ukhomeofficeforms / hof Goto Github PK
View Code? Open in Web Editor NEWBootstrap a HOF project
License: MIT License
Bootstrap a HOF project
License: MIT License
It would be nice to access the config that hof-bootstrap is running with once it has been initialised. i.e. To have a programmatic way to access the amalgamation of the options passed to bootstrap and bootstrap's defaults.
It would also be nice to access things such as the logger as well as the express, 'app', object itself.
hof-bootstrap has a /healthz/ping
endpoint out of the box. However, it only does a shallow check and returns a 200
if the app is running. It could be improved if one could pass it a middleware that has access to the req and other app internals, therefore able to perform a deeper health check
When I did the 'Foundation' POC I exposed a load of things that I though might be useful including:
Any chance we could do some of that here? Should mean that the user is less constrained.
The 'use' method is currently a bit pointless as by the time you have access to it the notFound and error middlewares have been added, which means that any that you add will never be executed.
Aside: Why not just expose the 'app' object from Express? (And perhap augment it with any extra functionality you wish to provide.)
When testing I may want to supply my own sessionStore so I don't need redis as a prerequisite.
For the sake of clarity I believe the documentation should be deconstructed in to separate files
#118
This is a feature. Views do not need to be provided if they exist in common or hof-template-partials.
Currently Hof uses the deprecated Gov.UK Frontend Toolkit which itself does not meet legal WCAG 2.1 accessibility standards. The replacement Gov.UK Design System is necessary for new services in particular to meet:
This issue is linked to #167 Update Error summary as per GDS Design System.
The Design system has a number of changes from the older Gov.UK Frontend Toolkit. The migration guide is documented here. Notably:
gov
I'm on OSX 10.11.6,
Docker Version 17.09.0-ce-mac35 (19611)
I followed the instructions to get started, and it failed on docker-compose up
Only error I can see is the last few lines:
MacBook-Pro-6:hof-test joelanman$ docker-compose up
Building app
Step 1/9 : FROM quay.io/ukhomeofficedigital/nodejs-base:v6
# Executing 1 build trigger...
Step 1/1 : RUN yum clean all && yum update -y -q && yum clean all && rpm --rebuilddb
---> Using cache
---> 59324f410700
Step 2/9 : RUN mkdir /public
---> Using cache
---> b2ebc876dd15
Step 3/9 : COPY package.json /app/package.json
---> Using cache
---> 39cd160d92d9
Step 4/9 : RUN npm --loglevel warn install --production
---> Running in 4116bde156a1
npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN prefer global [email protected] should be installed with -g
> [email protected] install /app/node_modules/node-sass
> node scripts/install.js
Downloading binary from https://github.com/sass/node-sass/releases/download/v4.7.2/linux-x64-48_binding.node
Download complete
Binary saved to /app/node_modules/node-sass/vendor/linux-x64-48/binding.node
Caching binary to /root/.npm/node-sass/4.7.2/linux-x64-48_binding.node
> [email protected] postinstall /app/node_modules/node-sass
> node scripts/build.js
Binary found at /app/node_modules/node-sass/vendor/linux-x64-48/binding.node
Testing binary
Binary is fine
npm WARN lifecycle [email protected]~postinstall: cannot run in wd %s %s (wd=%s) [email protected] npm run build /app
[email protected] /app
+-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| +-- [email protected]
| +-- [email protected]
| +-- [email protected]
| `-- [email protected]
+-- [email protected]
+-- [email protected]
| +-- [email protected]
| | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | | `-- [email protected]
| | | | | | +-- [email protected]
| | | | | | +-- [email protected]
| | | | | | | `-- [email protected]
| | | | | | `-- [email protected]
| | | | | | +-- [email protected]
| | | | | | | `-- [email protected]
| | | | | | `-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | | `-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | | `-- [email protected]
| | | | | | `-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | | `-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | `-- [email protected]
| `-- [email protected]
| `-- [email protected]
`-- [email protected]
+-- [email protected]
| `-- [email protected]
+-- [email protected]
| +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | | `-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | +-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | +-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | | `-- [email protected]
| | | `-- [email protected]
| | | +-- [email protected]
| | | +-- [email protected]
| | | `-- [email protected]
| | | `-- [email protected]
| | +-- [email protected]
| | | `-- [email protected]
| | `-- [email protected]
| +-- [email protected]
| +-- [email protected]
| `-- [email protected]
+-- [email protected]
| `-- [email protected]
`-- [email protected]
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@^1.0.0 (node_modules/chokidar/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN [email protected] No description
npm WARN [email protected] No repository field.
---> 26d402f7d78f
Removing intermediate container 4116bde156a1
Step 5/9 : COPY . /app
---> 9728482c08a9
Step 6/9 : RUN npm --loglevel warn run postinstall --production
---> Running in 8027ab9daf78
> [email protected] postinstall /app
> npm run build
> [email protected] build /app
> hof-build
Found local config at /app/hof.settings
Executing task: browserify
Completed task: browserify
Executing task: compile sass
WARNING: Passing a phase to the alpha/beta banners is deprecated
Backtrace:
node_modules/govuk_frontend_toolkit/stylesheets/design-patterns/_alpha-beta.scss:15, in mixin `phase-banner`
assets/scss/app.scss:4
Completed task: compile sass
Executing task: compile translations
Completed task: compile translations
Executing task: copy images
warning: no images directory found at assets/images
Completed task: copy images
---> c51f7f536fdd
Removing intermediate container 8027ab9daf78
Step 7/9 : RUN chown -R nodejs:nodejs /public
---> Running in a252b4505b97
---> 7317288aaf6c
Removing intermediate container a252b4505b97
Step 8/9 : USER nodejs
---> Running in d33616b71d96
---> a66cf6d3ddf4
Removing intermediate container d33616b71d96
Step 9/9 : CMD /app/run.sh
---> Running in cf888bb99c00
---> 702d887f9ff7
Removing intermediate container cf888bb99c00
Successfully built 702d887f9ff7
Successfully tagged hoftest_app:latest
WARNING: Image for service app was built because it did not already exist. To rebuild this image you must use `docker-compose build` or `docker-compose up --build`.
Pulling nginx-proxy (quay.io/ukhomeofficedigital/nginx-proxy:v1.5.1)...
v1.5.1: Pulling from ukhomeofficedigital/nginx-proxy
a3ed95caeb02: Pull complete
3286cdf780ef: Pull complete
1f21aeb7ce65: Pull complete
a7eb7c9c4639: Pull complete
69e7b50859f1: Pull complete
c89bb12af32b: Pull complete
9e61b8301dc6: Pull complete
a3843ca95ad6: Pull complete
8877be3d829f: Pull complete
4f5b6ca82d9b: Pull complete
605aa1340bdd: Pull complete
d442b931162d: Pull complete
7e989e595d3d: Pull complete
844d09bde20f: Pull complete
18fab3deb097: Pull complete
ce38799073c2: Pull complete
aad9276ded72: Pull complete
72d6313e530f: Pull complete
081d4b8f91ce: Pull complete
1a50b98ea17a: Pull complete
520a9568e8dd: Pull complete
75c8baf1cd20: Pull complete
f522ee9dd2fb: Pull complete
2cafe1919f4b: Pull complete
Digest: sha256:2796487262f6818751d9dab829445fef8495cd512227491980ec675613b1ea73
Status: Downloaded newer image for quay.io/ukhomeofficedigital/nginx-proxy:v1.5.1
Creating hoftest_redis_1 ...
Creating hoftest_redis_1 ... done
Creating hoftest_app_1 ...
Creating hoftest_app_1 ... error
ERROR: for hoftest_app_1 Cannot start service app: oci runtime error: container_linux.go:265: starting container process caused "exec: \"/app/run.sh\": permission denied"
ERROR: for app Cannot start service app: oci runtime error: container_linux.go:265: starting container process caused "exec: \"/app/run.sh\": permission denied"
ERROR: Encountered errors while bringing up the project.
Running npm audit
shows a few vulnerable dependencies.
Three of these dependencies are breaking changes, and seem to break the test suite if you install them.
As they are major version bumps, npm audit fix
is unable to apply them.
Downstream projects that consume hof
are unable to resolve their npm audit
reports unless these three packages are updated in hof
directly.
Some are fairly easy to resolve: it looks like command line arguments need tweaking for mocha
; but others are harder: updating helmet
causes some tests to fail.
$ npm audit
=== npm audit security report ===
# Run npm install --save-dev [email protected] to resolve 3 vulnerabilities
SEMVER WARNING: Recommended action is a potentially breaking change
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ minimatch │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ mocha [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ mocha > glob > minimatch │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/118 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Critical │ Command Injection │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ growl │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ mocha [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ mocha > growl │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/146 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ debug │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ mocha [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ mocha > debug │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/534 │
└───────────────┴──────────────────────────────────────────────────────────────┘
# Run npm install [email protected] to resolve 3 vulnerabilities
SEMVER WARNING: Recommended action is a potentially breaking change
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ debug │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ helmet │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ helmet > connect > debug │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/534 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ debug │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ helmet │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ helmet > connect > finalhandler > debug │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/534 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate │ Configuration Override │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ helmet-csp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ helmet │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ helmet > helmet-csp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1176 │
└───────────────┴──────────────────────────────────────────────────────────────┘
# Run npm install [email protected] to resolve 3 vulnerabilities
SEMVER WARNING: Recommended action is a potentially breaking change
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ lodash │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ i18n-future │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ i18n-future > lodash │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/577 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ lodash │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ i18n-future │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ i18n-future > lodash │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/782 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ lodash │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ i18n-future │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ i18n-future > lodash │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1065 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 9 vulnerabilities (4 low, 1 moderate, 3 high, 1 critical) in 2477 scanned packages
9 vulnerabilities require semver-major dependency updates.```
</details>
scan for vulnerabilities with Snyk
Use helmet csp to implement a content security policy that whitelists origins we deem to be safe for loading assets.
Our templates inherit from https://github.com/alphagov/govuk_template/blob/master/source/views/layouts/govuk_template.html.erb which includes two script tags. As such our CSP will need to include a directive that lets inline scripts be included...
E.g. Using Helmet csp: scriptSrc: ["'self'", "'unsafe-inline'"]
This issue alphagov/govuk_template#258 identifies a solution to the issue.
This PR should avoid the need to add the unsafe-inline directive: alphagov/govuk_template#268
Currently an application has one express app instance which uses a router for each route. The downside with this approach is app.set('views')
is set on the global app so every route shares the same views (and partials if using express-partial-templates).
If we create a new express app instance for each route, and pass in the global express app instance, we should be able to concatenate the global app views with the route views, and call express-partial-templates passing the child app.
This would result in each route having its own res.locals.partials, which are a superset of the base app partials
This is applied in apps/{route}/index.js
before mixins middleware and wizard. A bound instance of the translation function is provided to deepTranslate middleware which is added to req
object. This is used in template mixins and wizard so no translate method should be additionally supplied to these.
Example - https://github.com/UKHomeOffice/gro/blob/master/apps/gro/index.js#L15-L29
The current error summary is out of date. It doesn't follow the guidelines in the GDS Design system
You must:
It was agreed at least the first two items should be addressed. There is some debate about changing the focus because that changes the default behaviour of a browser
Updated: added a check to all the items done in this issue
https://design-system.service.gov.uk/components/error-summary/
just coz.
Uninstall connect-redis-crypto because it's not used by this project
I'm trying to work through the guide, but getting an npm error from docker-compose up
;
npm ERR! EXDEV: cross-device link not permitted, rename '/opt/nodejs/lib/node_modules/npm/node_modules/abbrev' -> '/opt/nodejs/lib/node_modules/npm/node_modules/.abbrev.DELETE'
This is the full output. Does anyone know what's going on?
$ docker-compose up
Building app
Step 1/6 : FROM quay.io/ukhomeofficedigital/nodejs-base:v6.9.1
---> bc1406475e6f
Step 2/6 : RUN mkdir /public
---> Using cache
---> 34ca74eb5432
Step 3/6 : RUN yum clean all && yum update -y -q && yum install -y -q git && yum clean all && rpm --rebuilddb && npm install -g npm@latest --loglevel warn
---> Running in 379b5ffb014e
Loaded plugins: fastestmirror, ovl
Cleaning repos: base extras updates
Cleaning up everything
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
warning: /etc/shadow created as /etc/shadow.rpmnew
warning: /etc/nsswitch.conf created as /etc/nsswitch.conf.rpmnew
install-info: No such file or directory for /usr/share/info/gnupg.info
/var/tmp/rpm-tmp.xd8Zad: line 1: /etc/sysconfig/network-scripts/network-functions: No such file or directory
warning: %triggerin(systemd-219-30.el7_3.9.x86_64) scriptlet failed, exit status 1
Non-fatal <unknown> scriptlet failure in rpm package systemd-219-30.el7_3.9.x86_64
Loaded plugins: fastestmirror, ovl
Cleaning repos: base extras updates
Cleaning up everything
Cleaning up list of fastest mirrors
- [email protected] node_modules/npm/node_modules/asap
- [email protected] node_modules/npm/node_modules/fstream
- [email protected] node_modules/npm/node_modules/fstream-npm/node_modules/fstream-ignore/node_modules/minimatch/node_modules/brace-expansion/node_modules/balanced-match
- [email protected] node_modules/npm/node_modules/fstream-npm/node_modules/fstream-ignore/node_modules/minimatch/node_modules/brace-expansion/node_modules/concat-map
- [email protected] node_modules/npm/node_modules/fstream-npm/node_modules/fstream-ignore/node_modules/minimatch/node_modules/brace-expansion
- [email protected] node_modules/npm/node_modules/fstream-npm/node_modules/fstream-ignore/node_modules/minimatch
- [email protected] node_modules/npm/node_modules/fstream-npm/node_modules/fstream-ignore
- [email protected] node_modules/npm/node_modules/init-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/node_modules/balanced-match
- [email protected] node_modules/npm/node_modules/init-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/node_modules/concat-map
- [email protected] node_modules/npm/node_modules/init-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion
- [email protected] node_modules/npm/node_modules/init-package-json/node_modules/glob/node_modules/minimatch
- [email protected] node_modules/npm/node_modules/init-package-json/node_modules/glob/node_modules/path-is-absolute
- [email protected] node_modules/npm/node_modules/init-package-json/node_modules/glob
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/are-we-there-yet/node_modules/delegates
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/are-we-there-yet
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/console-control-strings
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/has-color
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/object-assign
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/signal-exit
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/code-point-at/node_modules/number-is-nan
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/code-point-at
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/is-fullwidth-code-point/node_modules/number-is-nan
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/is-fullwidth-code-point
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/string-width
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge/node_modules/wide-align
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/gauge
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog/node_modules/set-blocking
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/npmlog
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/debug/node_modules/ms
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/debug
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/es6-symbol/node_modules/es5-ext/node_modules/es6-iterator
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/es6-symbol/node_modules/es5-ext
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/es6-symbol/node_modules/d
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/es6-symbol
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index
- [email protected] node_modules/npm/node_modules/node-gyp/node_modules/path-array
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/concat-stream/node_modules/readable-stream/node_modules/core-util-is
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/concat-stream/node_modules/readable-stream/node_modules/isarray
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/concat-stream/node_modules/readable-stream/node_modules/process-nextick-args
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/concat-stream/node_modules/readable-stream/node_modules/string_decoder
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/concat-stream/node_modules/readable-stream/node_modules/util-deprecate
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/concat-stream/node_modules/readable-stream
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/are-we-there-yet/node_modules/delegates
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/are-we-there-yet
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/console-control-strings
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/has-color
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/object-assign
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/signal-exit
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/code-point-at/node_modules/number-is-nan
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/code-point-at
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/is-fullwidth-code-point/node_modules/number-is-nan
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/is-fullwidth-code-point
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/string-width
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge/node_modules/wide-align
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/gauge
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog/node_modules/set-blocking
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/npmlog
- [email protected] node_modules/npm/node_modules/npm-registry-client/node_modules/retry
- [email protected] node_modules/npm/node_modules/npmlog/node_modules/gauge/node_modules/has-color
- [email protected] node_modules/npm/node_modules/npmlog/node_modules/gauge/node_modules/string-width/node_modules/code-point-at/node_modules/number-is-nan
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/node_modules/balanced-match
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/node_modules/concat-map
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/glob/node_modules/minimatch
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/glob/node_modules/path-is-absolute
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/glob
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/json-parse-helpfulerror/node_modules/jju
- [email protected] node_modules/npm/node_modules/read-package-json/node_modules/json-parse-helpfulerror
- [email protected] node_modules/npm/node_modules/readable-stream/node_modules/buffer-shims
- [email protected] node_modules/npm/node_modules/request/node_modules/bl/node_modules/readable-stream/node_modules/core-util-is
- [email protected] node_modules/npm/node_modules/request/node_modules/bl/node_modules/readable-stream/node_modules/isarray
- [email protected] node_modules/npm/node_modules/request/node_modules/bl/node_modules/readable-stream/node_modules/process-nextick-args
- [email protected] node_modules/npm/node_modules/request/node_modules/bl/node_modules/readable-stream/node_modules/string_decoder
- [email protected] node_modules/npm/node_modules/request/node_modules/bl/node_modules/readable-stream/node_modules/util-deprecate
- [email protected] node_modules/npm/node_modules/request/node_modules/bl/node_modules/readable-stream
- [email protected] node_modules/npm/node_modules/request/node_modules/bl
- [email protected] node_modules/npm/node_modules/request/node_modules/form-data/node_modules/async
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/chalk/node_modules/ansi-styles
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/chalk/node_modules/escape-string-regexp
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/chalk/node_modules/has-ansi
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/chalk/node_modules/supports-color
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/chalk
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/commander/node_modules/graceful-readlink
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/commander
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/node_modules/generate-function
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/node_modules/generate-object-property/node_modules/is-property
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/node_modules/generate-object-property
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/node_modules/jsonpointer
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/node_modules/xtend
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/pinkie-promise/node_modules/pinkie
- [email protected] node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/pinkie-promise
- [email protected] node_modules/npm/node_modules/request/node_modules/http-signature/node_modules/sshpk/node_modules/jodid25519
- [email protected] node_modules/npm/node_modules/request/node_modules/node-uuid
- [email protected] node_modules/npm/node_modules/tar/node_modules/block-stream
- [email protected] node_modules/npm/node_modules/validate-npm-package-license/node_modules/spdx-expression-parse/node_modules/spdx-exceptions
- [email protected] node_modules/npm/node_modules/validate-npm-package-license/node_modules/spdx-expression-parse/node_modules/spdx-license-ids
- [email protected] node_modules/npm/node_modules/fstream-npm
- [email protected] node_modules/npm/node_modules/normalize-git-url
- [email protected] node_modules/npm/node_modules/realize-package-specifier
/opt/nodejs/lib
`-- (empty)
npm ERR! Linux 4.9.38-moby
npm ERR! argv "/opt/nodejs/bin/node" "/opt/nodejs/bin/npm" "install" "-g" "npm@latest" "--loglevel" "warn"
npm ERR! node v6.9.1
npm ERR! npm v3.10.8
npm ERR! path /opt/nodejs/lib/node_modules/npm/node_modules/abbrev
npm ERR! code EXDEV
npm ERR! errno -18
npm ERR! syscall rename
npm ERR! EXDEV: cross-device link not permitted, rename '/opt/nodejs/lib/node_modules/npm/node_modules/abbrev' -> '/opt/nodejs/lib/node_modules/npm/node_modules/.abbrev.DELETE'
npm ERR!
npm ERR! If you need help, you may report this error at:
npm ERR! <https://github.com/npm/npm/issues>
npm ERR! Please include the following file with any support request:
npm ERR! /app/npm-debug.log
npm ERR! code 1
ERROR: Service 'app' failed to build: The command '/bin/sh -c yum clean all && yum update -y -q && yum install -y -q git && yum clean all && rpm --rebuilddb && npm install -g npm@latest --loglevel warn' returned a non-zero code: 1
Do not make bootstrap expect views, fields and translations at the root level of a project.
At the moment, bootstrap will throw an error if they don't exist. However, it would make sense to throw an error only if no views, or fields, or translations could be found at the root level or the route level
README documentation is not entirely accurate.
Update the README documentation so that it is accurate with the current implementation of the project.
In particular, not all the configuration options are documented and several of them are incorrect.
Do not allow users to override the assets
default setting of public
.
The value public
should be expected and is the expected output for the browserify script in package.json
As a lib I should be as configurable as possible and not make assumptions about the dir structure of the application I am being used in. Instead of expecting everything to be in apps
, I should be passed an array of absolute paths, or at least the name of the directory to look in
When using express-session's MemoryStore the following error is generated:
express-session deprecated req.secret; provide secret option node_modules/hof-bootstrap/lib/sessions.js:19:20
lib/logger should be removed and replaced with hof-logger.
hof-logger allows defaults to be overridden so should we build this into the bootstrap options? Alternative is to be opinionated and use sensible defaults as per GRO, ROTM and BRP
At https://github.com/UKHomeOffice/hof-bootstrap/blob/master/lib/defaults.js#L20 hof.middleware.error
is invoked with translate
and logger
. However, translate
is undefined
.
The reason being that require('hof').i18n
is in fact a function that when invoked returns an object with a translate function.
Fix:
const i18n = require('hof').i18n({
path: path_to_translations
})
...
translate: i18n.translate.bind(i18n)
...
Notes
1): path_to_translations should point to something like... translations/__lng__/__ns__.json
Such as:
apps/
|- common/
|- translations/
|- en/
|- default.json
i18n.translate.bind(i18n)
the translate function must be explicitly bound to the i18n object. When the translate function is invoked without this context, its 'thisobject appears to be
undefined` ✘ cns@mirka /httpdocs/ho/hof-bootstrap/example master ● npm start
> [email protected] start /httpdocs/ho/hof-bootstrap/example
> node .
/httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/lib/helpers.js:43
throw new Error('Set base fields or route fields or both');
^
Error: Set base fields or route fields or both
at Function.getFields (/httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/lib/helpers.js:43:13)
at module.exports (/httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/lib/router.js:17:26)
at /httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/index.js:29:35
at Array.forEach (native)
at config.routes.forEach (/httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/index.js:24:17)
at Object.bootstrap.start.Promise [as start] (/httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/index.js:77:7)
at module.exports.bootstrap.start.config.routes.forEach.config.middleware.forEach.app.get.app.get (/httpdocs/ho/hof-bootstrap/example/node_modules/hof-bootstrap/index.js:136:15)
at Object.<anonymous> (/httpdocs/ho/hof-bootstrap/example/index.js:5:1)
at Module._compile (module.js:409:26)
at Object.Module._extensions..js (module.js:416:10)
Add a document to help developers contribute to this repository.
documentation should be flexible enough to use for other HOF repos
Use HOF notFound
middleware to catch non-existent routes
The guidance from the central team is that our licenses in the Home Office are meant to be MIT https://github.com/UKHomeOffice/central-devteam-board/wiki#licencing. I noticed the HOF-bootstrap is GPL-3.0 and the example is ISC. Is HOF licensing meant to move away from the Home Office guidelines?
app.get('/healthz/ping', (req, res) => res.send(200));
Discovered some issues with how the paths to the various resources are managed, and how they differ between test and service.
Still investigating
fallback views directory should be provided to express application before express-partial-templates middleware. Terms and Cookies should use these templates as a base, also i18n should use common translations compiled from hof-template-partials
add commit hooks, with tests, lint etc to catch errors sooner
When startOnInitialise
is false
when the interface is start
ed, the same config has to be passed to the method otherwise it will fail:
const path = require('path');
const bootstrap = require('hof-bootstrap');
bootstrap({
startOnInitialise: false,
routes: [{
fields: path.resolve(__dirname, 'fields'),
views: path.resolve(__dirname, 'views'),
steps: {
'/one': {
next: '/two',
fields: ['fname', 'lname']
},
'/two': {
template: 'two'
}
}
}]
}).then(bootstrap => {
bootstrap.start(); // silently fails
bootstrap.start({startOnInitialise: true}); // silently fails
bootstrap.start({startOnInitialise: true, protocol: 'http', port: '8080', host: '0.0.0.0'}); // finally works
});
In the first 2 scenarios the app never starts (the listen
method cannot be reached in the first, port
, host
and protocol
are undefined
in the last).
Perhaps we could a find a better idea to expose the interface. Perhaps we could expose the app as an express Router
?
In example/ you've got codecept there, but the tests don't run as part of CI
On latest build using Node v14.18.1 the follwing 5 security vulnerabilities are reported:
underscore 1.3.2 - 1.12.0
Severity: high
Arbitrary Code Execution in underscore - GHSA-cf4h-3jhx-xvhq
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/httpntlm/node_modules/underscore
httpntlm 1.5.0 - 1.7.6
Depends on vulnerable versions of underscore
node_modules/httpntlm
smtp-connection 2.4.0-beta.0 - 3.2.0
Depends on vulnerable versions of httpntlm
node_modules/smtp-connection
nodemailer-smtp-transport 2.0.0-beta.0 - 2.0.0-beta.1 || >=2.5.0
Depends on vulnerable versions of smtp-connection
node_modules/nodemailer-smtp-transport
hof >=19.0.0-beta-v1
Depends on vulnerable versions of nodemailer-smtp-transport
node_modules/hof
5 high severity vulnerabilities
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.