<![CDATA[8.2 plug-in issues]]>Several issues with plugins now the latest is:
╭─────────────────────────────────────────╮
│ │
│ Update available! 11.3.0 → 11.5.1. │
│ Changelog: https://pnpm.io/v/11.5.1
│ To update, run: pnpm add -g pnpm │
│ │
╰─────────────────────────────────────────╯

[ERR_PNPM_NO_MATCHING_VERSION] No matching version found for peertube-plugin-google-analytics-js@0.0.1 while fetching it from https://registry.npmjs.org/

This error happened while installing a direct dependency of /app/data/storage/plugins

The latest release of peertube-plugin-google-analytics-js is "0.0.1-security".

If you need the full list of all 1 published versions run "pnpm view peertube-plugin-google-analytics-js versions".",

]]>https://forum.cloudron.io/topic/15584/8.2-plug-in-issuesRSS for NodeThu, 04 Jun 2026 00:30:49 GMTWed, 03 Jun 2026 15:26:07 GMT60<![CDATA[Reply to 8.2 plug-in issues on Wed, 03 Jun 2026 16:35:03 GMT]]>Yes - I had to manually delete google analytics lines in the package.json
I then ran:
rm -rf /app/data/storage/plugins/node_modules
I then reinstalled the plugs-ins and now all is good.
ALSO added:
blockExoticSubdeps: false
to the pnpm-workspace.yaml - this fixes a couple of other plugins

]]>https://forum.cloudron.io/post/125454https://forum.cloudron.io/post/125454Wed, 03 Jun 2026 16:35:03 GMT<![CDATA[Reply to 8.2 plug-in issues on Wed, 03 Jun 2026 16:05:27 GMT]]>Hello @stevespaw
I might have malware in your PeerTube which is getting blocked by the latest PeerTube update with the latest pnpm version.
See https://github.com/advisories/GHSA-4r2m-9mxx-rf7q

5a10cdbd-24d7-4c79-be50-7b9f2493b2fa-image.jpeg

peertube-plugin-google-analytics-js (npm)
Affected versions>= 0
Patched versions None

Description
Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
]]>https://forum.cloudron.io/post/125451https://forum.cloudron.io/post/125451Wed, 03 Jun 2026 16:05:27 GMT