Closed Hunter00712 closed 2 months ago
Hi,
The vulnerabilities are on packages used on the service that you use to generate the base config, as its just a thing that you turn on once to get the access_token, and its not a pubic server its a non-issue, still, I will change the version (pr dep) to another version.
I do not recommend just copying and pasting the entire default config, as everything listed there is just default, you should use the Auth Service (as described here) to create the base config with your spotify credentials, then if you want to change a setting you just add that entry
{
/* Don't share your credentials! */
module: "MMM-OnSpotify",
position: "bottom_right", /* bottom_left, bottom_center */
config: {
clientID: "key" /* <------------------- Missing comma here */
clientSecret: "key" /* <------------------- Missing comma here */
accessToken: "key" /*<------------------- Missing comma here */
refreshToken: "key" /* <------------------- Missing comma here */
/* Add here your theming and behaviour configurations */
// General module options [SEE BELOW]
advertisePlayerTheme: true,
Description: While attempting to install and configure MagicMirror for university purposes, I encountered two issues. Firstly, during the installation process, I faced security vulnerabilities. Secondly, a syntax error in the configuration file prevented MagicMirror from starting properly.
Steps to Reproduce:
Tried to install MagicMirror for university use, encountering the following issue:
Despite the listed security vulnerabilities, attempted to proceed with the installation.
After installation, MagicMirror failed to start. The following error message was displayed:
Expected Behavior: I expected MagicMirror to install and start successfully without encountering security vulnerabilities or failing due to syntax errors in the configuration file.
Additional Information:
Configuration File (config.js):
/ DO NOT EDIT THE LINE BELOW / if (typeof module !== "undefined") { module.exports = config; }