From youtube - NRLINT: Sorry?

General
1

I've watched the clip and NRLINT is mentioned as a new tool.
6:50 into the clip

Sorry, but to me it is a bit vague. Where to find it and how to get it.

Looking: It is not a node, I can't find it in the library.
So how are you supposed to use it - or even find it?

Thanks in advance.
(Current version NR 2.0.1)

2

It's mentioned in the NR 2 blog post, and at https://github.com/node-red/nrlint

1 Like
3

Ok, it is SOLVED but I am not happy seeing this when I install lint.

npm install nrlint
npm WARN ts-lib-utils@2.2.0 requires a peer of typescript@2 || 3 but none is installed. You must install peer dependencies yourself.
npm WARN tsutils@3.17.1 requires a peer of typescript@>=2.8.0 || >= 3.2.0-dev || >= 3.3.0-dev || >= 3.4.0-dev || >= 3.5.0-dev || >= 3.6.0-dev || >= 3.6.0-beta || >= 3.7.0-dev || >= 3.7.0-beta but none is installed. You must install peer dependencies yourself.
npm WARN type-coverage-core@2.4.1 requires a peer of typescript@2 || 3 but none is installed. You must install peer dependencies yourself.
npm WARN xterm-addon-fit@0.3.0 requires a peer of xterm@^4.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN node-red-project@0.0.1 No repository field.
npm WARN node-red-project@0.0.1 No license field.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

+ nrlint@1.0.2
added 60 packages from 37 contributors and audited 915 packages in 14.69s

32 packages are looking for funding
  run `npm fund` for details

found 77 vulnerabilities (32 low, 14 moderate, 28 high, 3 critical)
  run `npm audit fix` to fix them, or `npm audit` for details

Should I be worried?

4

Obviously I have a different (smaller) set of packages to yours.
I didn't get any warnings when installing nrlint, nor did it introduce any new npm audit issues.
It does seem to be a good idea to run npm audit fix from time to time.
The only issue I can't resolve is with the minimist package in node-red-node-email

5

If you want to run audit fix as @jbudd suggests then backup your .node-red folder first (I am sure I didn't need to mention that as everyone backs it up regularly anyway). If the updates mess something up then you can get back to where you were by replacing package-lock.json with the original, removing the node_modules folder and running npm install.

6

@Trying_to_learn to be very frank - if your device is running on your local network with nothing outside your network able to access it, then it is unlikely that any of those audit warnings pose any real threat.

There is, however, a real chance that you'll break something whilst trying to tidy up the warnings... so as Colin says, back up before you start playing... or better yet, ignore the warnings.

1 Like
7

@knolleary can you confirm my reading of the docs that it will only update dependencies within the version range specified by the node requiring it, so in theory it should not break anything, as it should install the same versions as it would if you uninstalled a node and then re-installed it. Theory is not necessarily the same as practice of course.

8

Thanks Nick and Colin.

Sorry, if I seem worried to the point of panic. But I am only trying to be a good computer owner and keep things right.

Yes it is all a local thing, but if I don't install/fix the problems I am torn between it causing/instilling complacency by not doing them.

I'll think about it. Though again: thanks.

9

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.