Hey folks, I hit an error on an up-to-date community install with Docker when I try to install the community node “HTML to PDF”. I found a file `packages/cli/src/modules/community-packages/community-packages.controller.ts` in the source code with lines :
if (verify) {
checksum = this.communityNodeTypesService.findVetted(name)?.checksum;
if (!checksum) {
throw new BadRequestError(`Package ${name} is not vetted for installation`);
}
}
So it seems that either the package is not found, or doesn’t have a checksum. What could explain this issue? I’ve found info about the cloud version supporting community packages only progressively, but I use a self-hosted community edition.
Option “N8N_COMMUNITY_PACKAGES_ENABLED” is documented to be true as a default, is that still true?
What is the error message (if any)?
"Error installing new package Package n8n-nodes-htmlcsstopdf is not vetted for installation"
Please share your workflow
Workflow not relevant (will happen in a fresh workflow)
Hi @eric-burel Most probably this problem might be related to env variables, try setting N8N_UNVERIFIED_PACKAGES_ENABLED=true explicitly in your Docker environment variables.
This is a new behavior introduced in n8n 2.x — the vetting system for community packages. Here’s what’s happening and how to get around it.
What changed
n8n added a checksum-based package vetting system in 2.x. The verify flag in the community packages controller checks whether a package is on the approved list before allowing install. This was added for the cloud product but it apparently shipped into the self-hosted CE builds as well — which is almost certainly unintentional for self-hosted.
The fix
Set this environment variable in your Docker setup:
And check whether you have N8N_COMMUNITY_PACKAGES_VERIFY or similar set anywhere — if it’s explicitly set to true, clearing it may restore the old behavior.
If env vars don’t fix it
This appears to be a regression in the 2.8.x-2.10.x range. A few people have reported it. Check the GitHub issues for “community packages not vetted” — there may be a specific env var flag or a patch version that resolves it. The behavior on self-hosted CE should not require package vetting (that’s a cloud feature), so this is worth filing as a bug if you don’t see an existing report.
Workaround in the meantime
You can install community nodes manually by adding them to your node_modules directly in the Docker volume and restarting. Not pretty but it works:
cd /home/node/.n8n
npm install n8n-nodes-htmlcsstopdf
Then restart the container. n8n will pick up the package from the local node_modules.
The env var you want is N8N_UNVERIFIED_PACKAGES_ENABLED=true — add it to your docker-compose environment section and restart the container. According to the docs it actually defaults to true already so it’s a bit odd you’re hitting this, but setting it explicitly should bypass that vetting check you found in the source. If it still doesn’t work after that, double check you don’t have N8N_COMMUNITY_PACKAGES_ENABLED set to false somewhere since that’s the master switch that overrides everything else.
It’s a verified node and should be available without issues. I just tried to replicate it on another self-hosted instance and it works fine.
Are you able to install other verified nodes?
We’re going to report this to n8n nodes team to help check this, but in the meantime, could you drop me an email on [email protected] if you continue to face the issue?
