As a developer,
I want to use existing fragments and code for extension creation,
so that I can make use of previous efforts

Description

Creation of extensions shall allow the reuse of existing fragments and code to speed up development.

Reasons for reuse:

1. Copy code from another project
2. Use existing code already in project in case of delete/re-create, undo/redo, today only start from scratch is possible as existing code will be cleared and overwritten
3. Support cases where multiple extension need to share a single fragment or code (e.g. V2 custom columns)

Technical Design

What modules need to be created or enhanced?
How would the functionality be exposed and how can it be consumed?

Acceptance Criteria

GivenWhenThen format (https://martinfowler.com/bliki/GivenWhenThen.html)

Given I have a ready code snippet / fragment
when I create a new extension
then I can use these existing artifacts or let a fresh one being created

Notes

@stefanschreck @tobiasqueck

Tasks

• Unit Tests added
• Test Cases defined

Feature Request Description

the current ui5-application holds ES5 templates.
given that IE11 isn't a thing any more :), there's the opportunity to move to ES6 syntax - or even to TS and incorporate (and potentially substitute) the UI5 typescript capabilites (see https://github.com/ui5-community/generator-ui5-ts-app/tree/main/generators/app/templates)

Priority

• Low
• Medium
• High
• Very High

These UI5 scaffolding tools should always contain latest best practices in UI5 dev and transport new capabilities into the wild for scaffolding time - moving to either a more modern JS syntax or even to TS entirely falls into that category.

Another option would be to offer both syntaxes at scaffolding time:

• ES6 for those dev efforts that don't want a TS compile abstraction in the dev proces
• TS for those going all-in

Description

A clear description of what the bug is.

Steps to Reproduce

Steps to reproduce the behavior:

1. Go to the root of the project
2. Execute pnpm audit
3. See the listed vulnerabilities

Expected results

No known vulnerabilities found

Actual results

5 vulnerabilities found
Severity: 4 moderate | 1 critical

Solution

• identify dependencies that cause these vulnerabilities and try upgrading them
• if not all dependencies can be removed with upgrades, define overrides in the root package.json
• document overrides

As a tools developer,
I want to reuse the proxy functionality that is today only available in the @sap/ux-ui5-tooling,
so that I can benefit from it in more different setups.

Description

The idea of the feature request is to publish the core functionality of the fiori-tools-proxy so that it can be used in other setups as well e.g. using parts of the functionality also in a CAP project. Furthermore, a proxy middleware needs to handle lots of different setups e.g. handle different flavors of corporate proxies, therefore, publishing the sources and allowing developers that have setups in which the fiori-tools-proxy doesn't work, to inspect and maybe even contribute to it, will help the overall quality of the proxy.
Lastly, allowing to inspect the sources creates trust into the fiori-tools-proxy since a proxy middleware might actually handle sensitive data.

Technical Design

@sap-ux/ui5-proxy-middleware

• an npm module exposing an express router that can be used independent of the UI5 CLI but also a configuration to use it as-is with the UI5 CLi
• allow to load UI5 from any http(s) url
• allow selective filtering of what modules are actually loaded from where
• [to-be-evaluated]: allow loading UI5 sources from local folders
• [to-be-evaluated]: exposing advanced settings for the underlying proxy module

@sap-ux/backend-proxy-middlware

• an npm module exposing an express router that can be used independent of the UI5 CLI but also a configuration to use it as-is with the UI5 CLI
• [to-be-evaluated]: exposing advanced settings for the underlying proxy module

(SAP) @sap/ux-ui5-tooling

• include the extracted express routers into the fiori-tools-proxy and keep the existing API as-is so that there are no disruptions for existing users

Acceptance Criteria

GivenWhenThen format (https://martinfowler.com/bliki/GivenWhenThen.html)

Given I have only the need to proxy UI5 sources
when I add the new extracted ui5 proxy module to my project
then I can do that by adding it to the ui5.yaml

Given I have an issue with fiori-tools-proxy
when I look at the open-ux-tools repository
then I can understand exactly how the proxying works.

Given I have specific needs for the proxy middleware
when I use and enhance the published proxy modules
then I can build my own middleware

Notes

Tasks

• (SAP) Extract the UI5 proxy functionality from the fiori-tools-proxy into a new module
• Enhance the extracted UI5 proxy and make it more flexible for known use cases
• (SAP) Extract the backend proxy functionality from the fiori-tools-proxy into a new module
• Unit Tests added

Vulnerabilities

DepShield reports that this application's usage of debug:2.6.9 results in the following vulnerability(s):

• (CVSS 7.5) CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')

Occurrences

debug:2.6.9 is a transitive dependency introduced by the following direct dependency(s):

• eslint-plugin-import:2.24.2
        └─ debug:2.6.9

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Not a real issue

As a developer, I want to develop and test my modules using the central infrastructure for CI/CD pipeline, so that I can have my pull requests validated.

Description:

• Establish CI/CD pipeline for development and testing
• Test, evaluate and document the considerations for the publicly available CI/CD services which will be utilized

Acceptance Criteria:

• Every commit pushed to a pr should build and run test scripts
• Test should cover all the packages in the repository

Vulnerabilities

DepShield reports that this application's usage of lodash.memoize:4.1.2 results in the following vulnerability(s):

• (CVSS 7.4) CWE-471: Modification of Assumed-Immutable Data (MAID)
• (CVSS 6.5) [CVE-2018-3721] lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutabl...

Occurrences

lodash.memoize:4.1.2 is a transitive dependency introduced by the following direct dependency(s):

• ts-jest:27.0.7
        └─ lodash.memoize:4.1.2

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Bug Description

A number of ui5-config module functions will throw uncaught exceptions if the path is null or undefined.

Expected Behavior

Should set to '/' in this case. Although perhaps this is would be an invalid service definition and we should throw a specific error and log, as path is a required property. In addition destination and destinationInstance are being written as 'undefined' rather than being omitted.

Context

• OS/Platform: {...}
• Browser: {...}
• Affected component: {...}

Priority

• Low
• Medium
• High
• Very High

Note: The priority might be re-evaluated by the issue processor.

Stakeholder Info (if applicable)

• Organisation: SAP tools-suite
• Business impact: Integration

Bug Description

The template file Component.js contains a handlebar template property instead of ejs.

https://github.com/SAP/open-ux-tools/blob/main/packages/fiori-freestyle-writer/templates/worklist/add/webapp/Component.js#L17

Expected Behavior

Templates use ejs only.

### **Priority**
- [ ] Low
- [x] Medium
- [ ] High
- [ ] Very High

Feature Request Description

As a developer, I want to enable static code analysis and scan code for secrets, so that the code meets the required security standards.

Proposed Solution

GitHub's security features include static code analysis using the CodeQL scanning engine and can be added to the CI/CD workflow on any code that is pushed to the main branch or in a pull request. There is also a feature to scan for secrets that can be enabled in the repo.

@theStiggySpd, @donal-tobin-sap, @tobiasqueck, @devinea, @ullasholla

Bug Description

dependabot only creates PR's to update dependencies in the root package.json
Per https://github.com/SAP/open-ux-tools/blob/main/.github/dependabot.yml#L9

Expected Behavior

dependabot should create PR's to update dependencies in the all module package.json's

Steps to Reproduce

n/a

Context

n/a

Log Output / Stack Trace / Screenshots

n/a

Priority

• Low
• Medium
• High
• Very High

The priority indicates the severity of the issue. To set the appropriate priority consider the following criteria:

• Breaks entire application or system - High or Very High
• Accessibility issue - Medium or High
• Functional issue - Medium or High
• Visual issue - Low or Medium

Note: The priority might be re-evaluated by the issue processor.

Stakeholder Info (if applicable)

• Organization: {...}
• Business impact: {...}

As a developer of tools,
I want to be able to reuse the Fiori elements templates,
so that I can build tools that generate state of the art projects.

Description

The FIori elements templates are currently part of the application generator and cannot be reused by external tools developers e.g. as part of the easyUI5 project. By publishing the templates, we enable these other projects to also generate Fiori elements projects while ensuring the correctness of the generated files.
Furthermore, by publishing the templates we empower the community to improve the existing templates.

Technical Design

• encapsulate templates into a template module with a well defined interface exposing a method to generate a Fiori elements project
• ensuring that common files are not duplicated within the template

Acceptance Criteria

GivenWhenThen format (https://martinfowler.com/bliki/GivenWhenThen.html)

Given I have tools project
when I want to add the generation of Fiori elements projects
then I can easily integrate the Fiori elements templates

Given I have integrated the Fiori elements templates
when I call in my tools with the required input
then I can be assured that the generated project is a valid Fiori elements project

Notes

Tasks

• Extract code from the Fiori tools
• remove duplicates
• validate with Fiori elements experts that the templates are up-to-date
• Unit Tests added
• Test Cases defined

Bug Description

Pass sap-client in to getFioriToolsProxyMiddlewareConfig so it is written to the ui5.yaml files
Noted in #127

Expected Behavior

A clear and concise description of what you expect to happen.

Steps to Reproduce

1. Go to '...'
2. ...
3. ...

Context

• OS/Platform: {...}
• Browser: {...}
• Affected component: {...}

Log Output / Stack Trace / Screenshots

{...}

Priority

• Low
• Medium
• High
• Very High

The priority indicates the severity of the issue. To set the appropriate priority consider the following criteria:

• Breaks entire application or system - High or Very High
• Accessibility issue - Medium or High
• Functional issue - Medium or High
• Visual issue - Low or Medium

Note: The priority might be re-evaluated by the issue processor.

Stakeholder Info (if applicable)

• Organization: {...}
• Business impact: {...}

As a developer,
I want to create a basic Fiori freestyle application that follows UI5 best practices,
so that I can use it as a starting point for application developmnent.

Description

Reported by @lboehm at ui5-community/generator-ui5-project#21 and affecting the fiori-freestyle-writer:

I've created a sample repo with different branches. For each scenario I've created an PR inside my sample repo, so you can check what I've changed.

The master branch is just an app that was generated with easy-ui5.

The new-structure-initial branch is my proposal how easy-ui5 should generate an initial app.

You can view the changes in this pull request. It's really not that much.
And when easy-ui5 is generating apps as I propose, you may wonder what easy-ui5 would have to generate to add new views to an existing project. The new-structure-detail-view branch shows exactly that.

You can view the changes in this pull request. (Nevermind the formatter.js, I should update easy-ui5 as vobu provided a fix for that already 😃)
Basically it's no difference to what easy-ui5 generates today. Just the structure of the newly generated view should be different, because we don't need the tag (see line 4 in the DetailView file)

from ui5-community/generator-ui5-project#21 (comment)

Technical Design

For worklist and listdetail we already use the app-view -> page-view concept, therefore, also using it for the basic app makes a lot of sense purely from a consistency perspective even if it makes the basic app slightly more complex.

@petermuessig also approved this change at ui5-community/generator-ui5-project#21 (comment)

Acceptance Criteria

GivenWhenThen format (https://martinfowler.com/bliki/GivenWhenThen.html)

Given I have a an empty folder
when I execute the fiori-freestyle-writer and choose the basic template
then the new structure with an application and main view is generated.

Notes

Tasks

• Modify the templates and the generation code
• Modify test snapshots to match the new structure
• Notify the Fiori tools team so that they can integrate the new version into the Fiori generator

Feature Request Description

Follow on from #64
Tests have duplication in set-up and tear down of test-output dirs. This should move to a common place.
Also for run when UX_DEBUG=false the output directory should not be deleted.
Instead a mem-fs delete() of the output directory should be performed instead. This needs to be per test rather than a before all as each test has a new mem-fs object.

Proposed Solution

A clear and concise description of the solution you would like to have.

Proposed Alternatives

A clear and concise description of any alternative solutions or features you've considered.

Additional Context

Add other context or screenshots related to the feature request here.

Priority

• Low
• Medium
• High
• Very High

A clear and concise description of the impact/urgency of the required feature.

Stakeholder Info (if applicable)

• Organization: {...}
• Business impact: {...}

This issue was generated by the SAP Repository Linter. It checks repositories for their compliance with the SAP open source project guidelines. As an SAP employee you can see further details at https://wiki.wdf.sap.corp/wiki/display/ospodocs/Repository+Linter+Findings#RepositoryLinterFindings-Readme(rl-readme_file-XX)

As a developer,
I would like to get the boilerplate code for OPA5 tests generated into my UI5 projects,
so that it is easier for me to get started with testing.

Description

The main goal is to have a base template containing the boilerplate coding for UI5 projects, so that it can be integrated into other more complex templates for new projects e.g. fiori-freestyle and fiori-elements but also to be reused by others. Furthermore, it should be possible to add OPA tests to existing projects.
The template needs to contain all common files/changes and should allow to easily extend the generated content with project specific additions, therefore, it is also part of this feature request to integrate the new template into the fiori-freestyle templates.

Technical Design

• separate module containing the templates for OPA5 test execution
• expose a generate method similar to other templates
• add the new module as dependency to the fiori-freestyle templates and integrate it
• after executing it from the fiori-freestyle flow add the freestyle specific test templates

Acceptance Criteria

Given I have an existing UI5 application project without OPA5 tests
when I execute this new template in the project folder
then I have all boilerplate coding for OPA5 testing in the project

Given I have an existing UI5 application WITH OPA5 tests
when I execute this new template in the project folder
then nothing will be added.

Given I have an empty folder
when I generate a Fiori freestyle application into the folder
then I have a Fiori freestyle projects with a minimal executable OPA5 test

Tasks

• align API with experts from easy-ui5, Fiori tools - Application generator and Guided development
• Create (and implement) template project for OPA5
• Integrate new template into fiori-freestyle template
• Enhance fiori-freestyle template to have one useful OPA5 test per template
• Unit Tests added
• Test Cases defined

Bug Description

The mockserver config was inadvertantly moved to athe end of the ui5-local.yaml and ui5-mock.yamls.

Expected Behavior

The config appears in its previous position.

Steps to Reproduce

1. Go to '...'
2. ...
3. ...

Context

• OS/Platform: {...}
• Browser: {...}
• Affected component: {...}

Log Output / Stack Trace / Screenshots

{...}

Priority

• Low
• Medium
• High
• Very High

The priority indicates the severity of the issue. To set the appropriate priority consider the following criteria:

• Breaks entire application or system - High or Very High
• Accessibility issue - Medium or High
• Functional issue - Medium or High
• Visual issue - Low or Medium

Note: The priority might be re-evaluated by the issue processor.

Stakeholder Info (if applicable)

• Organization: {...}
• Business impact: {...}

Description

The issue was initially reported at https://answers.sap.com/questions/13461279/ui5-project-shims-not-working.html?childToView=13479438.

When a service is added using the odata-service template. the fiori-tools-proxy middleware is added to the ui5.yaml

server:
  customMiddleware:
  - name: fiori-tools-proxy
    afterMiddleware: compression
    configuration:
# ...
      ui5:
        path:
        - /resources # <-- this line makes the proxy intercept everything with the prefix /resources
        - /test-resources
        url: https://ui5.sap.com
        version:  # The UI5 version, for instance, 1.78.1. Empty means latest version

If a developer then wants to using the shimming functionality and adds a configuration like

specVersion: '2.1'
kind: extension
type: project-shim
metadata:
  name: thirdparty # this can be your project shim name
shims:
  configurations:
    lodash: # name as defined in package.json
      specVersion: '2.1'
      type: module # Use module type
      metadata:
        name: lodash
      resources:
        configuration:
          paths:
            /resources/thirdparty/lodash/: ''  # never getting here because the proxy intercepts it before

It doesn't work because the shimming capability requires resources not to be generically proxied, as it relies on a subdir of resources to make the npm module available at runtime.

Steps to Reproduce

Steps to reproduce the behavior:

1. Run the tests in the fiori-freestyle template
2. Enhance the one of the generated projects in the test-output folders with the shim configuration above
3. Try reaching any file in /resources/thirdparty/lodash
4. See 404 not found error

Expected results

Actual file is returned.

Actual results

404

Screenshots

-n/a-

Version/Components/Environment

Add any other context about the problem here
OS:

• Mac OS
• Windows
• Other

Root Cause Analysis

Problem

See description

Fix

Different options

1. Change the generated ui5.yaml to only proxy requests start with sap

ui5:
  path:
    - /resources/sap*

2. Leave the template as-is and report the issue to the fiori-tools-proxy team
3. Leave it as is and document that users that require shimming have to change the default settings

Why was it missed

This feature is not covered in a test case.

How can we avoid this

Create a test case covering it.

pinging @petermuessig @tobiasqueck as FYI

Description (include screenshots)

The common module has no dedicated use case and becomes a grouping of code that doesn't fit anywhere but is partially needed in many cases. This looks like an implementation of the Swiss Army Knife (aka Kitchen Sink, God Object) anti-pattern.
Let' have a closer look at the contained code and better understand where it is actually required and if it is possible to move it into a or multiple modules.

Value

Better structured and logically encapsulated code usually resulting in better maintainability.

Architecture Elaboration

This ticket is to be used for an architectural discussion

Notes

Tasks

• Architectural discussion
• Remove common module (can already be merged so that the tasks doesn't block other activities #122
• Fine tuning and removal of unnecessary code

Description (include screenshots)

Could using https://sonarcloud.io/ help us improve code quality?

Value

Being able to continuously watch code quality helps keeping the code base maintainable.

Architecture Elaboration

Not really, but a technical investigation.

Tasks

• Investigate
• Try
• Finalize :)

This issue was generated by the SAP Repository Linter. It checks repositories for their compliance with the SAP open source project guidelines. As an SAP employee you can see further details at https://wiki.wdf.sap.corp/wiki/display/ospodocs/Repository+Linter+Findings#RepositoryLinterFindings-ReuseTool(rl-reuse_tool-XX)

Description (include screenshots)

The odata-client is a module that is reused by many other released modules of the Fiori tools e.g. the application generator or the deployment tooling. The module abstracts and simplifies accessing an OData service (v2 and v4) in a node application. In addition, it also allows access to a secure storage as well as implementing different authentication mechanisms.
The goal of this TBI is to expose this functionality to others as well that want to build tools around OData based SAP applications. While moving it into the public space, it is required to revisit its structure allowing consumers to only use the needed functionality e.g. secure storage access or odata request abstraction instead of always requiring the full module with all its dependencies.

Value

• other tools can utilize the odata-client functionality which is required when prompting and validating the input for integrating an odata service into a project
  • prerequisite for publishing the prompting for Fiori elements application generators
• more modular structure simplifies the integration into other modules
• improved maintainability due to the more modular structure

Architecture Elaboration

To be discussed with @ullasholla
Thoughts:

• the odata-client contains three different functionalities:
  • client: abstraction of odata requests
  • connection: connection handling in SAP Business Application Studio or VSCode, with basic auth or OAuth (and SAML)
  • systems: managing systems and credentials allowing them to be reused for different projects
• all three should be in separate modules, ideally independent of each other, so that the integrating module can pick and choose

Notes

Tasks

• (internal): extract odata-client from Fiori tools mono repo
• (internal): remove test/sample coding containing SAP internal information
• create branch(es) with skeleton draft of required modules
• review (& refactor if needed) all functionality required for client/connection handling
• review (& refactor if needed) all functionality required for storing and using credentials

Bug Description

Mock server config is missing from ui5-local.yaml.

Expected Behavior

Mock server config is included, by default, in ui5-local.yaml.

Steps to Reproduce

Generate an FF app. Mock server config is missing from ui5-local.yaml.

Context

• OS/Platform: *
• Browser: *
• Affected component: @sap-ux/odata-service

Priority

• Low
• Medium
• High
• Very High

Note: The priority might be re-evaluated by the issue processor.

Description (include screenshots)

With the release of the initial 0.x versions of our writers we have ensured that the public APIs are sound and that the modules are functionally correct. However, we left some room for improvements of inner implementations. This TBI is to track some of the things that should be fixed before the repository grows with further modules.

Value

Improve maintainability by consolidating and aligned the implementations of the existing modules

Architecture Elaboration

• TBD: common i18n approach
• TBD: central ui5 types collection

Notes

@devinea this is the follow up to some of the comments from your review for #39

Tasks

• All modules use the webapp folder as a hardcoded folder name containing the UI5 application. This assumption does not always have to be fulfilled, therefore, the code, especially of the odata-service-writer and the fe-fpm-writer need to be adapted to be more flexible
• Thrown errors are sometimes but not always internationalized in our modules. We need to consistently internationalize all strings that are possibly visible to an end-user
• define the types required to work with a manifest.json in one place and use it across modules
• consolidate the mem-fs versions across module and make sure that the version is compatible with the yeoman-environment version used by our consumers @sap/generator-fiori and generator-easy-ui5

Description (include screenshots)

Improve quality of the generated projects. Add missing JSDoc and fix eslint warnings/errors on each floorplan.
Follow on from #254

Value

Optional - details on how this technical backlog item provides value to end-users or dev team eg. Performance, Quality, Maintainability. This will help determine the ranking in relation to feature development

Architecture Elaboration

Does it requires architecture elaboration?

Notes

Tasks

• Add test for each floor plan with eslint and code assist enabled.
• Add missing JSDocs
• Fix eslint issues.

FYI @tobiasqueck

As a developer,
I want to generate Fiori freestyle project with more flexibility,
so that I can choose my own view names or select the source of UI5

Description

When @vobu tried integrating the fiori-freestyle template into the easy-ui5 following features were not possible to be set:

1. Configure a custom view/controller name instead of the currently hardcoded name
2. Configure the target url that is used to load UI5 in the preview
3. Generate a project using OpenUI5 instead of SAPUI5.

Technical Design

Coming up with a technical design that works with both @sap/generator-fiori as well as with easy-ui5 needs to be evaluated.

Acceptance Criteria

GivenWhenThen format (https://martinfowler.com/bliki/GivenWhenThen.html)

Given I am using easy-ui5
when I execute the newly integrated fiori-freestyle templates
then I will be able to define my custom view name.

Given I am using easy-ui5
when I execute the newly integrated fiori-freestyle templates
then I will be able to use OpenUI5 loaded from a custom location.

Given I am using @sap/generator-fiori
when I generate a Fiori freestyle project
then I want it to behave as today without requiring me to enter more information.

Notes

none

Tasks

• Discuss an extension of the API with experts from both @sap/generator-fiori as well as with easy-ui5
• Implement the agreed API extension
• Experts from both @sap/generator-fiori as well as with easy-ui5 verify the implementation
• Unit Tests added
• Test Cases defined

Description (include screenshots)

The ui5-application-writer is currently using constant values when setting the latest UI5 version. That information could/should be dynamically queried maybe from ui5.sap.com.
Furthermore, we are using the CND version of UI5 as a fallback for a local version. This could be improved by querying the information from npmjs.com.

Value

New releases of UI5 will not require an update of the ui5-application-writer anymore.

Architecture Elaboration

TBD as part of this issue.

Notes

none

Tasks

• Evaluate different options
• ...

Bug Description

Generating an app with the eslint option enabled will add the eslint task. However the required dependency is missing.

C02DN2UXMD6T:test i057546$ npm run lint

> [email protected] lint /Users/i057546/dev/test-yo/test
> eslint ./ --rulesdir ./node_modules/eslint-plugin-fiori-custom/lib/rules/


Oops! Something went wrong! :(

ESLint: 7.32.0

Error: ENOENT: no such file or directory, scandir '/Users/i057546/dev/test-yo/test/node_modules/eslint-plugin-fiori-custom/lib/rules'

Expected Behavior

The lint tasks executes successfully

Priority

• Low
• Medium
• High
• Very High

Bug Description

Attempting to generate an FF application without specifying an odata service url throws an exception. A default path should be specified, to allow generation to continue.

Expected Behavior

It does not throw and the generated output is valid. This supports a local only scenario where a metadata json is specified as part of the service definition. Consumers should be able to omit this as the path value is not required to generate a valid application.

Context

• OS/Platform: {...}
• Browser: {...}
• Affected component: {...}

Priority

• Low
• Medium
• High
• Very High

Bug Description

Mock server middleware is written even if no metadata provided

This loc https://github.com/SAP/open-ux-tools/blob/main/packages/odata-service-writer/src/index.ts#L94
should be here:
https://github.com/SAP/open-ux-tools/blob/main/packages/odata-service-writer/src/index.ts#L99

Expected Behavior

No mockserver middleware written if no metadata provided

Steps to Reproduce

1. Go to '...'
2. ...
3. ...

Context

• OS/Platform: {...}
• Browser: {...}
• Affected component: {...}

Log Output / Stack Trace / Screenshots

{...}

Priority

• Low
• Medium
• High
• Very High

The priority indicates the severity of the issue. To set the appropriate priority consider the following criteria:

• Breaks entire application or system - High or Very High
• Accessibility issue - Medium or High
• Functional issue - Medium or High
• Visual issue - Low or Medium

Note: The priority might be re-evaluated by the issue processor.

Stakeholder Info (if applicable)

• Organization: {...}
• Business impact: {...}

Issue Description

I would like to contribute to this repo and I don't know how to debug the code. I've read the Contributing section but I can't find an answer there.

I had the same issue with easy-ui5 and Marius provided some info, so I could create pull requests. It would be great if this repo had some similar documentation.

Issue Type

• Documentation is unclear
• Documentation is incorrect
• Documentation is missing
• Other

Thank you and best regards
Lukas

A violation against the OSS Rules of Play has been detected.

Rule ID: rl-vulnerability_alerts-1
Explanation: Are vulnerability alerts enabled? No

Find more information at: https://sap.github.io/fosstars-rating-core/oss_rules_of_play_rating.html

Bug Description

UI5 theme is not written to bootstrap scripts. Dark theme is not handled correctly (post-fix '_dark' should be removed)

Expected Behavior

Passed theme name should be used in outputs.
Dark theme should be loaded from non-dark theme libs.

Context

• OS/Platform: {...}
• Browser: {...}
• Affected component: {...}

Log Output / Stack Trace / Screenshots

{...}

Priority

• Low
• Medium
• High
• Very High

The priority indicates the severity of the issue. To set the appropriate priority consider the following criteria:

• Breaks entire application or system - High or Very High
• Accessibility issue - Medium or High
• Functional issue - Medium or High
• Visual issue - Low or Medium

Note: The priority might be re-evaluated by the issue processor.

Stakeholder Info (if applicable)

• Organization: {...}
• Business impact: {...}

Bug Description

Setting the client of the service type omits the 'sap-client' query param key from the package.json tasks.

Expected Behavior

The correctly formed tasks are output as so :

{
...
              "start": "fiori run --open 'test/flpSandbox.html?sap-client=100#testApp-tile'",
              "start-local": "fiori run --config ./ui5-local.yaml --open 'test/flpSandbox.html?sap-client=100#testApp-tile'",
              "start-mock": "fiori run --config ui5-mock.yaml --open 'test/flpSandbox.html?sap-client=100#testApp-tile'",
              "start-noflp": "fiori run --open 'index.html?sap-client=100'",
...
}

Steps to Reproduce

Generate a Fiori Freestyle app setting the service.client value.

Context

• OS/Platform: {*}
• Browser: {*}
• Affected component: fiori-freestyle, common

Priority

• Low
• Medium
• High
• Very High

The priority indicates the severity of the issue. To set the appropriate priority consider the following criteria:

• Breaks entire application or system - High or Very High
• Accessibility issue - Medium or High
• Functional issue - Medium or High
• Visual issue - Low or Medium

Note: The priority might be re-evaluated by the issue processor.

The various writers in the repo don't log any sort of information yet. Logs can be helpful to the end user during normal usage as well as for troubleshooting.
Things to consider:

• good default log levels
• support for various levels of log verbosity

There should be generic support for logging and helpful messages should be logged. That's one dimension that can used to dice the work.

Priority

• Low
• Medium
• High
• Very High

This issue was generated by the SAP Repository Linter. It checks repositories for their compliance with the SAP open source project guidelines. As an SAP employee you can see further details at https://wiki.wdf.sap.corp/wiki/display/ospodocs/Repository+Linter+Findings#RepositoryLinterFindings-Contributions(rl-contributor_file-XX)

Hi,

we ran into an issue when adding prettier & eslint to easy-ui5 (see Proposal: Add prettier config)

To make a long story short: The models.js file should have a valid jsdoc comment, just like the one in generator-ui5-project. Otherwise it's not a valid JS file according to the eslint ruleset applied to a project generated by generator-ui5-project.

I've got quite busy times ahead, so I can't fix it myself. Maybe someone else will be able to pick this up.

BR
Lukas

Bug Description

Omitting a service definition when calling FF generate results in inconsistent outputs. The yaml files generate are incomplete, but only the backend section should be omit.

Expected Behavior

Steps to Reproduce

1. Go to '...'
2. ...
3. ...

Context

• OS/Platform: {...}
• Browser: {...}
• Affected component: {...}

Log Output / Stack Trace / Screenshots

{...}

Priority

• Low
• Medium
• High
• Very High

The priority indicates the severity of the issue. To set the appropriate priority consider the following criteria:

• Breaks entire application or system - High or Very High
• Accessibility issue - Medium or High
• Functional issue - Medium or High
• Visual issue - Low or Medium

Note: The priority might be re-evaluated by the issue processor.

Stakeholder Info (if applicable)

• Organization: {...}
• Business impact: {...}

Description

Eslint throws many errors after deployment of apps due to dist folder being created post-deployment. Only happens for fiori-freestyle as elements has already been patched.

Steps to Reproduce

Steps to reproduce the behavior:

1. Create freestyle application with eslint configurations
2. Deploy app
3. run eslint
4. See error

Expected results

No error, even after deployment.

Screenshots

Version/Components/Environment

Add any other context about the problem here
OS:

• Mac OS
• Windows
• Other

Root Cause Analysis

Problem

{describe the problem}

Fix

{describe the fix}

Why was it missed

{Some explanation why this issue might have been missed during normal development/testing cycle}

How can we avoid this

{if we don’t want to see this type of issues anymore what we should do to prevent}

Bug Description

When generating a fiori-freestyle App, the odata-service module sets the model name to be the same as the data source name. This should use the default model name '' when not set. This prevents the data from loading otherwise.

Expected Behavior

Default model name in manifest is ''

Context

• OS/Platform: *
• Browser: *
• Affected component: ux-odata-service

### **Priority**
- [ ] Low
- [ ] Medium
- [x] High
- [ ] Very High


**Note:** The priority might be re-evaluated by the issue processor.

### **Stakeholder Info** (if applicable)

- Organisation: SAP Tools Suite
- Business impact: App data cannot be loaded 

Bug Description

If you use the fiori-freestyle templates - basic template and generate a project while providing an application ID with more than one dot e.g. my.demo.App then the model import in the generated Component.js is broken because only the first. is replaced with a /.

Expected Behavior

The Component.js works and all the dots are properly replaced.

Steps to Reproduce

1. Modify the configuration in test/basic.test.ts to use my.demo.App as config>app>id value
2. Run the test
3. Check the test test-output/basicTemplate/**/Component.js
4. See see issue in the imports at the beginning of the file

Context

• OS/Platform: any
• Browser: independent
• Affected component: fiori-freestyle

Log Output / Stack Trace / Screenshots

Priority

• Low
• Medium
• High
• Very High

Stakeholder Info (if applicable)

Reported by @vobu

Bug Description

When setting up the project from scratch in VS Code on Mac, the dev env is very complete and enables coding very quickly → great!
However, one linting-related error remains: upon opening any kind of *.ts file, eslint reports

Parsing error: "parserOptions.project" has been set for @typescript-eslint/parser.
The file does not match your project config: packages/templates/ui5-application/src/data/defaults.ts.
The file must be included in at least one of the projects provided.

on the very first import statement of the file, e.g.

// packages/templates/ui5-application/src/data/index.ts
import { Ui5App } from './types'; // <- error reported for this import statement
import { appDefaults, packageDefaults, mergeUi5 } from './defaults';
 //...

Expected Behavior

eslint working integrated with ESM imports.

Steps to Reproduce

1. Open any *.ts file
2. Error is displayed both in src file and in the ESLint page of VS Code

Context

• macOS 11.15.1
• VS Code 1.59.0
• node v16.6.2
• ESLint v7.28.0 (from node_modules)
• ESLint VSCode plugin v2.1.23

Log Output / Stack Trace / Screenshots

see report above

Priority

• Low
• Medium
• High
• Very High

Feature Request Description

Update ui5-config to generate proxy middleware without backend as it is not always required.

Proposed Solution

Dont write that section if a service path & url or destination are not provided.

Proposed Alternatives

Provide default values

Additional Context

Required to support FF generation where a service url and host or destination name are not available but a valid yaml file is still required.

Priority

• Low
• Medium
• High
• Very High

Required for Fiori Tools integration

Stakeholder Info (if applicable)

• Organization: ux tools
• Business impact: Adoption

A violation against the OSS Rules of Play has been detected.

Rule ID: rl-reuse_tool-4
Explanation: Is it compliant with REUSE rules? No

Find more information at: https://sap.github.io/fosstars-rating-core/oss_rules_of_play_rating.html

This issue was generated by the SAP Repository Linter. It checks repositories for their compliance with the SAP open source project guidelines. As an SAP employee you can see further details at https://wiki.wdf.sap.corp/wiki/display/ospodocs/Repository+Linter+Findings#RepositoryLinterFindings-Readme(rl-readme_file-XX)

As a developer,
I want to be able to efficiently add flexible programming model extensions to my Fiori elements for OData v4 application,
so that I can focus on the actually functionality instead of integration syntax.

Description

A developer using the flexible programming model is likely to be a technical person that is familiar with (or even fond of) the CLI to generate project artifacts. With this feature we want to empower those developers to efficiently add FPM extensions like custom pages or custom actions to their projects.
In addition, the more UI based tools (Fiori tools page modeler and guide development) can also make use of the templates and prompts used by the CLI, so that FPM extensions generated with the CLI or other tools are consistent.

Technical Design

• separate the functionality into three modules
  • templates: containing all templating logic and exposing functions for each available FPM extension e.g. page, section, action etc.
  • prompts: generic definition of prompts that can be used by the CLI but also by UI based tools
  • cli: create a module that can be executed with npm init without the requirement to install anything like yo etc. (https://docs.npmjs.com/cli/v7/commands/npm-init)
• templates and prompts have are to be isolated
• cli will depend on templates and prompts and transform output from prompts to the required input for the template
• other tools should use templates and prompts as needed but should not require the cli module

Acceptance Criteria

Given I am in the root folder of an existing Fiori elements v4 project
when I execute npm init @sap-ux/fiori-fpm
then I will be able to use a simple CLI based generator adding FPM boilerplate code to my project.

Given I am NOT in the root folder of an existing Fiori elements v4 project
when I execute npm init @sap-ux/fiori-fpm
then I will be told what I did wrong.

Given I am the developer of tools for Fiori elements
when I want to reuse either the templates or the prompts
then I will be able to do that without any other unnecessary modules.

Notes

Tasks

• validate with Fiori tools application modeller and guided development experts that the exposed modules are reusable for them
• create initial version of a writer supporting custom page & column for a first integration into application modeller
• extract custom section from Fiori tools in to this module (@815are) PR - #212
• enhance the writer module with the other custom elements supported by the FE FPM
• revisit the approach used for versioning the templates in the writer module
• create an inquirer module
• create cli module using writer and inquirer

Description

When generating fiori-freeestyle wroklist applications omitting the optional entity properties :
numberProperty, unitOfMeasureProperty

The i18n.properties contains a string with should be omitted:

https://github.com/SAP/open-ux-tools/blob/main/packages/fiori-freestyle-writer/templates/worklist/extend/webapp/i18n/i18n.properties#L24

The condition is missing as here:

https://github.com/SAP/open-ux-tools/blob/main/packages/fiori-freestyle-writer/templates/worklist/extend/webapp/i18n/i18n.properties#L42

Steps to Reproduce

Steps to reproduce the behavior:

1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error

Expected results

Actual results

Screenshots

If applicable, add screenshots to help explain the problem.

Version/Components/Environment

Add any other context about the problem here
OS:

• Mac OS
• Windows
• Other

Root Cause Analysis

Problem

{describe the problem}

Fix

{describe the fix}

Why was it missed

{Some explanation why this issue might have been missed during normal development/testing cycle}

How can we avoid this

{if we don’t want to see this type of issues anymore what we should do to prevent}

Vulnerabilities

DepShield reports that this application's usage of lodash.clonedeep:4.5.0 results in the following vulnerability(s):

• (CVSS 7.4) CWE-471: Modification of Assumed-Immutable Data (MAID)
• (CVSS 6.5) [CVE-2018-3721] lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutabl...

Occurrences

lodash.clonedeep:4.5.0 is a transitive dependency introduced by the following direct dependency(s):

• eslint:7.28.0
        └─ table:6.7.1
              └─ lodash.clonedeep:4.5.0

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}