Hardened node developer here : long story short, nothing to worry about.

NPM security warnings are completely broken, they have a near 100% false positive rate (technically, the "vulnerable" dependency is here, but the flaw is, in literally all instances I have seen, not exploitable). An interesting read about this if you want : https://overreacted.io/npm-audit-broken-by-design/

Thanks @girish 👍

@atridad yes it does. If you run cloudron --help you can see the "global" options on the top, which apply also to subcommands.

@d19dotca this is now implemented at https://git.cloudron.io/cloudron/cloudron-cli/-/commit/e321442cc2251f46b0ee2564138224015339b12d and will thus be part of next cli release.

@nebulon said in Cloudron CLI login command results in an HTTP 404 error with "Cannot POST /api/v1/developer/login" message:

You probably have to update the cli tool, since the /api/v1/developer/login route was long deprecated and finally removed from the server side.

@girish said in Cloudron CLI login command results in an HTTP 404 error with "Cannot POST /api/v1/developer/login" message:

For reference, the latest CLI version is 4.12.8 (Use cloudron --version to see current version)

So I checked the version of Cloudron CLI finally and it seems I am indeed running 4.12.8...

<username>@<computerName> ~ % cloudron --version 4.12.8

However, I ran the command cloudron login again and now it suddenly works. So I'm not sure, maybe I had ran the update (I know I did for a fact) but perhaps it wasn't recognized until my computer had restarted over the holidays here. Something strange, but it's all good now it seems. 🙂

I have pushed a new CLI version v4.12.7 that fixes this.

@christiaan I submitted a new image to the marketplace. Will leave a note here when it gets approved. Sometimes it's immediate and sometimes it takes 2-3 days.

For anyone else coming later, if you need to modify these files to test out for instance a code fix you would use the CLI tool to run cloudron debug --app app.domain.com, open a web terminal to the app, edit whatever files you need to in /app/code, and then run /app/pkg/start.sh from within that web terminal to manually start the app and test your change.

You can exit debug mode, which will delete your changes, by going to the app's settings in cloudron, Repair, and clicking the Disable Recovery Mode button.

This sounds like it should be a part of the build package and/or the registry package, depending on use case.

I have added cloudron update --appstore-id {id} for the next release.

@girish Thanks so much for the great answers.

I look forward to installing the cloudron cli on my computer running Linux Mint 🤠 .

Confirmed working on 4.5.3

To install a specific version: sudo npm install -g cloudron@4.5.3

node --version said v8.10.0, updated to v12.18.3 for good measure 😉

Ok this is fixed, however requires a new Cloudron release, since the tasks API needs a proper pending state.

Glad it solved itself 🙂

@girish
Checking through nvm latest LTS is 14.17.0 now
alt text
Should I go ahead with the latest or you'd suggest that I use 14.15.4 as you guys?

What if I want to keep each build service associated to each Cloudron instance respectively?

I would also delete ~/.cloudron.json for good measure since we change the format of the config a few times and maybe you have something from an older CLI version.