I’ve tried this before with 5.x and 6.x with huge failures, but 8.x somehow magically works like one could only dream.
I’m updating all the documentation to reflect this new adoption of 8.x, which I fully expect to work as well as 4.x if not better, based on the test suites having run ridiculously cleanly. However, should issues exist that I haven’t created tests for, here is where I’d love to hear from it. Please do provide any /var/log/mineos.logs you might have, and any errors that npm install outputs.
Hopefully this will go nice and smoothly.
Anywhere where I have scripts that download 4.x, please let me know where they exist (they should all be updated), same with any documentation that suggests 4.x instead of 8.x Thanks for all your help!
After upgrading node, you’ll want to reset the scripts. The step rm -rf node_modules clears out a number of modues (namely posix, userid) that actually compile, rather than just download.
It probably would suffice to just do npm install, but seeing as how it’s a fresh node install, and how deleting node_modules is pretty much entirely safe, I figure we might as well just ensure no cruft sticks around.
Just a heads up MineOS node dependencies have some security issues that need to be addressed in the near future. For reference during the install of MineOS an audit is done displaying those vulnerabilities.
Indeed, I’ve been really bad about this. Just now I pushed a new updated that emcompasses npm modules recommended by npm audit fix. Most, but not all, are resolved, getting rid of at least 90% of the reported issues.
The last remaining issues require an updated to socket.io–a major revision and expects to break other packages’ operability. This should hopefully help quell some fears about running the server from a security standpoint, but the socket.io issue is likely unfixable at this point and would require a non-trivial amount of update to the codebase.
npm audit fix – command I used and can be used freely in the future. npm audit fix ensures it’s only security/minor revisions get upped, so it can be done at any time, even if I fail to update the package manifest manually and up it to git.