hello, first of all thanks for awesome project!

i have deployed meli on meli.domain.com(couldn't get sub directory to work, is it supported?) and i want the site to be at domain.com

both domain.com and meli.domain.com are set to reverse proxy for 127.0.0.1:9999
however when adding domain.com to meli org it shows:
Could not update site: Error: Request failed with status code 400

and when visiting domain.com apache2 shows : Requested URL not served on this server

this is not mentioned in the docs, and i don't want the site to be a subdomain

We'll be adding a version check so that users know if they have the latest version of Meli. A message will be displayed in the UI.

Hello,

Problem Description

I deployed meli on a VPS using the installation instruction via https://docs.meli.sh/get-started/installation

Upon the attempt to log in I'm unable to authenticate and receive error message with status code 401

I changed the "following" in my docker-compose.yml file:

  MELI_JWT_SECRET: "A random 37-charter using upper case, lower case, numbers and symbols"
  # https://docs.meli.sh/authentication
  MELI_USER: "changed the user name"
  MELI_PASSWORD: "A random 37-charter using upper case, lower case, numbers and symbols"

// There is a space between : and the first character of user and password values

Steps to Reproduce

docker-compose up

I get prompted with a logon page

I enter the user name and password as configured in MELI_USER and MELI_PASSWORD respectively.

I receive the following error message:

Could not sign in: Error: Request failed with status code 401

Thanks in advance!

Can't find package semantic-release-license@^1.0.2 err

I got confused a couple of times by the "off" state of the toggle button, since it still incorporates the brand color. Instead of having the gradiant background, I'd recommend just a plain dark gray, like this:

I'm about to convert the compose files to kubernetes manifests.
Deploying a K8s Environment is as easy as starting docker nowadays.

Any suggsetion on the folder structure? Where can i push the .yaml files to?

thanks

I want my project to feel well protected when sharing the site with collaborators and clients.
However, it doesn't look professional for the user name to be user.
As if the administrator account ID is admin.

So I at least want to be able to set the user name myself.
And if possible, I would like to be able to set up multiple accounts like Netlify.
Netlify can configure multiple accounts through _headers as follows.
Basic-Auth: user1:password1 user2:password2

It's good enough now, but I hope you consider my opinion.

I would suggest to add those 2 features:

1)
Right now, you can just add an Domain with ACME or with a Custom Certificate.
When beeing behind an SSL-Terminating Reverse-Proxy (like in K8s) no Cert is needed at all.
How to solve: 3rd Option: Add Domain without Cert

2)
MELI_MONGO_URI should be generated using a bash script inside the container.

In addition we should use the ENV VARs, eg.:

MELI_MONGO_USER
MELI_MONGO_PASSWORD
MELI_MONGO_HOST
MELI_MONGO_PORT
MELI_MONGO_DB

The second change is not mandatory, but would make the K8s config easier, also a Secret could be used to inject the Password.

Sites can create a custom 404.html page at their root. When a file isn't found for a site, Meli rewrites the uri to /404.html, showing your custom page.

This behavior is broken in v1.0.0-beta.4. It has been fixed on the next branch and will be fixed in v1.0.0-beta.5.

Hi guys.

I tried to invite myself using a different email address and got the invite link but when I open it, it just takes me to the meli auth page. Thinking it could be a caching issue, I tried on an incognito window and even another browser to the same result.

While trying to add a member to a team, the pop-up window says "Add branch" instead of "Add member" and there seems to be no way to a new member from it anyways.

Hope this helps to debug this great app.

Cheers.

Could you provide a docker compose using meli under traefik?
It would be very helpful and would be an annex to the documentation.

When I head over to a branch and check the "protected" box, and confirm the modal, Meli crashes with no logs and exit code 139 (running in Docker, on the getmeli/meli:beta image).

Hi @gempain ,

This is more like a feature request.

Considering that Meli is self-hosted, it'd be cool to have the ability to change the logo to a custom one and also change the server name from Meli to a custom name, so that email invites, notifications, etc, show a name my users can recognize and therefor trust.

This could even be a "premium"/paid feature, but I think, as portainer does, it would open Meli to be used as a base for commercial or pseudo-commercial use, therefore boosting interest and adoption.

Cheers,

See comments in #173 for background.

We need to:

• add an environment variable for setting multer's max body length
• use this variable to configure multer

Checklist:

• implementation
• docs

See #168 for background.

Alongside the current installation docs, provide a step-by-step guide for installing Meli for users that are not familiar with Docker.

It'd be cool if Meli was able to parse through HTML sites for <form>'s and plug it into its backend to automatically email form responses to a site's admin. This would bring it to parity with Netlify Forms.

Credits to @robertorubioguardia for suggesting this feature.

It would be nice to have a .melirc configuration file. For example:

version: 1
upload:
  siteId: 123
  token: token
  url: https://meli.domain.com

and then

@getmeli/cli upload ./dir

This file could be source from:

• the current directory
• the home directory
• the --config CLI option

Following the comment from @robertorubioguardia.

HI @gempain

I managed to add GitHub authentication and accept the invite following your instructions and then added the user as a member of a team in my organization, with no admin powers.

Thing is, when I log in from the new invited user, I get a 403 error in the GUI where the teams should be listed.
The API error in the console is:

{
"statusCode": 403,
"path": "/api/v1/teams/b6ddb484-0feb-4ae7-bf78-45aeaed6f67f/sites",
"message": "Cannot get team"
}

If I add the user to the team with admin powers, there is no error. I have also confirmed the team ID is valid.

Cheers.

As our community is growing, it would be nice to create a public discussion channel where we can chat about improvements and keep issues relatively concise and focused.

I reached out to Github for entering the beta for discussions, but we haven't heard back. I'm considering a Slack organization with auto-invite (but Slackin uses an API which will be deprecated in a couple of weeks, so I'm not really confident in this).

There's also Discord, but I don't know whether this would be a good option, and I like using Slack as well.

If you have ideas, feel free to comment here.

Would be pretty nice to be able to run this on an existing nginx installation. I have only one IP address, is this possible? If yes, how?

First of all thanks for this project, it looks really great! As I'm new to it and just testing it out to see whether it suits my needs I may have missed something in the set up. I'm seeing an issue when trying to view a branch on a site. Curl tells me there is the following SSL error:

error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error

Chrome reports:

ERR_SSL_PROTOCOL_ERROR

I've set up a wildcard domain which resolves fine but there appears to be something wrong at the Caddy stage.

The branch/site I'm trying to look at is: https://main.tanc_me.meli.jampony.net/

Meli is set up following the docs on a fresh Ubuntu 20.04 server with no other services running.

Looking at the docker logs I'm seeing the following errors from letsencrypt:

{"level":"debug","ts":1613740447.9163651,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"HEAD","url":"https://acme.zerossl.com/v2/DV90/newNonce","headers":{"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]},"status_code":200,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=-1"],"Content-Type":["application/octet-stream"],"Date":["Fri, 19 Feb 2021 13:14:07 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["JvuPCaUS9gPItnTHBMgpTd_5RQ4pb501yXfG18Oqr2I"],"Server":["nginx"],"Strict-Transport-Security":["max-age=15552000"]}}
{"level":"debug","ts":1613740447.9933982,"logger":"tls.issuance.acme.acme_client","msg":"http request","method":"POST","url":"https://acme.zerossl.com/v2/DV90/newOrder","headers":{"Content-Type":["application/jose+json"],"User-Agent":["Caddy/2.3.0 CertMagic acmez (linux; amd64)"]},"status_code":400,"response_headers":{"Access-Control-Allow-Origin":["*"],"Cache-Control":["max-age=0, no-cache, no-store","max-age=-1"],"Content-Length":["130"],"Content-Type":["application/problem+json"],"Date":["Fri, 19 Feb 2021 13:14:07 GMT"],"Link":["<https://acme.zerossl.com/v2/DV90>;rel=\"index\""],"Replay-Nonce":["y4__AsuK_pTlWqf6NulkTUurVzs4LAo-_tSNPZpfC7c"],"Server":["nginx"]}}
{"level":"error","ts":1613740447.9936416,"logger":"tls.obtain","msg":"will retry","error":"[tanc_me.meli.jampony.net] Obtain: [tanc_me.meli.jampony.net] creating new order: request to https://acme.zerossl.com/v2/DV90/newOrder failed after 1 attempts: HTTP 400 urn:ietf:params:acme:error:rejectedIdentifier - Invalid DNS identifier [tanc_me.meli.jampony.net] (ca=https://acme.zerossl.com/v2/DV90)","attempt":1,"retrying_in":60,"elapsed":7.688670099,"max_duration":2592000}

Any ideas?

It would be neat if accounts could be managed from any arbitrary IdP (like Keycloak, Okta, etc.) - which primarily use the protocols mentioned in the title.

Hello! This is a great app especially with SPA mode. I think most people would also like the ability to serve this through a reverse proxy instead of expose meli directly due to other web services also running in the same server (the case for self hosters, for example). So far I have tried the following:

• Use nginx with meli but use app url as https
  • This causes an issue since nginx cannot proxy an https service
• Use nginx with meli but use app url as http
  • This causes websockets to fail, thus meli cannot load

If there is a way to do this with docker-compose already, please let me know. If that is not the case, you could add an env that configures this, however I'm not sure how to implement it myself.

The README states 'open-source' but the license clearly states The Business Source License is not an Open Source license.

I tried to upload the site through GitHub Actions, but it fails with an error.
This error occurs during the publish phase and everything else goes well.

✅ Set up job
✅ Run actions
✅ checkout@v2
✅ Run actions
✅ setup-node@v1
❌ publish
✅ Post Run actions/checkout@v2
✅ Complete Job

From what I have looked at, it is already defined as maxBodyLength: Infinity in the meli-cli/src/commons/axios/axios.ts file, so I don't know which part is the problem.
And there doesn't seem to be an option available for maxBodyLength other than token, site, url, directory, release, branch, so am I missing something?

Please refer to my failure log.

Run npx @getmeli/cli@next upload \
npx: installed 84 in 4.616s

 Meli CLI v1.0.0-next.4 - 2020-12-04T16:24:43.261Z - dfa044bbd899b53cfe0d965c077c88ad2779577c

fv-az281-686 2543 2021-01-15T12:20:36.369Z info  meli.cli:upload Compressing files from ./.... 
fv-az281-686 2543 2021-01-15T12:20:39.484Z info  meli.cli:upload Uploading release to https://xxx.yyy.zzz... 
Error: r]: Request body larger than maxBodyLength limit
    at /home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/build/index.js:2:1911
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at Object.t.uploadArchive (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/build/index.js:2:6541)
    at Object.t.upload (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/build/index.js:2:4281) {
  error: Error [ERR_FR_MAX_BODY_LENGTH_EXCEEDED]: Request body larger than maxBodyLength limit
      at RedirectableRequest.write (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/node_modules/follow-redirects/index.js:96:24)
      at FormData.ondata (internal/streams/legacy.js:19:31)
      at FormData.emit (events.js:314:20)
      at FormData.CombinedStream.write (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/node_modules/combined-stream/lib/combined_stream.js:138:8)
      at DelayedStream.ondata (internal/streams/legacy.js:19:31)
      at DelayedStream.emit (events.js:314:20)
      at DelayedStream._handleEmit (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/node_modules/delayed-stream/lib/delayed_stream.js:82:15)
      at ReadStream.source.emit (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/node_modules/delayed-stream/lib/delayed_stream.js:29:19)
      at addChunk (_stream_readable.js:297:12)
      at readableAddChunk (_stream_readable.js:272:9)
  Error: Thrown at:
      at /home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/build/index.js:2:1807
      at Object.t.uploadArchive (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/build/index.js:2:6541)
      at Object.t.upload (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/build/index.js:2:4281) {
    config: {
      url: 'https://xxx.yyy.zzz/api/v1/sites/$Site_ID/releases',
      method: 'post',
      data: [FormData],
      headers: [Object],
      transformRequest: [Array],
      transformResponse: [Array],
      timeout: 0,
      adapter: [Function: httpAdapter],
      xsrfCookieName: 'XSRF-TOKEN',
      xsrfHeaderName: 'X-XSRF-TOKEN',
      maxContentLength: -1,
      maxBodyLength: -1,
      validateStatus: [Function: validateStatus],
      errorContext: Error: Thrown at:
          at /home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/build/index.js:2:1807
          at Object.t.uploadArchive (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/build/index.js:2:6541)
          at Object.t.upload (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/build/index.js:2:4281)
    },
    request: Writable {
      _writableState: [WritableState],
      writable: true,
      _events: [Object: null prototype],
      _eventsCount: 2,
      _maxListeners: undefined,
      _options: [Object],
      _ended: false,
      _ending: false,
      _redirectCount: 0,
      _redirects: [],
      _requestBodyLength: 10420464,
      _requestBodyBuffers: [Array],
      _onNativeResponse: [Function],
      _currentRequest: [ClientRequest],
      _currentUrl: 'https://xxx.yyy.zzz/api/v1/sites/$Site_ID/releases',
      [Symbol(kCapture)]: false
    },
    response: undefined,
    isAxiosError: true,
    toJSON: [Function: toJSON]
  }
}
{
  "errorObject": {
    "message": "Request body larger than maxBodyLength limit",
    "name": "Error [ERR_FR_MAX_BODY_LENGTH_EXCEEDED]",
    "stack": "Error [ERR_FR_MAX_BODY_LENGTH_EXCEEDED]: Request body larger than maxBodyLength limit\n    at RedirectableRequest.write (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/node_modules/follow-redirects/index.js:96:24)\n    at FormData.ondata (internal/streams/legacy.js:19:31)\n    at FormData.emit (events.js:314:20)\n    at FormData.CombinedStream.write (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/node_modules/combined-stream/lib/combined_stream.js:138:8)\n    at DelayedStream.ondata (internal/streams/legacy.js:19:31)\n    at DelayedStream.emit (events.js:314:20)\n    at DelayedStream._handleEmit (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/node_modules/delayed-stream/lib/delayed_stream.js:82:15)\n    at ReadStream.source.emit (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/node_modules/delayed-stream/lib/delayed_stream.js:29:19)\n    at addChunk (_stream_readable.js:297:12)\n    at readableAddChunk (_stream_readable.js:272:9)\nError: Thrown at:\n    at /home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/build/index.js:2:1807\n    at Object.t.uploadArchive (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/build/index.js:2:6541)\n    at Object.t.upload (/home/runner/.npm/_npx/2543/lib/node_modules/@getmeli/cli/build/index.js:2:4281)",
    "config": {
      "url": "https://xxx.yyy.zzz/api/v1/sites/$Site_ID/releases",
      "method": "post",
      "data": {
        "_overheadLength": 455,
        "_valueLength": 47,
        "_valuesToMeasure": [
          {
            "_readableState": {
              "objectMode": false,
              "highWaterMark": 65536,
              "buffer": {
                "head": null,
                "tail": null,
                "length": 0
              },
              "length": 0,
              "pipes": null,
              "pipesCount": 0,
              "flowing": true,
              "ended": false,
              "endEmitted": false,
              "reading": true,
              "sync": false,
              "needReadable": true,
              "emittedReadable": false,
              "readableListening": false,
              "resumeScheduled": false,
              "emitClose": false,
              "autoDestroy": false,
              "destroyed": false,
              "defaultEncoding": "utf8",
              "awaitDrainWriters": null,
              "multiAwaitDrain": false,
              "readingMore": false,
              "decoder": null,
              "encoding": null
            },
            "readable": true,
            "_events": {},
            "_eventsCount": 3,
            "path": "/tmp/$Site_ID-ccde4f0c22904be8dc984f6b2004266bd01625be-undefined.tar.gz",
            "fd": 21,
            "flags": "r",
            "mode": 438,
            "end": null,
            "autoClose": true,
            "bytesRead": 10485760,
            "closed": false
          }
        ],
        "writable": true,
        "readable": true,
        "dataSize": 0,
        "maxDataSize": 2097152,
        "pauseStreams": true,
        "_released": true,
        "_streams": [
          null,
          "----------------------------036290788713385731011627\r\nContent-Disposition: form-data; name=\"release\"\r\n\r\n",
          "ccde4f0c22904be8dc984f6b2004266bd01625be",
          null,
          "----------------------------036290788713385731011627\r\nContent-Disposition: form-data; name=\"branches\"\r\n\r\n",
          "develop",
          null
        ],
        "_currentStream": {
          "source": {
            "_readableState": {
              "objectMode": false,
              "highWaterMark": 65536,
              "buffer": {
                "head": null,
                "tail": null,
                "length": 0
              },
              "length": 0,
              "pipes": null,
              "pipesCount": 0,
              "flowing": true,
              "ended": false,
              "endEmitted": false,
              "reading": true,
              "sync": false,
              "needReadable": true,
              "emittedReadable": false,
              "readableListening": false,
              "resumeScheduled": false,
              "emitClose": false,
              "autoDestroy": false,
              "destroyed": false,
              "defaultEncoding": "utf8",
              "awaitDrainWriters": null,
              "multiAwaitDrain": false,
              "readingMore": false,
              "decoder": null,
              "encoding": null
            },
            "readable": true,
            "_events": {},
            "_eventsCount": 3,
            "path": "/tmp/$Site_ID-ccde4f0c22904be8dc984f6b2004266bd01625be-undefined.tar.gz",
            "fd": 21,
            "flags": "r",
            "mode": 438,
            "end": null,
            "autoClose": true,
            "bytesRead": 10485760,
            "closed": false
          },
          "dataSize": 0,
          "maxDataSize": null,
          "pauseStream": true,
          "_maxDataSizeExceeded": false,
          "_released": true,
          "_bufferedEvents": [],
          "_events": {
            "error": [
              null,
              null
            ],
            "end": [
              null,
              null
            ]
          },
          "_eventsCount": 4
        },
        "_insideLoop": false,
        "_pendingNext": false,
        "_boundary": "--------------------------036290788713385731011627",
        "_events": {
          "error": [
            null,
            null
          ]
        },
        "_eventsCount": 3
      },
      "headers": {
        "Accept": "application/json, text/plain, */*",
        "Content-Type": "multipart/form-data; boundary=--------------------------036290788713385731011627",
        "x-meli-token": "$Token",
        "User-Agent": "axios/0.21.1"
      },
      "transformRequest": [
        null
      ],
      "transformResponse": [
        null
      ],
      "timeout": 0,
      "xsrfCookieName": "XSRF-TOKEN",
      "xsrfHeaderName": "X-XSRF-TOKEN",
      "maxContentLength": -1,
      "maxBodyLength": -1,
      "errorContext": {}
    },
    "code": "ERR_FR_MAX_BODY_LENGTH_EXCEEDED"
  },
  "response": {}
}
Error: Process completed with exit code 1.

npx @getmeli/cli upload --url http://localhost:3030 --site aa27db77-c0e0-44a4-ac21-6d52934f7c60
--token aa1d1dcec5537f707d13953ea740ec2a724224ac6554076e6005252cb3610bc5 --branch master .
npx: installed 86 in 44.842s

I'm interested in using this new piece of software but I can't find the page to sign in?

The doc currently just says "sign in" under the "how it works" section.

It must be somewhere obvious and I'm too blind so see it, or is it not available yet?

I have setup DNS records (A) for project.company.io and *.project.company.io, pointing at the Meli IP.

I then added project.company.io into the "Domains" section of the site settings. This now works perfectly for project.company.io itself, pointing towards the main branch.

However, if I call branch.project.company.io, I get a ERR_SSL_PROTOCOL_ERROR, with a "no server TLS configuration available" error.

This is fixable, if I add *.project.company.io to the domains in the site settings, but I feel like this either requires some docs or should happen automatically.

(suggested by Berndinox in #205; been bugging me for a while too)

Currently, the Docker image exposes port 80. We should change this so that running Meli doesn't require root access.

We'll need to update the deployment docs.

Could we expect a production-ready npm package?

Managing a production setup manually using git / npm not only pulls lots of bloat (e.g. development tools for building the optimized version, the entire .git tree, etc.), but is also cumbersome in environment and paths management, whereas a well-setup nodejs environment can provide binaries in the path with just an npm i -g ....

As the title suggests, there's no way to define redirects for single page applications, at least none as per the documentation. This can be implemented by specifying a file with a rewrite rule.

i'd love to see a Webhook for MS Teams.

curl -H 'Content-Type: application/json' -d '{"text": "Hello World"}' <YOUR WEBHOOK URL>
MS Docs

Sorry for spamming so much... :)

This will make things easier for contributors to engage.

• merge ui repo into this repo
• update scripts, CI and Docker image
• update docs
• setup proxy for development
• remove dynamic env from frontend, fetch from backend

See background here here.

@ayush123460 you're in control 🚀

Hey, I'm just gonna keep posting issues for stuff I notice during trailing this, hope that's okay :)

In the page settings (and the branch settings) I was confused a couple of times why my changes did not persist, because I was not expecting the save button to be at the top of the page (out of the screen when scrolled down). I'd recommend either using save buttons for sections, or having a global save button at the bottom. If you're looking for inspiration, this UI is pretty similar to what you are doing

At the moment, we're mapping enum keys (kebab case) to dot-case (site_branch_headers_set = site.branch.headers.set. To keep things simple and be consistent, we'll use the same value for key and value.

It's doesn't provide exploitable error messages. Instead, use

const joi = require('joi');

const schema = joi.object({
    type: joi.string(),
  })
  .when('.type', {
    is: 'a',
    then: joi.object({
      prop: joi.string()
        .required(),
    }),
  })
  .when('.type', {
    is: 'b',
    then: joi.object({
      prop: joi.number()
        .required(),
    }),
  });

const res = schema.validate({
  type: 'b',
  prop: 'a',
});

console.log(res);

Using . before type allows having the type property at the same level as all other properties, hence not having to use a sub property for the polymorphism.

When a user authenticates, we need to store the return URL so we can restore it after sign-in. This is particularly annoying when accepting invitations into an organization.

Hi,
I set up a github action that will trigger a build process and publishes the build on my meli installation.
Whoever using the npx command:
npx @getmeli/cli upload ./build --branch [branch] --site [site] --url [url] "--token=***"

Will result in an npm error:
Cannot open assembly 'upload': No such file or directory. npm ERR! code ELIFECYCLE npm ERR! errno 2

I wrapped that command as a npm script and tested the whole process on my computer. It went through without a problem. But fails when executed in github actions.
How the runner calls the command up above:

     - name: Run build & deploy
       working-directory: ./landingpage
       run: |
         npm ci
         npm run build
         npm run meli -- --token=${{secrets.MELI_TOKEN}}

I neither found any hint solving the problem on the web nor in an old issue here.
Thanks for helping

Hello.
I installed meli on EC2(Linux 2) on AWS.
Domain setup and connection were also successful.
The problem is the next step.
When I logged in, I went to the /orgs page and clicked the ADD ORG button to create an organization.
Then an error message like Could not create org: Error: Request failed with status code 500 appeared and I couldn't move on to the next step.
How can I fix it.
I need help.

We're considering moving away from Mongo and using Postgres instead. We'd like input from the community.

We have used Mongo for many years. It offers great things such as:

• few constraints
• easy polymorphism
• almost no need for an ORM

but:

• ObjectIDs are still hard to get used to
• testing is difficult, it's complicated to setup a proper testing environment in CIs, and the ecosystem isn't that large (though we could've used Mongoose/Mockgoose)

We'd like to see how to the community sees this, so if you have any opinion, please share !

I would like to see a "delete" command added to the Meli CLI that deletes the deploy of a specific branch. In my use-case, which is deploying branches via CI as previews, each PR generates a deploy, and I would like to be able to automatically clean it up once the PR gets closed. Right now I have to head over into the UI to click the delete button.

Minor UI issue: when creating a new site or editing an existing one the sidebar doesn't reflect the changes until the page is manually refreshed.

To reproduce:

1. Create a site
2. Edit the site settings
3. Change the associated colour
4. Save the site's settings form
5. Note that the colour in the sidebar doesn't change
6. Reload the page
7. Note the the colour in the sidebar has changed

I would like to set a password on a site basis, so it gets automatically applied to all branches that get uploaded.

The use-case here is an internal documentation I would like to deploy once for master, and then automatically for each pull request - but all branches have to be protected.

An alternative would be the ability to set the password via the CLI tool during upload.

Error Message:

Run npx @getmeli/cli upload \
  npx @getmeli/cli upload \
    --url "https://meli.DOMAIN.at" \
    --site "$MELI_SITE" \
    --token "$MELI_TOKEN" \
    --release "$GITHUB_SHA" \
    ./public
  shell: /usr/bin/bash -e {0}
  env:
    MELI_SITE: ebbcef92-c923-4bfc-bdf1-605a6b275f3e
    MELI_TOKEN: ***
    GITHUB_TOKEN: ***
Cannot open assembly 'upload': No such file or directory.
Error: Process completed with exit code 2.

Github Action:

name: main
on: [ push ]
env:
  MELI_SITE: "SITEID"
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-node@v1
        with:
          node-version: "12"
      - name: "build"
        run: |
          npm install
          npm run build
      - name: "publish"
        run: |
          npx @getmeli/cli upload \
            --url "https://meli.DOMAIN.at" \
            --site "$MELI_SITE" \
            --token "$MELI_TOKEN" \
            --release "$GITHUB_SHA" \
            ./public
        env:
          MELI_TOKEN: ${{ secrets.MELI_TOKEN }}
          # Enable PR previews:
          # uses the default GITHUB_TOKEN set by Github Actions
          # https://docs.github.com/en/actions/reference/authentication-in-a-workflow#about-the-github_token-secret
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

We've started increasing test coverage of Meli in order to stabilize the current implementation. If you're interested to help, just pick an endpoint and go for it.

At the moment, we're testing guards and API endpoints while the Caddy configuration is being refactored by @pimartin.

Any input welcome.

At the moment it seems like there is no cache-control header set and the resources are served with no compression (gzip, brotli).

It would be great if Meli had some sane defaults, much like Netlify does, which would make serving static files even more efficient. Then ideally there would be some settings to configure cache headers on a site-by-site basis within the UI (or a config file like Netlify uses).

Netlify set a cache-control header like this:

cache-control: public, max-age=0, must-revalidate

They say that it makes the browser re-check for changes each time but against the etag to see if anything has changed. Supposedly this is very efficient with HTTP2. From what I can tell without a cache-control header my browser is caching the resources served by Meli and when I update the branch with a new release I got inconsistent results. One time I reloaded the page and the css file I'd changed didn't update, then on other releases it did update. Without further testing its hard to say whether setting a cache-control would provide the consistency or hurt performance.

It would be good to see resources gzipped on-the-fly with Caddy, I believe this is the directive: https://caddyserver.com/docs/caddyfile/directives/encode

Thanks for your efforts!

Description

I ran DeepSource Static Code Analysis upon the Project, the results for which are available here.

The Static Code Analysis Tool found potential bugs and anti-patterns in the Code, that can be detrimental at a later point of time with respect to the Project. DeepSource helps you to automatically find and fix issues in your code during code reviews. This tool looks for anti-patterns, bug risks, performance problems, and raises issues.

Some of the notable issues are:

• Instances of child_process and non-literal exec() here
• Use of require statements except in import statements here
• rest parameters used instead of arguments here
• Using String Concatenation instead of template literals here

There are plenty of other issues in relation to Bug Discovery and Anti-Patterns which you would be interested to take a look at.

I ran into another issue trying to set up Meli via the newest Docker image. I keep getting the following error:

{"level":"debug","ts":1607999698.0814688,"logger":"http.stdlib","msg":"http: TLS handshake error from <my ip redacted>:63030: no server TLS configuration available for ClientHello: &{CipherSuites:[31354 4865 4866 4867 49195 49199 49
196 49200 52393 52392 49171 49172 156 157 47 53] ServerName:palette.meli.devoxa.io SupportedCurves:[CurveID(19018) X2551
9 CurveP256 CurveP384] SupportedPoints:[0] SignatureSchemes:[ECDSAWithP256AndSHA256 PSSWithSHA256 PKCS1WithSHA256 ECDSAW
ithP384AndSHA384 PSSWithSHA384 PKCS1WithSHA384 PSSWithSHA512 PKCS1WithSHA512] SupportedProtos:[h2 http/1.1] SupportedVer
sions:[14906 772 771 770 769] Conn:0xc00085a8c8 config:0xc000537800}"}

It looks like this might be the cause, but I am not sure caddyserver/caddy#3004 - it did work just fine with the version of a couple of days ago. I have since set up Meli from Scratch and it has not fixed the issue.

Hi guys,

I had to reorder the arguments in the upload command for it to work. Using it as stated in your docs it failed.

The working form was:

npx @getmeli/cli upload \
    ./public \
    --url https://myurl.tld \
    --site mysiteid \
    --token sometoken \
    --branch "master"

Note the folder was moved and put before the rest of the arguments. Error was: Not enough non-option arguments: got 0, need at least 1

Cheers and thanks for such a great tool.