I recently noticed our custom update-notifier message instructed to update via sudo npm i -g npme, but running this fails without either the --unsafe flag (to run as root instead of nobody) or the --ignore-scripts flag (to bypass the autoinstall run script and just update the bin instead of attempting to upgrade Replicated as well).
Since I don't want to disrupt the running appliance without the user's explicit knowledge/consent, I opted for using --ignore-scripts. We could, of course, use a longer message that presents the user with both options, but that might be overkill.
I added the ansi-align dependency (same one used by update-notifier) to easily center-align the update message in the box.
I recently noticed our custom
update-notifier
message instructed to update viasudo npm i -g npme
, but running this fails without either the--unsafe
flag (to run as root instead of nobody) or the--ignore-scripts
flag (to bypass the autoinstall run script and just update the bin instead of attempting to upgrade Replicated as well).Since I don't want to disrupt the running appliance without the user's explicit knowledge/consent, I opted for using
--ignore-scripts
. We could, of course, use a longer message that presents the user with both options, but that might be overkill.I added the
ansi-align
dependency (same one used byupdate-notifier
) to easily center-align the update message in the box.New update message looks like this: