Node-red-dashboard 3.2.2 can´t be installed

Hi,
I can´t install node-red-dashboard 3.2.2:

2022-11-23T17:44:17.583Z Installieren : node-red-dashboard 3.2.2

2022-11-23T17:44:17.319Z npm install --no-audit --no-update-notifier --no-fund --save --save-prefix=~ --production --engine-strict node-red-dashboard@3.2.2
2022-11-23T17:44:18.703Z [err] npm
2022-11-23T17:44:18.704Z [err]  
2022-11-23T17:44:18.705Z [err] WARN config production Use `--omit=dev` instead.
2022-11-23T17:44:29.509Z [err] npm
2022-11-23T17:44:29.509Z [err]  ERR!
2022-11-23T17:44:29.510Z [err]  code
2022-11-23T17:44:29.510Z [err]  ENOTEMPTY
2022-11-23T17:44:29.510Z [err] npm 
2022-11-23T17:44:29.510Z [err] ERR! syscall rename
2022-11-23T17:44:29.511Z [err] npm ERR! path /home/pi/.node-red/node_modules/node-red-dashboard
2022-11-23T17:44:29.511Z [err] npm 
2022-11-23T17:44:29.511Z [err] ERR! dest /home/pi/.node-red/node_modules/.node-red-dashboard-LM9EixDS
2022-11-23T17:44:29.511Z [err] npm 
2022-11-23T17:44:29.512Z [err] ERR! errno -39
2022-11-23T17:44:29.515Z [err] npm ERR!
2022-11-23T17:44:29.515Z [err]  ENOTEMPTY: directory not empty, rename '/home/pi/.node-red/node_modules/node-red-dashboard' -> '/home/pi/.node-red/node_modules/.node-red-dashboard-LM9EixDS'
2022-11-23T17:44:29.518Z [err] 
2022-11-23T17:44:29.519Z [err] npm 
2022-11-23T17:44:29.519Z [err] ERR! A complete log of this run can be found in:
2022-11-23T17:44:29.519Z [err] npm ERR!     /home/pi/.npm/_logs/2022-11-23T17_44_18_635Z-debug-0.log
2022-11-23T17:44:29.541Z rc=217

I don't dare to just rename something.
I´ve updated dashboard several times without any problem.

This is an npm error that pops up occasionally. Delete the folder /home/pi/.node-red/node_modules/.node-red-dashboard-LM9EixDS and try again. If you get further similar messages delete those too.

I´ve tried on 2 systems:

2022-11-23T18:08:11.311Z Installieren : node-red-dashboard 3.2.2

2022-11-23T18:08:11.025Z npm install --no-audit --no-update-notifier --no-fund --save --save-prefix=~ --production --engine-strict node-red-dashboard@3.2.2
2022-11-23T18:08:12.245Z [err] npm
2022-11-23T18:08:12.245Z [err]  WARN
2022-11-23T18:08:12.246Z [err]  config production Use `--omit=dev` instead.
2022-11-23T18:08:20.150Z [err] npm WARN deprecated @npmcli/move-file@1.1.2: This functionality has been moved to @npmcli/fs

the waiting animation runs infinitely / cpu load stays high :unamused:

:thinking: after reboot Node-Red says 3.2.2

maybe the solution is
a) delete the folder
b) reboot
c) try again to update the dashboard

Hi - I have just republished v3.2.3 that doesn't have some dev libraries cruft in there - so should install much more quickly... and hopefully less error prone.

2022-11-23T21:00:32.995Z Installieren : node-red-dashboard 3.2.3

2022-11-23T21:00:32.756Z npm install --no-audit --no-update-notifier --no-fund --save --save-prefix=~ --production --engine-strict node-red-dashboard@3.2.3
2022-11-23T21:00:34.221Z [err] npm WARN config production Use `--omit=dev` instead.
2022-11-23T21:00:38.120Z [err] npm ERR! code ENOTEMPTY
2022-11-23T21:00:38.120Z [err] npm ERR! syscall rename
2022-11-23T21:00:38.120Z [err] npm ERR! path /home/pi/.node-red/node_modules/abbrev
2022-11-23T21:00:38.120Z [err] npm ERR! dest /home/pi/.node-red/node_modules/.abbrev-4PLYnPj8
2022-11-23T21:00:38.120Z [err] npm ERR! errno -39
2022-11-23T21:00:38.120Z [err] npm ERR! ENOTEMPTY: directory not empty, rename '/home/pi/.node-red/node_modules/abbrev' -> '/home/pi/.node-red/node_modules/.abbrev-4PLYnPj8'
2022-11-23T21:00:38.120Z [err] 
2022-11-23T21:00:38.120Z [err] npm ERR! A complete log of this run can be found in:
2022-11-23T21:00:38.120Z [err] npm ERR!     /home/pi/.npm/_logs/2022-11-23T21_00_34_066Z-debug-0.log
2022-11-23T21:00:38.122Z rc=217

my directory is full of ". x"


and tons of packages:

all necassary for dashboard 3.2.2 ?

Did I destroyed my whole installation just with an update from dashboard ? :rage:

Those are not all related to the dashboard. It is normal to have lots there. You can safely delete all the .* files. They should not be there.
Also, even if you do mess up your node_modules folder it is easy to recover it. You can delete it and go into the .node-red folder and run
npm install
to rebuild it.

ok, now the dashboard is killed.
I deleted all ". xxx"
I even can´t install dashboard again.

Do you mean 3.2.3?
Go into your .node-red folder and run
npm install node-red-dashboard
and post the output here please.

I´ve deleted the whole folder, stopped Node-Red and "npm install" - all done, with node-red-dashboard 3.2.0 :+1:

It installed the old version because the file package-lock.json tells npm the exact versions that should currently installed. What happens if you now try to install the latest by
npm install node-red-dashboard@3.2.3
Do that in the .node-red folder

I´ll try.
Can you tell me about this:

added 228 packages, and audited 229 packages in 10s

30 packages are looking for funding
  run `npm fund` for details

7 vulnerabilities (2 low, 3 moderate, 1 high, 1 critical)

To address issues that do not require attention, run:
  npm audit fix

Some issues need review, and may require choosing
a different dependency.

Run `npm audit` for details.

# npm audit report

engine.io  4.0.0 - 6.2.0
Severity: high
Uncaught exception in engine.io  - https://github.com/advisories/GHSA-r7qp-cfhv-p84w
fix available via `npm audit fix`
node_modules/engine.io

got  <11.8.5
Severity: moderate
Got allows a redirect to a UNIX socket - https://github.com/advisories/GHSA-pfrx-2q88-qq97
No fix available
node_modules/got
  public-ip  2.1.0 - 4.0.4
  Depends on vulnerable versions of got
  node_modules/public-ip
    node-red-contrib-ip  *
    Depends on vulnerable versions of public-ip
    node_modules/node-red-contrib-ip

xmldom  *
Severity: critical
Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-5fg8-2547-mr8q
Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-h6q6-9hqw-rwfv
xmldom allows multiple root nodes in a DOM - https://github.com/advisories/GHSA-crh6-fp67-6883
No fix available
node_modules/xmldom
  edimax-smartplug  *
  Depends on vulnerable versions of xmldom
  node_modules/edimax-smartplug
    node-red-contrib-smartplug  *
    Depends on vulnerable versions of edimax-smartplug
    node_modules/node-red-contrib-smartplug

7 vulnerabilities (2 low, 3 moderate, 1 high, 1 critical)

To address issues that do not require attention, run:
  npm audit fix

Some issues need review, and may require choosing
a different dependency.

nothing:

pi@ubuntu:~/.node-red$ npm install node-red-dashboard@3.2.3

changed 1 package, and audited 259 packages in 4s

47 packages are looking for funding
  run `npm fund` for details

4 vulnerabilities (3 moderate, 1 high)

To address issues that do not require attention, run:
  npm audit fix

Some issues need review, and may require choosing
a different dependency.

Run `npm audit` for details.

stays at 3.2.0

Don't do that, it may install versions of packages which nodes have not been tested with.

As for the vulnerabilities it is not an issue unless your node-red is open to the internet. I don't worry about it, I assume that if there were any significant issues then the core team would be on it.

I do notice, though, that one of them is in node-red-contrib-ip appears to be unsupported and this issue suggests it may not do what you want (though this depends on what you need). Data seems retained until flow deploy/restart · Issue #103 · okhiroyuki/node-red-contrib-ip · GitHub

I restarted Node-Red and now it shows 3.2.3 :+1:

Yeah, I thought not to do "npm audit fix" :grinning:

contrib-ip works for me, it grabs my IPv6 Previx.

1 Like