=3.3.2 || 3.4.0 - 3.5.1 || 4.0.0-alpha.0 - 4.1.3 Depends on vulnerable versions of debug Depends on vulnerable versions of parsejson Depends on vulnerable versions of ws Depends on vulnerable versions of xmlhttprequest-ssl node_modules/engine.io-client socket.io-client 1.0.0-pre - 2.1.1 || 2.3.0 - 2.3.1 || 3.0.0-rc1 - 3.0.5 Depends on vulnerable versions of debug Depends on vulnerable versions of engine.io-client Depends on vulnerable versions of socket.io-parser node_modules/socket.io-client socket.io-adapter <=1.1.0 Depends on vulnerable versions of debug Depends on vulnerable versions of socket.io-parser node_modules/socket.io-adapter socket.io-parser <=3.3.1 Depends on vulnerable versions of debug node_modules/socket.io-parser minimist <=1.2.5 Severity: critical Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h Prototype Pollution in minimist - https://github.com/advisories/GHSA-vh95-rmgr-6w4m fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/winston-daily-rotate-file/node_modules/minimist mkdirp 0.4.1 - 0.5.1 Depends on vulnerable versions of minimist node_modules/winston-daily-rotate-file/node_modules/mkdirp winston-daily-rotate-file 1.7.0 - 1.7.2 Depends on vulnerable versions of mkdirp node_modules/winston-daily-rotate-file parsejson * Severity: high Regular Expression Denial of Service in parsejson - https://github.com/advisories/GHSA-q75g-2496-mxpp fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/parsejson redis 2.6.0 - 3.1.0 Severity: high Potential exponential regex in monitor mode - https://github.com/advisories/GHSA-35q2-47q7-3pc3 fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/redis ws <=1.1.4 Severity: high Denial of Service in ws - https://github.com/advisories/GHSA-5v72-xg48-5rpm fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/engine.io-client/node_modules/ws node_modules/engine.io/node_modules/ws xmlhttprequest-ssl <=1.6.1 Severity: critical Improper Certificate Validation in xmlhttprequest-ssl - https://github.com/advisories/GHSA-72mh-269x-7mh5 Arbitrary Code Injection - https://github.com/advisories/GHSA-h4j5-c7cj-74xg fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/xmlhttprequest-ssl yargs-parser 6.0.0 - 13.1.1 Severity: moderate Prototype Pollution in yargs-parser - https://github.com/advisories/GHSA-p9pc-299p-vxgp fix available via `npm audit fix --force` Will install iobroker.js-controller@4.0.23, which is a breaking change node_modules/yargs-parser yargs 8.0.0-candidate.0 - 12.0.5 Depends on vulnerable versions of yargs-parser node_modules/yargs 17 vulnerabilities (1 low, 4 moderate, 8 high, 4 critical) To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force xx@iobroker-prod:~$Das hat leider zu keiner Verbesserung geführt
@taba_luga sagte in Error 25 bei Adapterupdates nach Node.JS 16.15.1 Update:
Falsches Verzeichnis:
xx@iobroker-prod:~$ npm install iobroker.js-controllerDas hat leider zu keiner Verbesserung geführt
Naja, jetzt hast du es doppelt 'installiert'...
Mach es so:
cd /opt/iobroker sudo -H -u iobroker npm install iobroker.js-controller -
@taba_luga hoffe das npm install war im richtigen ordner (/opt/iobroker) und ja audit fix lassen
@apollon77 ich befürchte nicht... Ich hatte vorher nicht das Verzeichnis gewechselt. Habe ich mir jetzt restlos alles zerschossen? Dann würde ich meinen Snapshot wieder hervor holen und bis zu diesem Punkt erst mal alles wiederholen.
[edit] der Post von @Thomas-Braun hat sich mit meiner Antwort hier überschnitten.
-
@apollon77 ich befürchte nicht... Ich hatte vorher nicht das Verzeichnis gewechselt. Habe ich mir jetzt restlos alles zerschossen? Dann würde ich meinen Snapshot wieder hervor holen und bis zu diesem Punkt erst mal alles wiederholen.
[edit] der Post von @Thomas-Braun hat sich mit meiner Antwort hier überschnitten.
@taba_luga In welchem verzeichnis haste es denn ausgeführt? WEnn in deinem User verzeichnis dann liegt da jetzt nur ein node_modules mit Zeug drin ... löschen und ende
-
@apollon77 ich befürchte nicht... Ich hatte vorher nicht das Verzeichnis gewechselt. Habe ich mir jetzt restlos alles zerschossen? Dann würde ich meinen Snapshot wieder hervor holen und bis zu diesem Punkt erst mal alles wiederholen.
[edit] der Post von @Thomas-Braun hat sich mit meiner Antwort hier überschnitten.
@taba_luga sagte in Error 25 bei Adapterupdates nach Node.JS 16.15.1 Update:
Habe ich mir jetzt restlos alles zerschossen?
Nein, du hast nur den js-controller im /home-Verzeichnis des users xx versenkt.
Aber da den den ja auch dort auditiert und gefixt hast...
...lösch das dort.Die Hauptinstallation immer noch defekt.
-
@taba_luga sagte in Error 25 bei Adapterupdates nach Node.JS 16.15.1 Update:
Falsches Verzeichnis:
xx@iobroker-prod:~$ npm install iobroker.js-controllerDas hat leider zu keiner Verbesserung geführt
Naja, jetzt hast du es doppelt 'installiert'...
Mach es so:
cd /opt/iobroker sudo -H -u iobroker npm install iobroker.js-controller@thomas-braun
jetzt geht der Spaß mit den Ordnern wieder los...xx@iobroker-prod:/opt/iobroker$ sudo -H -u iobroker npm install iobroker.js-controller npm ERR! code ENOTEMPTY npm ERR! syscall rename npm ERR! path /opt/iobroker/node_modules/alexa-cookie2 npm ERR! dest /opt/iobroker/node_modules/.alexa-cookie2-yH4YGJkw npm ERR! errno -39 npm ERR! ENOTEMPTY: directory not empty, rename '/opt/iobroker/node_modules/alexa-cookie2' -> '/opt/iobroker/node_modules/.alexa-cookie2-yH4YGJkw' npm ERR! A complete log of this run can be found in: npm ERR! /home/iobroker/.npm/_logs/2022-06-24T11_45_06_568Z-debug-0.log xx@iobroker-prod:/opt/iobroker$Die benenne ich dann erst mal wieder um und melde mich dann wieder bei euch. Vielen DANK schon mal zwischendurch für euren super Support!!!
-
Moin !
Leider habe auch ich ein kleines Problem. Update nach
https://forum.iobroker.net/topic/44566/how-to-node-js-iobroker-richtig-updaten-2021-22-edition
Danach den berühmten Error 25 bei der Installation von Adaptern. Es geht weder ein Update noch eine Neuinstallation eines Adapters. Nun also hier die Meldung im Forum, da ich nun auch nicht mehr ohne Hilfe weiter komme.
Nach dem Durchlesen hier habe ich mal einige Snapshots gemacht und diese stelle ich hier mit ein. Da der Fehler in der Regel beim User sitzt .............. Es ist ja leider meist so.
Wer mir da helfen kann ......... VG Mathias
-
Moin !
Leider habe auch ich ein kleines Problem. Update nach
https://forum.iobroker.net/topic/44566/how-to-node-js-iobroker-richtig-updaten-2021-22-edition
Danach den berühmten Error 25 bei der Installation von Adaptern. Es geht weder ein Update noch eine Neuinstallation eines Adapters. Nun also hier die Meldung im Forum, da ich nun auch nicht mehr ohne Hilfe weiter komme.
Nach dem Durchlesen hier habe ich mal einige Snapshots gemacht und diese stelle ich hier mit ein. Da der Fehler in der Regel beim User sitzt .............. Es ist ja leider meist so.Wer mir da helfen kann ......... VG Mathias
@nhbischo sagte in Error 25 bei Adapterupdates nach Node.JS 16.15.1 Update:
Wer mir da helfen kann .
keine Screenshots von Text!
Diesen als Text in code-tags posten -
Moin !
Leider habe auch ich ein kleines Problem. Update nach
https://forum.iobroker.net/topic/44566/how-to-node-js-iobroker-richtig-updaten-2021-22-edition
Danach den berühmten Error 25 bei der Installation von Adaptern. Es geht weder ein Update noch eine Neuinstallation eines Adapters. Nun also hier die Meldung im Forum, da ich nun auch nicht mehr ohne Hilfe weiter komme.
Nach dem Durchlesen hier habe ich mal einige Snapshots gemacht und diese stelle ich hier mit ein. Da der Fehler in der Regel beim User sitzt .............. Es ist ja leider meist so.Wer mir da helfen kann ......... VG Mathias
Keine krümeligen Screenshots aus der Konsole.
Als Text in CodeTags eingebettet hier rein.
Support us
837
Online32.4k
Benutzer81.6k
Themen1.3m
Beiträge