ukhomeofficeforms / hof Goto Github PK
View Code? Open in Web Editor NEWBootstrap a HOF project
License: MIT License
hof's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
danielepolencic evergreen-travis-bot barbaracassani lcairns zbna cautionyourblast zuzak nhsbsa maurice-35 hjvoid jsfix-ci mcrawleyhomeoffice alex-swann andrewgibson-ibm paoladmadd paoladmadd-pro johndallenhof's Issues
Accessing the running config and logger etc.
It would be nice to access the config that hof-bootstrap is running with once it has been initialised. i.e. To have a programmatic way to access the amalgamation of the options passed to bootstrap and bootstrap's defaults.
It would also be nice to access things such as the logger as well as the express, 'app', object itself.
Pass middleware to `healthz/ping` health check endpoint
hof-bootstrap has a /healthz/ping endpoint out of the box. However, it only does a shallow check and returns a 200 if the app is running. It could be improved if one could pass it a middleware that has access to the req and other app internals, therefore able to perform a deeper health check
Expose more stuff to allow for people to do custom stuff
When I did the 'Foundation' POC I exposed a load of things that I though might be useful including:
- HOF
- Express
- The logger
- The express 'app' object
Any chance we could do some of that here? Should mean that the user is less constrained.
The 'use' method does not work
The 'use' method is currently a bit pointless as by the time you have access to it the notFound and error middlewares have been added, which means that any that you add will never be executed.
Aside: Why not just expose the 'app' object from Express? (And perhap augment it with any extra functionality you wish to provide.)
Support sessionStore injection
When testing I may want to supply my own sessionStore so I don't need redis as a prerequisite.
Example has implicit dependency of 'hof-controllers'
Compartmentalise documentation
For the sake of clarity I believe the documentation should be deconstructed in to separate files
#118
Dont throw error if route views are missing
This is a feature. Views do not need to be provided if they exist in common or hof-template-partials.
Update to newer Gov.UK Design System to comply with Service Standard
Currently Hof uses the deprecated Gov.UK Frontend Toolkit which itself does not meet legal WCAG 2.1 accessibility standards. The replacement Gov.UK Design System is necessary for new services in particular to meet:
- legal accessibility standards
- Align to the Gov.UK Browser compatibility list
- Incorporate newer frontend components and patterns.
This issue is linked to #167 Update Error summary as per GDS Design System.
The Design system has a number of changes from the older Gov.UK Frontend Toolkit. The migration guide is documented here. Notably:
- Newer style sheets, JS, and assets
- CSS styles are prefixed with
gov - Use of Nunjucks for templating. Appreciate Hof uses Mustache
docker-compose up fails
I'm on OSX 10.11.6,
Docker Version 17.09.0-ce-mac35 (19611)
I followed the instructions to get started, and it failed on docker-compose up
Only error I can see is the last few lines:
MacBook-Pro-6:hof-test joelanman$ docker-compose up
Building app
Step 1/9 : FROM quay.io/ukhomeofficedigital/nodejs-base:v6
# Executing 1 build trigger...
Step 1/1 : RUN yum clean all && yum update -y -q && yum clean all && rpm --rebuilddb
---> Using cache
---> 59324f410700
Step 2/9 : RUN mkdir /public
---> Using cache
---> b2ebc876dd15
Step 3/9 : COPY package.json /app/package.json
---> Using cache
---> 39cd160d92d9
Step 4/9 : RUN npm --loglevel warn install --production
---> Running in 4116bde156a1
npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN prefer global [email protected] should be installed with -g
> [email protected] install /app/node_modules/node-sass
> node scripts/install.js
Downloading binary from https://github.com/sass/node-sass/releases/download/v4.7.2/linux-x64-48_binding.node
Download complete
Binary saved to /app/node_modules/node-sass/vendor/linux-x64-48/binding.node
Caching binary to /root/.npm/node-sass/4.7.2/linux-x64-48_binding.node
> [email protected] postinstall /app/node_modules/node-sass
> node scripts/build.js
Binary found at /app/node_modules/node-sass/vendor/linux-x64-48/binding.node
Testing binary
Binary is fine
npm WARN lifecycle [email protected]~postinstall: cannot run in wd %s %s (wd=%s) [email protected] npm run build /app
[email protected] /app
+-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| +-- [email protected]
| +-- [email protected]
| +-- [email protected]
| `-- [email protected]
+-- [email protected]
+-- [email protected]
| +-- [email protected]
| | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | | `-- [email protected]
| | | | | | +-- [email protected]
| | | | | | +-- [email protected]
| | | | | | | `-- [email protected]
| | | | | | `-- [email protected]
| | | | | | +-- [email protected]
| | | | | | | `-- [email protected]
| | | | | | `-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | | `-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | | `-- [email protected]
| | | | | | `-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | | `-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| `-- [email protected]
| `-- [email protected]
`-- [email protected]
+-- [email protected]
| `-- [email protected]
+-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| `-- [email protected]
+-- [email protected]
| `-- [email protected]
`-- [email protected]
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@^1.0.0 (node_modules/chokidar/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN [email protected] No description
npm WARN [email protected] No repository field.
---> 26d402f7d78f
Removing intermediate container 4116bde156a1
Step 5/9 : COPY . /app
---> 9728482c08a9
Step 6/9 : RUN npm --loglevel warn run postinstall --production
---> Running in 8027ab9daf78
> [email protected] postinstall /app
> npm run build
> [email protected] build /app
> hof-build
Found local config at /app/hof.settings
Executing task: browserify
Completed task: browserify
Executing task: compile sass
WARNING: Passing a phase to the alpha/beta banners is deprecated
Backtrace:
node_modules/govuk_frontend_toolkit/stylesheets/design-patterns/_alpha-beta.scss:15, in mixin `phase-banner`
assets/scss/app.scss:4
Completed task: compile sass
Executing task: compile translations
Completed task: compile translations
Executing task: copy images
warning: no images directory found at assets/images
Completed task: copy images
---> c51f7f536fdd
Removing intermediate container 8027ab9daf78
Step 7/9 : RUN chown -R nodejs:nodejs /public
---> Running in a252b4505b97
---> 7317288aaf6c
Removing intermediate container a252b4505b97
Step 8/9 : USER nodejs
---> Running in d33616b71d96
---> a66cf6d3ddf4
Removing intermediate container d33616b71d96
Step 9/9 : CMD /app/run.sh
---> Running in cf888bb99c00
---> 702d887f9ff7
Removing intermediate container cf888bb99c00
Successfully built 702d887f9ff7
Successfully tagged hoftest_app:latest
WARNING: Image for service app was built because it did not already exist. To rebuild this image you must use `docker-compose build` or `docker-compose up --build`.
Pulling nginx-proxy (quay.io/ukhomeofficedigital/nginx-proxy:v1.5.1)...
v1.5.1: Pulling from ukhomeofficedigital/nginx-proxy
a3ed95caeb02: Pull complete
3286cdf780ef: Pull complete
1f21aeb7ce65: Pull complete
a7eb7c9c4639: Pull complete
69e7b50859f1: Pull complete
c89bb12af32b: Pull complete
9e61b8301dc6: Pull complete
a3843ca95ad6: Pull complete
8877be3d829f: Pull complete
4f5b6ca82d9b: Pull complete
605aa1340bdd: Pull complete
d442b931162d: Pull complete
7e989e595d3d: Pull complete
844d09bde20f: Pull complete
18fab3deb097: Pull complete
ce38799073c2: Pull complete
aad9276ded72: Pull complete
72d6313e530f: Pull complete
081d4b8f91ce: Pull complete
1a50b98ea17a: Pull complete
520a9568e8dd: Pull complete
75c8baf1cd20: Pull complete
f522ee9dd2fb: Pull complete
2cafe1919f4b: Pull complete
Digest: sha256:2796487262f6818751d9dab829445fef8495cd512227491980ec675613b1ea73
Status: Downloaded newer image for quay.io/ukhomeofficedigital/nginx-proxy:v1.5.1
Creating hoftest_redis_1 ...
Creating hoftest_redis_1 ... done
Creating hoftest_app_1 ...
Creating hoftest_app_1 ... error
ERROR: for hoftest_app_1 Cannot start service app: oci runtime error: container_linux.go:265: starting container process caused "exec: \"/app/run.sh\": permission denied"
ERROR: for app Cannot start service app: oci runtime error: container_linux.go:265: starting container process caused "exec: \"/app/run.sh\": permission denied"
ERROR: Encountered errors while bringing up the project.
npm audit shows a critical vulnerability in a dependency
Running npm audit shows a few vulnerable dependencies.
Three of these dependencies are breaking changes, and seem to break the test suite if you install them.
As they are major version bumps, npm audit fix is unable to apply them.
Downstream projects that consume hof are unable to resolve their npm audit reports unless these three packages are updated in hof directly.
Some are fairly easy to resolve: it looks like command line arguments need tweaking for mocha; but others are harder: updating helmet causes some tests to fail.
Click to show `npm audit` output
$ npm audit
=== npm audit security report ===
# Run npm install --save-dev [email protected] to resolve 3 vulnerabilities
SEMVER WARNING: Recommended action is a potentially breaking change
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ minimatch │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ mocha [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ mocha > glob > minimatch │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/118 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Critical │ Command Injection │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ growl │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ mocha [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ mocha > growl │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/146 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ debug │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ mocha [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ mocha > debug │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/534 │
└───────────────┴──────────────────────────────────────────────────────────────┘
# Run npm install [email protected] to resolve 3 vulnerabilities
SEMVER WARNING: Recommended action is a potentially breaking change
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ debug │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ helmet │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ helmet > connect > debug │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/534 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ debug │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ helmet │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ helmet > connect > finalhandler > debug │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/534 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate │ Configuration Override │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ helmet-csp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ helmet │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ helmet > helmet-csp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1176 │
└───────────────┴──────────────────────────────────────────────────────────────┘
# Run npm install [email protected] to resolve 3 vulnerabilities
SEMVER WARNING: Recommended action is a potentially breaking change
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ lodash │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ i18n-future │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ i18n-future > lodash │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/577 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ lodash │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ i18n-future │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ i18n-future > lodash │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/782 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ lodash │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ i18n-future │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ i18n-future > lodash │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1065 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 9 vulnerabilities (4 low, 1 moderate, 3 high, 1 critical) in 2477 scanned packages
9 vulnerabilities require semver-major dependency updates.```
</details>
Add snyk
scan for vulnerabilities with Snyk
Add content security policy middleware
Use helmet csp to implement a content security policy that whitelists origins we deem to be safe for loading assets.
Our templates inherit from https://github.com/alphagov/govuk_template/blob/master/source/views/layouts/govuk_template.html.erb which includes two script tags. As such our CSP will need to include a directive that lets inline scripts be included...
E.g. Using Helmet csp: scriptSrc: ["'self'", "'unsafe-inline'"]
This issue alphagov/govuk_template#258 identifies a solution to the issue.
This PR should avoid the need to add the unsafe-inline directive: alphagov/govuk_template#268
investigate using an app per route
Currently an application has one express app instance which uses a router for each route. The downside with this approach is app.set('views') is set on the global app so every route shares the same views (and partials if using express-partial-templates).
If we create a new express app instance for each route, and pass in the global express app instance, we should be able to concatenate the global app views with the route views, and call express-partial-templates passing the child app.
This would result in each route having its own res.locals.partials, which are a superset of the base app partials
Use deepTranslate middleware
This is applied in apps/{route}/index.js before mixins middleware and wizard. A bound instance of the translation function is provided to deepTranslate middleware which is added to req object. This is used in template mixins and wizard so no translate method should be additionally supplied to these.
Example - https://github.com/UKHomeOffice/gro/blob/master/apps/gro/index.js#L15-L29
Update error summary as per GDS Design system
The current error summary is out of date. It doesn't follow the guidelines in the GDS Design system
You must:
- add ‘Error: ’ to the beginning of the <title> so screen readers read it out as soon as possible ☑️
- show an error summary at the top of a page ☑️
- move keyboard focus to the error summary
- include the heading ‘There is a problem’ ☑️
- link to each of the answers that have validation errors ☑️
- show the same error messages next to the inputs with errors ☑️
It was agreed at least the first two items should be addressed. There is some debate about changing the focus because that changes the default behaviour of a browser
Updated: added a check to all the items done in this issue
https://design-system.service.gov.uk/components/error-summary/
Lose `caller` and pass in absolute paths
just coz.
Uninstall connect-redis-crypto
Uninstall connect-redis-crypto because it's not used by this project
docker-compose up fails with npm error, "cross-device link not permitted"
I'm trying to work through the guide, but getting an npm error from docker-compose up;
npm ERR! EXDEV: cross-device link not permitted, rename '/opt/nodejs/lib/node_modules/npm/node_modules/abbrev' -> '/opt/nodejs/lib/node_modules/npm/node_modules/.abbrev.DELETE'
This is the full output. Does anyone know what's going on?
$ docker-compose up
Building app
Step 1/6 : FROM quay.io/ukhomeofficedigital/nodejs-base:v6.9.1
---> bc1406475e6f
Step 2/6 : RUN mkdir /public
---> Using cache
---> 34ca74eb5432
Step 3/6 : RUN yum clean all && yum update -y -q && yum install -y -q git && yum clean all && rpm --rebuilddb && npm install -g npm@latest --loglevel warn
---> Running in 379b5ffb014e
Loaded plugins: fastestmirror, ovl
Cleaning repos: base extras updates
Cleaning up everything
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
warning: /etc/shadow created as /etc/shadow.rpmnew
warning: /etc/nsswitch.conf created as /etc/nsswitch.conf.rpmnew
install-info: No such file or directory for /usr/share/info/gnupg.info
/var/tmp/rpm-tmp.xd8Zad: line 1: /etc/sysconfig/network-scripts/network-functions: No such file or directory
warning: %triggerin(systemd-219-30.el7_3.9.x86_64) scriptlet failed, exit status 1
Non-fatal <unknown> scriptlet failure in rpm package systemd-219-30.el7_3.9.x86_64
Loaded plugins: fastestmirror, ovl
Cleaning repos: base extras updates
Cleaning up everything
Cleaning up list of fastest mirrors
- [email protected] node_modules/npm/node_modules/asap
- [email protected] node_modules/npm/node_modules/fstream
- [email protected] node_modules/npm/node_modules/fstream-npm/node_modules/fstream-ignore/node_modules/minimatch/node_modules/brace-expansion/node_modules/balanced-match
- [email protected] node_modules/npm/node_modules/fstream-npm/node_modules/fstream-ignore/node_modules/minimatch/node_modules/brace-expansion/node_modules/concat-map
- [email protected] node_modules/npm/node_modules/fstream-npm/node_modules/fstream-ignore/node_modules/minimatch/node_modules/brace-expansion
- [email protected] node_modules/npm/node_modules/fstream-npm/node_modules/fstream-ignore/node_modules/minimatch
- [email protected] node_modules/npm/node_modules/fstream-npm/node_modules/fstream-ignore
- [email protected] node_modules/npm/node_modules/init-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/node_modules/balanced-match
- [email protected] node_modules/npm/node_modules/init-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/node_modules/concat-map
- [email protected] node_modules/npm/node_modules/init-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion
- [email protected] node_modules/npm/node_modules/init-package-json/node_modules/glob/node_modules/minimatch
- [email protected] node_modules/npm/node_modules/init-package-json/node_modules/glob/node_modules/path-is-absolute
- [email protected] node_modules/npm/node_modules/init-package-json/node_modules/glob
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/are-we-there-yet/node_modules/delegates
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/are-we-there-yet
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/console-control-strings
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/has-color
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/object-assign
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/signal-exit
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/code-point-at/node_modules/number-is-nan
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/code-point-at
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/is-fullwidth-code-point/node_modules/number-is-nan
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/is-fullwidth-code-point
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/string-width
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/wide-align
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/set-blocking
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/debug/node_modules/ms
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/debug
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/es6-symbol/node_modules/es5-ext/node_modules/es6-iterator
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/es6-symbol/node_modules/es5-ext
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/es6-symbol/node_modules/d
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/es6-symbol
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/concat-stream/node_modules/readable-stream/node_modules/core-util-is
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/concat-stream/node_modules/readable-stream/node_modules/isarray
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/concat-stream/node_modules/readable-stream/node_modules/process-nextick-args
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/concat-stream/node_modules/readable-stream/node_modules/string_decoder
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/concat-stream/node_modules/readable-stream/node_modules/util-deprecate
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/concat-stream/node_modules/readable-stream
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/are-we-there-yet/node_modules/delegates
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/are-we-there-yet
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/console-control-strings
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/has-color
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/object-assign
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/signal-exit
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/code-point-at/node_modules/number-is-nan
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/code-point-at
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/is-fullwidth-code-point/node_modules/number-is-nan
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/is-fullwidth-code-point
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/string-width
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/wide-align
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/set-blocking
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/retry
- [email protected] node_modules/npm/node_modules/npmlog/node_modules/gauge/node_modules/has-color
- [email protected] node_modules/npm/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/code-point-at/node_modules/number-is-nan
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/node_modules/balanced-match
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/node_modules/concat-map
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/glob/node_modules/minimatch
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/glob/node_modules/path-is-absolute
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/glob
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/json-parse-helpfulerror/node_modules/jju
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/json-parse-helpfulerror
- [email protected] node_modules/npm/node_modules/readable-stream/node_modules/buffer-shims
- [email protected] node_modules/npm/node_modules/request/node_modules/bl/node_modules/readable-stream/node_modules/core-util-is
- [email protected] node_modules/npm/node_modules/request/node_modules/bl/node_modules/readable-stream/node_modules/isarray
- [email protected] node_modules/npm/node_modules/request/node_modules/bl/node_modules/readable-stream/node_modules/process-nextick-args
- [email protected] node_modules/npm/node_modules/request/node_modules/bl/node_modules/readable-stream/node_modules/string_decoder
- [email protected] node_modules/npm/node_modules/request/node_modules/bl/node_modules/readable-stream/node_modules/util-deprecate
- [email protected] node_modules/npm/node_modules/request/node_modules/bl/node_modules/readable-stream
- [email protected] node_modules/npm/node_modules/request/node_modules/bl
- [email protected] node_modules/npm/node_modules/request/node_modules/form-data/node_modules/async
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/chalk/node_modules/ansi-styles
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/chalk/node_modules/escape-string-regexp
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/chalk/node_modules/has-ansi
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/chalk/node_modules/supports-color
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/chalk
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/commander/node_modules/graceful-readlink
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/commander
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/node_modules/generate-function
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/node_modules/generate-object-property/node_modules/is-property
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/node_modules/generate-object-property
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/node_modules/jsonpointer
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/node_modules/xtend
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/pinkie-promise/node_modules/pinkie
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/pinkie-promise
- [email protected] node_modules/npm/node_modules/request/node_modules/http-signature/node_modules/sshpk/node_modules/jodid25519
- [email protected] node_modules/npm/node_modules/request/node_modules/node-uuid
- [email protected] node_modules/npm/node_modules/tar/node_modules/block-stream
- [email protected] node_modules/npm/node_modules/validate-npm-package-license/node_modules/spdx-expression-parse/node_modules/spdx-exceptions
- [email protected] node_modules/npm/node_modules/validate-npm-package-license/node_modules/spdx-expression-parse/node_modules/spdx-license-ids
- [email protected] node_modules/npm/node_modules/fstream-npm
- [email protected] node_modules/npm/node_modules/normalize-git-url
- [email protected] node_modules/npm/node_modules/realize-package-specifier
/opt/nodejs/lib
`-- (empty)
npm ERR! Linux 4.9.38-moby
npm ERR! argv "/opt/nodejs/bin/node" "/opt/nodejs/bin/npm" "install" "-g" "npm@latest" "--loglevel" "warn"
npm ERR! node v6.9.1
npm ERR! npm v3.10.8
npm ERR! path /opt/nodejs/lib/node_modules/npm/node_modules/abbrev
npm ERR! code EXDEV
npm ERR! errno -18
npm ERR! syscall rename
npm ERR! EXDEV: cross-device link not permitted, rename '/opt/nodejs/lib/node_modules/npm/node_modules/abbrev' -> '/opt/nodejs/lib/node_modules/npm/node_modules/.abbrev.DELETE'
npm ERR!
npm ERR! If you need help, you may report this error at:
npm ERR! <https://github.com/npm/npm/issues>
npm ERR! Please include the following file with any support request:
npm ERR! /app/npm-debug.log
npm ERR! code 1
ERROR: Service 'app' failed to build: The command '/bin/sh -c yum clean all && yum update -y -q && yum install -y -q git && yum clean all && rpm --rebuilddb && npm install -g npm@latest --loglevel warn' returned a non-zero code: 1
Remove root level views and fields
Do not make bootstrap expect views, fields and translations at the root level of a project.
At the moment, bootstrap will throw an error if they don't exist. However, it would make sense to throw an error only if no views, or fields, or translations could be found at the root level or the route level
Update readme documentation
README documentation is not entirely accurate.
Update the README documentation so that it is accurate with the current implementation of the project.
In particular, not all the configuration options are documented and several of them are incorrect.
`assets` should not be optional
Do not allow users to override the assets default setting of public.
The value public should be expected and is the expected output for the browserify script in package.json
Remove automagical route lookup logic
As a lib I should be as configurable as possible and not make assumptions about the dir structure of the application I am being used in. Instead of expecting everything to be in apps, I should be passed an array of absolute paths, or at least the name of the directory to look in
No secret is provided when using a custom session store
When using express-session's MemoryStore the following error is generated:
express-session deprecated req.secret; provide secret option node_modules/hof-bootstrap/lib/sessions.js:19:20
use hof-logger rather than bespoke implementation
lib/logger should be removed and replaced with hof-logger.
hof-logger allows defaults to be overridden so should we build this into the bootstrap options? Alternative is to be opinionated and use sensible defaults as per GRO, ROTM and BRP
Error handler invoked without a translate function
At https://github.com/UKHomeOffice/hof-bootstrap/blob/master/lib/defaults.js#L20 hof.middleware.error is invoked with translate and logger. However, translate is undefined.
The reason being that require('hof').i18n is in fact a function that when invoked returns an object with a translate function.
Fix:
const i18n = require('hof').i18n({
path: path_to_translations
})
...
translate: i18n.translate.bind(i18n)
...
Notes
1): path_to_translations should point to something like... translations/__lng__/__ns__.json
Such as:
apps/
|- common/
|- translations/
|- en/
|- default.json
i18n.translate.bind(i18n)the translate function must be explicitly bound to the i18n object. When the translate function is invoked without this context, its 'thisobject appears to beundefined`
Example doesn't start, errors with "Set base fields or route fields or both"
✘ cns@mirka /httpdocs/ho/hof-bootstrap/example master ● npm start
> [email protected] start /httpdocs/ho/hof-bootstrap/example
> node .
/httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/lib/helpers.js:43
throw new Error('Set base fields or route fields or both');
^
Error: Set base fields or route fields or both
at Function.getFields (/httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/lib/helpers.js:43:13)
at module.exports (/httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/lib/router.js:17:26)
at /httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/index.js:29:35
at Array.forEach (native)
at config.routes.forEach (/httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/index.js:24:17)
at Object.bootstrap.start.Promise [as start] (/httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/index.js:77:7)
at module.exports.bootstrap.start.config.routes.forEach.config.middleware.forEach.app.get.app.get (/httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/index.js:136:15)
at Object.<anonymous> (/httpdocs/ho/hof-bootstrap/example/index.js:5:1)
at Module._compile (module.js:409:26)
at Object.Module._extensions..js (module.js:416:10)
Contributing Document
Add a document to help developers contribute to this repository.
documentation should be flexible enough to use for other HOF repos
Use notFound middleware
Use HOF notFound middleware to catch non-existent routes
Licensing HO guidance is MIT but we have GPL and ISC
The guidance from the central team is that our licenses in the Home Office are meant to be MIT https://github.com/UKHomeOffice/central-devteam-board/wiki#licencing. I noticed the HOF-bootstrap is GPL-3.0 and the example is ISC. Is HOF licensing meant to move away from the Home Office guidelines?
Shallow health check
app.get('/healthz/ping', (req, res) => res.send(200));
Fix paths to the views, fields and templates options
Discovered some issues with how the paths to the various resources are managed, and how they differ between test and service.
Still investigating
Use hof-template-partials
fallback views directory should be provided to express application before express-partial-templates middleware. Terms and Cookies should use these templates as a base, also i18n should use common translations compiled from hof-template-partials
Add badges for travis and npm
- add badges to indicate the status and version
Add commit hooks
add commit hooks, with tests, lint etc to catch errors sooner
config is lost when start up is delayed
When startOnInitialise is false when the interface is started, the same config has to be passed to the method otherwise it will fail:
const path = require('path');
const bootstrap = require('hof-bootstrap');
bootstrap({
startOnInitialise: false,
routes: [{
fields: path.resolve(__dirname, 'fields'),
views: path.resolve(__dirname, 'views'),
steps: {
'/one': {
next: '/two',
fields: ['fname', 'lname']
},
'/two': {
template: 'two'
}
}
}]
}).then(bootstrap => {
bootstrap.start(); // silently fails
bootstrap.start({startOnInitialise: true}); // silently fails
bootstrap.start({startOnInitialise: true, protocol: 'http', port: '8080', host: '0.0.0.0'}); // finally works
});In the first 2 scenarios the app never starts (the listen method cannot be reached in the first, port, host and protocol are undefined in the last).
Perhaps we could a find a better idea to expose the interface. Perhaps we could expose the app as an express Router?
example tests don't run as part of CI
In example/ you've got codecept there, but the tests don't run as part of CI
Resolve bootstrap with the Express `app` object
High level security vulnerabilities in version 19.14.16 of HOF relating to underscore library
On latest build using Node v14.18.1 the follwing 5 security vulnerabilities are reported:
underscore 1.3.2 - 1.12.0
Severity: high
Arbitrary Code Execution in underscore - GHSA-cf4h-3jhx-xvhq
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/httpntlm/node_modules/underscore
httpntlm 1.5.0 - 1.7.6
Depends on vulnerable versions of underscore
node_modules/httpntlm
smtp-connection 2.4.0-beta.0 - 3.2.0
Depends on vulnerable versions of httpntlm
node_modules/smtp-connection
nodemailer-smtp-transport 2.0.0-beta.0 - 2.0.0-beta.1 || >=2.5.0
Depends on vulnerable versions of smtp-connection
node_modules/nodemailer-smtp-transport
hof >=19.0.0-beta-v1
Depends on vulnerable versions of nodemailer-smtp-transport
node_modules/hof
5 high severity vulnerabilities
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.