npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

node-red-contrib-onstar2

v3.0.1

Published

An updated Node-RED Library using OnStarJS2, supporting both v1 and v3 OnStar APIs with automatic version detection

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

bigthundersrbigthundersr

Keywords

node-redOnStarChevroletChevyGMGMCBuickCadillac

Readme

node-red-contrib-onstar2

CodeQL Dependency Review Lint Code Base Node.js CI Node.js Package

A Node-RED node package for controlling GM OnStar vehicles powered by OnStarJS, originally written by caseyjmorton and published in the npmjs registry here. Please note that only US and Canadian OnStar accounts are known to work with this integration.

This fork is for me to experiment with the capabilities exposed in the original version and to add custom commands as necessary.

  • Following a major re-write, this project was moved to version 2.x and was made fully independent from the original npm package.

  • Version 3.0 introduces API modernization with breaking changes for EV charging and diagnostics nodes. See MIGRATION.md for upgrade instructions.

npm

v3_Nodes_node-red-contrib-onstar2

Install

npm install node-red-contrib-onstar2

On Linux, macOS, or Windows, you may also need to install browser binaries (and system dependencies) for authentication:

npx patchright install --with-deps chromium

⚠️ Alpine Linux users (including Home Assistant Node-RED Add-on): Patchright is not supported on Alpine. See Special Instructions for the workaround.

Documentation

Each node is self-explanatory with hints provided wherever necessary as well as detailed information in the Help section of each node as necessary.

Running

Collect the following information:

  1. Generate a v4 uuid for the device ID
  2. OnStar login: username, password, PIN, TOTP Key (Please click link for instructions)
  3. Your car's VIN. Easily found in the monthly OnStar diagnostic emails.

Important: Special Instructions for Running in the official Home Assistant Node-RED Add-on

OnStar API Version Support

This project now uses the modernized onstarjs2 library which supports both v1 and v3 OnStar APIs:

Automatic API Version Detection

  • Action Commands (lock/unlock doors/trunk, start/cancel, alert): Automatically use v3 API with fallback to v1 API if needed. The library intelligently detects which API version your vehicle supports and caches this for optimal performance.

  • Diagnostic Commands: Use v3 API exclusively (returns all available diagnostics automatically)

  • EV Charging Commands: Use v3 API exclusively with new enhanced methods

v3 API Benefits

The v3 API provides:

  • More reliable command execution
  • Enhanced EV charging control
  • Comprehensive diagnostic data
  • Better error handling
  • Improved performance

Supported Features

Vehicle Control

  • Lock Doors
  • Unlock Doors
  • Lock Trunk
  • Unlock Trunk
  • Remote Start
  • Cancel Remote Start (Stop)
  • Vehicle Alert (Lights and Horn)
  • Vehicle Alert (Lights Only)
  • Vehicle Alert (Horn Only)
  • Cancel Vehicle Alert
  • Stop Lights

Vehicle Information

  • Get Vehicle Location
  • Get Diagnostic Information (v3 API - returns all diagnostics)
  • Get Vehicle Capabilities
  • Get Vehicle Details
  • Get OnStar Plan
  • Get Vehicle Recall Info

EV Charging Control (v3 API)

  • Set Charge Level Target - Set desired battery percentage (0-100%)
  • Stop Charging - Stop current charging session
  • Get EV Charging Metrics - Retrieve current charging status and metrics
  • Refresh EV Charging Metrics - Force-refresh live data from vehicle

Note: The following v1 API charging commands are deprecated and replaced:

  • chargeOverride → Use Set Charge Level Target or Stop Charging
  • getChargingProfile → Use Get EV Charging Metrics
  • setChargingProfile → Use Set Charge Level Target

Testing

This project includes comprehensive test suites that use mocked API responses instead of making real calls to OnStar servers.

Running Tests

# Run all tests (including mocked tests)
npm test

# Run only authentication tests (mocked)
npm run test:auth

# Run only functionality tests (mocked)
npm run test:functionality

# Run all mocked tests (authentication + functionality)
npm run test:mocked

# Run legacy authentication tests (requires real OnStar credentials)
npm run test:auth-legacy

Mocked Tests

The project now includes comprehensive mocked tests that cover both authentication scenarios and successful OnStar operations without making real API calls.

Authentication Tests (test/authentication.spec.js)

Using Sinon to mock the OnStarJS API calls:

  • Fast execution: No network calls or timeouts
  • Reliable results: Tests don't depend on external service availability
  • Safe testing: No risk of accidentally triggering real vehicle actions
  • Predictable outcomes: Controlled responses for different scenarios

The authentication tests cover:

  • Invalid credentials scenarios
  • Missing configuration parameters
  • Invalid TOTP codes
  • Invalid VIN formats
  • Successful authentication flows
  • Configuration node validation

Functionality Tests (test/functionality-mocked.spec.js)

Comprehensive mocked tests for OnStar operations:

  • get-account-vehicles: Mock vehicle list with multiple vehicles
  • get-diagnostics: Mock diagnostic data (odometer, battery, fuel, etc.)
  • locate-vehicle: Mock GPS coordinates and address information
  • lock-myvehicle: Mock successful door locking
  • unlock-myvehicle: Mock successful door unlocking
  • lock-mytrunk: Mock successful trunk locking
  • unlock-mytrunk: Mock successful trunk unlocking
  • start-myvehicle: Mock successful remote start
  • cancel-start-myvehicle: Mock successful remote start cancellation
  • alert-myvehicle: Mock successful vehicle alerts (honk/flash)
  • get-mycharge-profile: Mock EV charging profile data
  • mycharge-override: Mock charging override commands

All functionality tests verify:

  • Correct API method calls with proper parameters
  • Expected response data structures
  • Proper error handling
  • Node.js output validation

Running Tests with Real API Credentials (Optional)

By default, all tests use mocked API responses to prevent account lockouts. However, you can optionally test against the real OnStar API:

⚠️ WARNING: Real API testing will:

  • Make actual calls to your OnStar account
  • May trigger real actions on your vehicle
  • Could lead to account lockout if run too frequently
  • Should NEVER be used in CI/CD pipelines

To run real API tests:

  1. Copy the example environment file:

    cp .env.example .env

  2. Edit .env and fill in your real credentials:

    RUN_REAL_API_TESTS=true
[email protected]
ONSTAR_PASSWORD=YourPassword
ONSTAR_PIN=1234
ONSTAR_VIN=YOUR17DIGITVIN
ONSTAR_DEVICEID=your-device-id-uuid
ONSTAR_TOTP=YOURBASE32TOTPSECRET

  3. Run the safe real API tests:

    npm run test:real-safe-only

Note: The .env file is automatically excluded from git via .gitignore to protect your credentials.

My other related projects