since API 3.0 is default, weatherEndpoint should be set to "/onecall"
Fixes#3574
ATTENTION: since lat / lon defaults to 0 / 0, the weather plugins works
after this patch, but shows the weather from
https://de.wikipedia.org/wiki/Null_Island if lat / lon is not manually
set.
---------
Co-authored-by: Karsten Hassel <hassel@gmx.de>
Co-authored-by: Pedro Lamas <pedrolamas@gmail.com>
When a library is missing on an 3rd party module, MM² stop loading and
display a black screen. (I'm sure it's happened to everyone.)
So, I have added a try/catch block and it's avoid black screen, display
errors and allow continue loading with next module
The old `stale.yaml` seems not to work anymore, so I set up the same
content in a new github workflow.
I think we should use it again to get rid of old issues.
Bumps [helmet](https://github.com/helmetjs/helmet) from 7.1.0 to 8.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/helmetjs/helmet/blob/main/CHANGELOG.md">helmet's
changelog</a>.</em></p>
<blockquote>
<h2>8.0.0</h2>
<h3>Changed</h3>
<ul>
<li><strong>Breaking:</strong> <code>Strict-Transport-Security</code>
now has a max-age of 365 days, up from 180</li>
<li><strong>Breaking:</strong> <code>Content-Security-Policy</code>
middleware now throws an error if a directive should have quotes but
does not, such as <code>self</code> instead of <code>'self'</code>. See
<a
href="https://redirect.github.com/helmetjs/helmet/issues/454">#454</a></li>
<li><strong>Breaking:</strong> <code>Content-Security-Policy</code>'s
<code>getDefaultDirectives</code> now returns a deep copy. This only
affects users who were mutating the result</li>
<li><strong>Breaking:</strong> <code>Strict-Transport-Security</code>
now throws an error when "includeSubDomains" option is
misspelled. This was previously a warning</li>
</ul>
<h3>Removed</h3>
<ul>
<li><strong>Breaking:</strong> Drop support for Node 16 and 17. Node 18+
is now required</li>
</ul>
<h2>7.2.0 - 2024-09-28</h2>
<h3>Changed</h3>
<ul>
<li><code>Content-Security-Policy</code> middleware now warns if a
directive should have quotes but does not, such as <code>self</code>
instead of <code>'self'</code>. This will be an error in future
versions. See <a
href="https://redirect.github.com/helmetjs/helmet/issues/454">#454</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9a8e6d5322"><code>9a8e6d5</code></a>
8.0.0</li>
<li><a
href="6562cd7074"><code>6562cd7</code></a>
CSP: speed up <code>getDefaultDirectives</code></li>
<li><a
href="a8befb3b9d"><code>a8befb3</code></a>
<code>getDefaultDirectives</code> should do a deep copy</li>
<li><a
href="558ef2ce90"><code>558ef2c</code></a>
HSTS: throw when misspelling "includeSubDomains" option</li>
<li><a
href="73e75952fe"><code>73e7595</code></a>
Content-Security-Policy: throw if directive value lacks necessary
quotes</li>
<li><a
href="76410e1093"><code>76410e1</code></a>
Content-Security-Policy can now use Object.hasOwn</li>
<li><a
href="293bd18bf5"><code>293bd18</code></a>
Strict-Transport-Security: increase max-age to 1 year</li>
<li><a
href="898cdc4c61"><code>898cdc4</code></a>
Require Node 18+</li>
<li><a
href="7e2b06947f"><code>7e2b069</code></a>
7.2.0</li>
<li><a
href="7bea9158d4"><code>7bea915</code></a>
Update changelog for 7.2.0 release</li>
<li>Additional commits viewable in <a
href="https://github.com/helmetjs/helmet/compare/v7.1.0...v8.0.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[eslint-plugin-jsdoc](https://github.com/gajus/eslint-plugin-jsdoc) from
50.3.0 to 50.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gajus/eslint-plugin-jsdoc/releases">eslint-plugin-jsdoc's
releases</a>.</em></p>
<blockquote>
<h2>v50.3.1</h2>
<h2><a
href="https://github.com/gajus/eslint-plugin-jsdoc/compare/v50.3.0...v50.3.1">50.3.1</a>
(2024-10-01)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong><code>check-alignment</code>:</strong> handle zero indent;
fixes <a
href="https://redirect.github.com/gajus/eslint-plugin-jsdoc/issues/1322">#1322</a>
(<a
href="34866bc988">34866bc</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="34866bc988"><code>34866bc</code></a>
fix(<code>check-alignment</code>): handle zero indent; fixes <a
href="https://redirect.github.com/gajus/eslint-plugin-jsdoc/issues/1322">#1322</a></li>
<li>See full diff in <a
href="https://github.com/gajus/eslint-plugin-jsdoc/compare/v50.3.0...v50.3.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
I discover this bug:
When pm2 `sh` script is on MagicMirror root folder, updatenotification
is not able to detect pm2 using
```
0|MagicMirror | [2024-10-02 17:23:09.215] [DEBUG] Version Compare: 2.30.0-develop 2.30.0-develop --> true
0|MagicMirror | [2024-10-02 17:23:09.216] [DEBUG] Status: online
0|MagicMirror | [2024-10-02 17:23:09.216] [DEBUG] PM2 MagicMirror starting from Path: /home/bugsounet/MagicMirror-dev
0|MagicMirror | [2024-10-02 17:23:09.216] [DEBUG] MagicMirror Path /home/bugsounet/MagicMirror-dev/
0|MagicMirror | [2024-10-02 17:23:09.216] [DEBUG] Compare: false
0|MagicMirror | [2024-10-02 17:23:09.216] [INFO] updatenotification: [PM2] You are not using pm2
```
Related to #3573
I think it's better to keep new library node-libgpiod for testing
(library to manage RPI gpio for pir sensor management) and delete others
Only one test is better
## [2.29.0] - 2024-10-01
Thanks to: @bugsounet, @dkallen78, @jargordon, @khassel,
@KristjanESPERANTO, @MarcLandis, @rejas, @ryan-d-williams, @sdetweil,
@skpanagiotis.
> ⚠️ This release needs nodejs version `v20` or `v22`, minimum version
is `v20.9.0`
### Added
- [compliments] Added support for cron type date/time format entries mm
hh DD MM dow (minutes/hours/days/months and day of week) see
https://crontab.cronhub.io for construction (#3481)
- [core] Check config at every start of MagicMirror² (#3450)
- [core] Add spelling check (cspell): `npm run test:spelling` and handle
spelling issues (#3544)
- [core] removed `config.paths.vendor` (could not work because `vendor`
is hardcoded in `index.html`), renamed `config.paths.modules` to
`config.foreignModulesDir`, added variable `MM_CUSTOMCSS_FILE` which -
if set - overrides `config.customCss`, added variable `MM_MODULES_DIR`
which - if set - overrides `config.foreignModulesDir`, added test for
`MM_MODULES_DIR` (#3530)
- [core] elements are now removed from `index.html` when loading script
or stylesheet files fails
- [core] Added `MODULE_DOM_UPDATED` notification each time the DOM is
re-rendered via `updateDom` (#3534)
- [tests] added minimal needed node version to tests (currently v20.9.0)
to avoid releases with wrong node version info
- [tests] Added `node-libgpiod` library to electron-rebuild tests
(#3563)
### Removed
- [core] removed installer only files (#3492)
- [core] removed raspberry object from systeminformation (#3505)
- [linter] removed `eslint-plugin-import`, because it doesn't support
ESLint v9. We will reenter it later when it does.
- [tests] removed `onoff` library from electron-rebuild tests (#3563)
### Updated
- [weather] Updated `apiVersion` default from 2.5 to 3.0 (#3424)
- [core] Updated dependencies including stylistic-eslint
- [core] nail down `node-ical` version to `0.18.0` with exception
`allow-ghsas: GHSA-8hc4-vh64-cxmj` in `dep-review.yaml` (which should
removed after next `node-ical` update)
- [core] Updated SocketIO catch all to new API
- [core] Allow custom modules positions by scanning index.html for the
defined regions, instead of hard coded (PR #3518 fixes issue #3504)
- [core] Detail optimizations in `config_check.js`
- [core] Updated minimal needed node version in `package.json`
(currently v20.9.0) (#3559) and except for v21 (no security updates)
(#3561)
- [linter] Switch to ESLint v9 and flat config and replace
`eslint-plugin-unicorn` by `@eslint/js`
- [core] fix discovering module positions twice after #3450
### Fixed
- Fixed `checks` badge in README.md
- [weather] Fixed issue with the UK Met Office provider following a
change in their API paths and header info.
- [core] add check for node_helper loading for multiple instances of
same module (#3502)
- [weather] Fixed issue for respecting unit config on broadcasted
notifications
- [tests] Fixes calendar test by moving it from e2e to electron with
fixed date (#3532)
- [calendar] fixed sliceMultiDayEvents getting wrong count and
displaying incorrect entries, Europe/Berlin (#3542)
- [tests] ignore `js/positions.js` when linting (this file is created at
runtime)
- [calendar] fixed sliceMultiDayEvents showing previous day without
config enabled
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Michael Teeuw <michael@xonaymedia.nl>
Co-authored-by: Kristjan ESPERANTO <35647502+KristjanESPERANTO@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ross Younger <crazyscot@gmail.com>
Co-authored-by: Veeck <github@veeck.de>
Co-authored-by: Bugsounet - Cédric <github@bugsounet.fr>
Co-authored-by: jkriegshauser <joshuakr@nvidia.com>
Co-authored-by: illimarkangur <116028111+illimarkangur@users.noreply.github.com>
Co-authored-by: sam detweiler <sdetweil@gmail.com>
Co-authored-by: vppencilsharpener <tim.pray@gmail.com>
Co-authored-by: veeck <michael.veeck@nebenan.de>
Co-authored-by: Paranoid93 <6515818+Paranoid93@users.noreply.github.com>
Co-authored-by: Brian O'Connor <btoconnor@users.noreply.github.com>
Co-authored-by: WallysWellies <59727507+WallysWellies@users.noreply.github.com>
Co-authored-by: Jason Stieber <jrstieber@gmail.com>
Co-authored-by: jargordon <50050429+jargordon@users.noreply.github.com>
Co-authored-by: Daniel <32464403+dkallen78@users.noreply.github.com>
Co-authored-by: Ryan Williams <65094007+ryan-d-williams@users.noreply.github.com>
Co-authored-by: Panagiotis Skias <panagiotis.skias@gmail.com>
Co-authored-by: Marc Landis <dirk.rettschlag@gmail.com>
after adding check:config to the MM startup process, #3450, we
accidentally discover module positions more than once, and write the
file each time..
add a check to see if we have done this work already
# Update electron-rebuild.yaml
* remove onoff library: Not updated since 3 years, don't work with last
rpi Os
* add node-libgpiod library in replacement
Since PR #3551 was not yet complete, I made my own attempt.
1. Update to ESLint v9.
2. Replace deprecated `.eslintrc.json` and `.eslintignore` by flat
config `eslint.config.mjs`.
3. Adapt `check_config.js` to use flat config.
4. Since `eslint-plugin-import` still doesn't support ESLint v9 I
removed it. We can add it back when it does support v9.
5. Run tests `npm run check:js` and `npm run config:check`.
6. In order not to overload this PR, I have not yet activated more
additional rules - there are some useful ones in the new plugin
`@eslint/js`.
@bugsounet, please don't take it as an offence that I have created a
competing PR. The migration to ESLint v9 has been burning under my nails
for some time.
Update of package*.json for minimal node verion requirement (v20.9.0)
* it's an addition to #3556
* According to changelog v2.28.0: `⚠️ This release needs nodejs version
>= v20.9.0`
Beside testing against node version `v20.x` and `v22.x` we should also
test against the minimal node version, currently `v20.9.0`.
This is for seeing changes in dependencies which needs higher node
version as with the July-24-release, where we wrote `node >=20` but
shipped an `eslint` version which required `node>=20.9.0`.
Only details changes. No functional changes.
- remove superfluous colors in Log.error
- invert negative if
- update ESLint env
- use camel case variable name
- optimize Log strings
- [x] Base your pull requests against the `develop` branch.
- [x] Include these infos in the description:
> - Does the pull request solve a **related** issue?
Yes - solves #3534
> - If so, can you reference the issue like this `Fixes
#<issue_number>`?
Fixes#3534 (also mentioned in commit message)
> - What does the pull request accomplish? Use a list if needed.
> > - Adds a new notification (`DOM_OBJECTS_UPDATED`) when the DOM is
updated via `updateDom`
- [x] Please run `npm run lint:prettier` before submitting
- [x] Don't forget to add an entry about your changes to the
CHANGELOG.md file.
More info can be found in #3534, but as a summary:
The `updateDom` function is not synchronous - there is an undetermined
amount of time between when it completes and when the DOM has actually
been re-rendered and is ready for interaction. The existing notification
(`MODULE_DOM_CREATED`) only fires once on the initial DOM render. This
PR solves the issue of subsequent re-renders by adding a new
notification that fires whenever the DOM is ready after an update. This
notification falls within expected lifecycle notifications (very similar
to other libraries that provide DOM lifecycle notifications).
… for setting these things from outside (and overriding corresponding
config.js properties `config.foreignModulesDir` and `customCss`)
- remove elements from index.html when loading script or stylesheet
files fails
- removed `config.paths.vendor` (could never work because `vendor` is
hardcoded in `index.html`) and renamed `config.paths.modules` to
`config.foreignModulesDir`. The `config.paths. ...` properties were
implemented in the initial commit in `js/defaults.js` but were never
functional.
- fixes `app.js` which didn't respect `config.paths.modules` before
- as `modules/defaults` is directly set in many places in the source
code restrict `config.paths.modules` to foreign modules (it has never
worked for default modules), now renamed to `config.foreignModulesDir`
- adds new `/env` section in `server.js` for getting the new env vars in
the browser
- fixes TODO in `server.js` so test directories are now only published
when running tests
These changes allow changing some main paths from outside mm with the
new env vars. You now **can** put all user stuff into one directory,
e.g. the `config` dir:
- `config.js` as before
- `custom.css`
- foreign modules
This would simplify other setups e.g. the docker setup. At the moment we
have to deal with 3 directories where 2 of them (`modules` and `css`)
contains mixed stuff, which means mm owned files and user files. This
can now simplified and leads to cleaner setups (if wanted).
I felt like adding a spell checker, but it's okay if you find it
superfluous. At least then we could fix the found spell issues.
What is still missing is an automatic integration so that the spell
checker does not have to be called manually. Would it perhaps make sense
to always do it before a release?
sliceMultiDayEvents occasionally gets the number of events wrong and
produces too many rows
Math.ceil() rounds up over 1.04 so we get an abnormal count
then the calcs for the midnight loop control used different moment()
functions, producing different results
fixes#3542
read index.html to discover the regions used, make them the list checked
by app.js and check:config test
fixes#3504 supercedes #3506
no config.js param required
This PR resolve Issue number #3419 .
I have added the method `convertWeatherObjectToImperial()` which
converts the units of the `notificationPayload` to imperial if needed,
in order to pass the object in `sendNotification()`.
---------
Co-authored-by: veeck <michael.veeck@nebenan.de>
- [x] Base your pull requests against the `develop` branch.
- [x] Include these infos in the description:
> - Does the pull request solve a **related** issue?
Yes - solves #3521
> - If so, can you reference the issue like this `Fixes
#<issue_number>`?
Fixes#3521 (also mentioned in commit message)
> - What does the pull request accomplish? Use a list if needed.
> > - Updates duplicate module filter method (upstream vs downstream -
see #3502)
> > - Updates socket io catchall functionality to new API
[[docs](https://socket.io/docs/v4/listening-to-events/)].
- [x] Please run `npm run lint:prettier` before submitting
- [x] Don't forget to add an entry about your changes to the
CHANGELOG.md file.
