settings.js:154: Binding to '0.0.0.0' or '::' can result in a security issue as the reverse proxy and the SSO can be bypassed by knowing a public IP (typically an IPv6) and the app port. lease be sure that this behavior is intentional. Maybe use '127.0.0.1' or '::1' instead.
/** By default, the Node-RED UI accepts connections on all IPv4 interfaces.
* To listen on all IPv6 addresses, set uiHost to "::",
* The following property can be used to listen on a specific interface. For
* example, the following would only allow connections from the local machine.
*/
The problem:
https://ci-apps-dev.yunohost.org/ci/job/13846
The reported code is in fact a comment:
https://github.com/YunoHost-Apps/nodered_ynh/blob/master/conf/settings.js#L153C1-L157C8
The fix
add javascript comment syntax (
/**&*) to the linter logic