Add postbuild dependencies check #130
Conversation
Example of PR titles that include pivotal stories:
New dependencies added: @azure/ms-rest-jsAuthor: Microsoft Corporation Description: Isomorphic client Runtime for Typescript/node.js/browser javascript client libraries generated using AutoRest Homepage: https://github.com/Azure/ms-rest-js
|
| Created | 28 days ago |
| Last Updated | 14 days ago |
| License | MIT |
| Maintainers | 5 |
| Releases | 2 |
| Direct Dependencies | abort-controller, agentkeepalive, applicationinsights, fp-ts, io-ts, json-set-map, node-fetch and validator |
README
TypeScript Commons
This module provides code shared by the projects of the
IO App
initiative.
Documentation is available here
Contributing
In the following there are instructions to build the app in your computer for development purposes.
Pre-requisites
We built a script for helping setting up the laptop, you can find it here
Otherwise, please follow the following steps:
Install NodeJS
To run the project you need to install a properly version of NodeJS.
On macOS and Linux we recommend the use of a virtual environment, such as nodenv for managing multiple versions of NodeJS.
The node version used in this project is stored in .node-version.
If you already have nodenv installed and configured on your system, the correct version node will be set when you access the app directory.
To install, follow the steps described below.
Install brew
If you do not have it already, install brew following the installation instructions in the home page.
Install nodenv
brew install nodenv
Install yarn
For the management of javascript dependencies we use Yarn.
Yarn is a node application. IF you have already installed in your system version of node compatible with yarn, you can install it as a global command with:
npm install -g yarn
Install dependencies
Install the libraries used by the project:
$ yarn install --frozen-lockfile
Run Tests
Run Unit Tests
$ yarn test
Run Lint Check
$ yarn lint
Updating/publishing online docs
$ yarn docs
Releasing a version
Release has been automatized by using Azure Pipelines.
To release a new version please go to io-ts-commons project on Azure and manually run pagopa.io-ts-commons.deploy the pipeline.
Be aware to choose the right release version between major|minor|patch
License
applicationinsights
Author: Unknown
Description: Microsoft Application Insights module for Node.js
Homepage: https://github.com/microsoft/ApplicationInsights-node.js#readme
| Created | over 6 years ago |
| Last Updated | 8 days ago |
| License | MIT |
| Maintainers | 1 |
| Releases | 90 |
| Direct Dependencies | cls-hooked, continuation-local-storage, diagnostic-channel and diagnostic-channel-publishers |
| Keywords | exception monitoring, request monitoring, performance monitoring, application insights, microsoft, azure, cloud, tracing, telemetry, analytics and apm |
body-parser
Author: Unknown
Description: Node.js body parsing middleware
Homepage: https://github.com/expressjs/body-parser#readme
| Created | about 7 years ago |
| Last Updated | about 1 year ago |
| License | MIT |
| Maintainers | 1 |
| Releases | 65 |
| Direct Dependencies | bytes, content-type, debug, depd, http-errors, iconv-lite, on-finished, qs, raw-body and type-is |
dotenv
Author: Unknown
Description: Loads environment variables from .env file
Homepage: https://github.com/motdotla/dotenv#readme
| Created | over 7 years ago |
| Last Updated | 12 months ago |
| License | BSD-2-Clause |
| Maintainers | 4 |
| Releases | 38 |
| Direct Dependencies | |
| Keywords | dotenv, env, .env, environment, variables, config and settings |
README
dotenv
Dotenv is a zero-dependency module that loads environment variables from a .env file into process.env. Storing configuration in the environment separate from code is based on The Twelve-Factor App methodology.
Install
# with npm
npm install dotenv
# or with Yarn
yarn add dotenvUsage
As early as possible in your application, require and configure dotenv.
require('dotenv').config()Create a .env file in the root directory of your project. Add
environment-specific variables on new lines in the form of NAME=VALUE.
For example:
DB_HOST=localhost
DB_USER=root
DB_PASS=s1mpl3process.env now has the keys and values you defined in your .env file.
const db = require('db')
db.connect({
host: process.env.DB_HOST,
username: process.env.DB_USER,
password: process.env.DB_PASS
})Preload
You can use the --require (-r) command line option to preload dotenv. By doing this, you do not need to require and load dotenv in your application code. This is the preferred approach when using import instead of require.
$ node -r dotenv/config your_script.jsThe configuration options below are supported as command line arguments in the format dotenv_config_<option>=value
$ node -r dotenv/config your_script.js dotenv_config_path=/custom/path/to/your/env/varsAdditionally, you can use environment variables to set configuration options. Command line arguments will precede these.
$ DOTENV_CONFIG_<OPTION>=value node -r dotenv/config your_script.js$ DOTENV_CONFIG_ENCODING=latin1 node -r dotenv/config your_script.js dotenv_config_path=/custom/path/to/.envConfig
config will read your .env file, parse the contents, assign it to
process.env,
and return an Object with a parsed key containing the loaded content or an error key if it failed.
const result = dotenv.config()
if (result.error) {
throw result.error
}
console.log(result.parsed)You can additionally, pass options to config.
Options
Path
Default: path.resolve(process.cwd(), '.env')
You may specify a custom path if your file containing environment variables is located elsewhere.
require('dotenv').config({ path: '/full/custom/path/to/your/env/vars' })Encoding
Default: utf8
You may specify the encoding of your file containing environment variables.
require('dotenv').config({ encoding: 'latin1' })Debug
Default: false
You may turn on logging to help debug why certain keys or values are not being set as you expect.
require('dotenv').config({ debug: process.env.DEBUG })Parse
The engine which parses the contents of your file containing environment
variables is available to use. It accepts a String or Buffer and will return
an Object with the parsed keys and values.
const dotenv = require('dotenv')
const buf = Buffer.from('BASIC=basic')
const config = dotenv.parse(buf) // will return an object
console.log(typeof config, config) // object { BASIC : 'basic' }Options
Debug
Default: false
You may turn on logging to help debug why certain keys or values are not being set as you expect.
const dotenv = require('dotenv')
const buf = Buffer.from('hello world')
const opt = { debug: true }
const config = dotenv.parse(buf, opt)
// expect a debug message because the buffer is not in KEY=VAL formRules
The parsing engine currently supports the following rules:
BASIC=basicbecomes{BASIC: 'basic'}- empty lines are skipped
- lines beginning with
#are treated as comments - empty values become empty strings (
EMPTY=becomes{EMPTY: ''}) - inner quotes are maintained (think JSON) (
JSON={"foo": "bar"}becomes{JSON:"{\"foo\": \"bar\"}") - whitespace is removed from both ends of unquoted values (see more on
trim) (FOO= some valuebecomes{FOO: 'some value'}) - single and double quoted values are escaped (
SINGLE_QUOTE='quoted'becomes{SINGLE_QUOTE: "quoted"}) - single and double quoted values maintain whitespace from both ends (
FOO=" some value "becomes{FOO: ' some value '}) - double quoted values expand new lines (
MULTILINE="new\nline"becomes
{MULTILINE: 'new
line'}
FAQ
Should I commit my .env file?
No. We strongly recommend against committing your .env file to version
control. It should only include environment-specific values such as database
passwords or API keys. Your production database should have a different
password than your development database.
Should I have multiple .env files?
No. We strongly recommend against having a "main" .env file and an "environment" .env file like .env.test. Your config should vary between deploys, and you should not be sharing values between environments.
In a twelve-factor app, env vars are granular controls, each fully orthogonal to other env vars. They are never grouped together as “environments”, but instead are independently managed for each deploy. This is a model that scales up smoothly as the app naturally expands into more deploys over its lifetime.
What happens to environment variables that were already set?
We will never modify any environment variables that have already been set. In particular, if there is a variable in your .env file which collides with one that already exists in your environment, then that variable will be skipped. This behavior allows you to override all .env configurations with a machine-specific environment, although it is not recommended.
If you want to override process.env you can do something like this:
const fs = require('fs')
const dotenv = require('dotenv')
const envConfig = dotenv.parse(fs.readFileSync('.env.override'))
for (const k in envConfig) {
process.env[k] = envConfig[k]
}Can I customize/write plugins for dotenv?
For [email protected]: Yes. dotenv.config() now returns an object representing
the parsed .env file. This gives you everything you need to continue
setting values on process.env. For example:
const dotenv = require('dotenv')
const variableExpansion = require('dotenv-expand')
const myEnv = dotenv.config()
variableExpansion(myEnv)What about variable expansion?
Try dotenv-expand
How do I use dotenv with import?
ES2015 and beyond offers modules that allow you to export any top-level function, class, var, let, or const.
When you run a module containing an
importdeclaration, the modules it imports are loaded first, then each module body is executed in a depth-first traversal of the dependency graph, avoiding cycles by skipping anything already executed.
You must run dotenv.config() before referencing any environment variables. Here's an example of problematic code:
errorReporter.js:
import { Client } from 'best-error-reporting-service'
export const client = new Client(process.env.BEST_API_KEY)index.js:
import dotenv from 'dotenv'
import errorReporter from './errorReporter'
dotenv.config()
errorReporter.client.report(new Error('faq example'))client will not be configured correctly because it was constructed before dotenv.config() was executed. There are (at least) 3 ways to make this work.
- Preload dotenv:
node --require dotenv/config index.js(Note: you do not need toimportdotenv with this approach) - Import
dotenv/configinstead ofdotenv(Note: you do not need to calldotenv.config()and must pass options via the command line or environment variables with this approach) - Create a separate file that will execute
configfirst as outlined in this comment on #133
Contributing Guide
See CONTRIBUTING.md
Change Log
See CHANGELOG.md
Who's using dotenv?
These npm modules depend on it.
Projects that expand it often use the keyword "dotenv" on npm.
node-fetch
Author: David Frank
Description: A light-weight module that brings window.fetch to node.js
Homepage: https://github.com/bitinn/node-fetch
| Created | about 6 years ago |
| Last Updated | 6 months ago |
| License | MIT |
| Maintainers | 4 |
| Releases | 61 |
| Direct Dependencies | |
| Keywords | fetch, http and promise |
Generated by 🚫 dangerJS
Codecov Report
@@ Coverage Diff @@
## master #130 +/- ##
=======================================
Coverage 84.20% 84.20%
=======================================
Files 49 49
Lines 1665 1665
Branches 133 133
=======================================
Hits 1402 1402
Misses 258 258
Partials 5 5 Continue to review full report at Codecov.
|
Co-authored-by: Emanuele De Cupis <[email protected]>
|
Ok, let's say we are fine with this check. We now have a failing check, and we must fix the build ;) |
I wanted to try the Dangerfile before adding dependencies :) I'm doing it |
gquadrati
requested review from
AleDore,
BurnedMarshal,
francescopersico and
gunzip
as code owners
In order to avoid missing dependencies after yarn install --prod command, a postbuild check has been added to prompt all dependencies not listed in package.json