npm - nodejs-quickstart-structure - Versions diffs - 1.19.0 → 1.19.1 - Mend

nodejs-quickstart-structure 1.19.0 → 1.19.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (134) hide show

package/templates/common/.env.example.ejs CHANGED Viewed

@@ -1,41 +1,41 @@
-# Application
-PORT=3000
-NODE_ENV=development
-<%_ if (database !== 'None') { -%>
-# Database
-<%_ if (database === 'MySQL') { -%>
-DB_HOST=localhost
-DB_PORT=3306
-DB_USER=root
-DB_PASSWORD=root
-DB_NAME=<%= dbName %>
-<%_ } -%>
-<%_ if (database === 'PostgreSQL') { -%>
-DB_HOST=localhost
-DB_PORT=5432
-DB_USER=postgres
-DB_PASSWORD=root
-DB_NAME=<%= dbName %>
-<%_ } -%>
-<%_ if (database === 'MongoDB') { -%>
-DB_HOST=localhost
-DB_PORT=27017
-DB_NAME=<%= dbName %>
-<%_ } -%>
-<%_ } -%>
-<%_ if (communication === 'Kafka') { -%>
-# Communication
-KAFKA_BROKER=localhost:9093
-KAFKA_CLIENT_ID=<%= projectName %>
-KAFKA_GROUP_ID=<%= projectName %>-group
-<%_ } -%>
-<%_ if (caching === 'Redis') { -%>
-# Caching
-REDIS_HOST=localhost
-REDIS_PORT=6379
-REDIS_PASSWORD=
-<%_ } -%>
+# Application
+PORT=3000
+NODE_ENV=development
+<%_ if (database !== 'None') { -%>
+# Database
+<%_ if (database === 'MySQL') { -%>
+DB_HOST=localhost
+DB_PORT=3306
+DB_USER=root
+DB_PASSWORD=root
+DB_NAME=<%= dbName %>
+<%_ } -%>
+<%_ if (database === 'PostgreSQL') { -%>
+DB_HOST=localhost
+DB_PORT=5432
+DB_USER=postgres
+DB_PASSWORD=root
+DB_NAME=<%= dbName %>
+<%_ } -%>
+<%_ if (database === 'MongoDB') { -%>
+DB_HOST=localhost
+DB_PORT=27017
+DB_NAME=<%= dbName %>
+<%_ } -%>
+<%_ } -%>
+<%_ if (communication === 'Kafka') { -%>
+# Communication
+KAFKA_BROKER=localhost:9093
+KAFKA_CLIENT_ID=<%= projectName %>
+KAFKA_GROUP_ID=<%= projectName %>-group
+<%_ } -%>
+<%_ if (caching === 'Redis') { -%>
+# Caching
+REDIS_HOST=localhost
+REDIS_PORT=6379
+REDIS_PASSWORD=
+<%_ } -%>

package/templates/common/.gitlab-ci.yml.ejs CHANGED Viewed

@@ -1,86 +1,86 @@
-variables:
-  NODE_ENV: 'test'
-stages:
-  - lint
-  - test
-<% if (includeSecurity) { %>
-  - security
-  - quality
-<% } %>
-  - build
-cache:
-  paths:
-    - node_modules/
-install_dependencies:
-  stage: .pre
-  image: node:22-slim
-  script:
-    - npm ci
-lint_code:
-  stage: lint
-  image: node:22-slim
-  script:
-    - npm run lint
-run_unit_tests:
-  stage: test
-  image: node:22-slim
-  script:
-    - npm run test:coverage
-run_e2e_tests:
-  stage: test
-  image: docker:20.10.16
-  services:
-    - docker:20.10.16-dind
-  script:
-    - apk add --no-cache nodejs npm docker-compose
-    - npm ci
-    - npm run test:e2e
-<% if (includeSecurity) { %>
-snyk_scan:
-  stage: security
-  image: node:22-alpine
-  script:
-    - npm ci
-    - npm run snyk:test
-  only:
-    - main
-snyk_container_scan:
-  stage: security
-  image: docker:20.10.16
-  services:
-    - docker:20.10.16-dind
-  script:
-    - apk add --no-cache nodejs npm
-    - npm install -g snyk
-    - docker build -t <%= projectName %>:latest .
-    - snyk container test <%= projectName %>:latest --file=Dockerfile --severity-threshold=high --skip-unused-projects
-sonarqube_check:
-  stage: quality
-  image:
-    name: sonarsource/sonar-scanner-cli:latest
-    entrypoint: [""]
-  variables:
-    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"
-    GIT_DEPTH: "0"
-  cache:
-    key: "${CI_JOB_NAME}"
-    paths:
-      - .sonar/cache
-  script:
-    - sonar-scanner
-  only:
-    - main
-<% } %>
-build_app:
-  stage: build
-  image: node:22-alpine
-  script:
-    - npm run build --if-present
+variables:
+  NODE_ENV: 'test'
+stages:
+  - lint
+  - test
+<% if (includeSecurity) { %>
+  - security
+  - quality
+<% } %>
+  - build
+cache:
+  paths:
+    - node_modules/
+install_dependencies:
+  stage: .pre
+  image: node:22-slim
+  script:
+    - npm ci
+lint_code:
+  stage: lint
+  image: node:22-slim
+  script:
+    - npm run lint
+run_unit_tests:
+  stage: test
+  image: node:22-slim
+  script:
+    - npm run test:coverage
+run_e2e_tests:
+  stage: test
+  image: docker:20.10.16
+  services:
+    - docker:20.10.16-dind
+  script:
+    - apk add --no-cache nodejs npm docker-compose
+    - npm ci
+    - npm run test:e2e
+<% if (includeSecurity) { %>
+snyk_scan:
+  stage: security
+  image: node:22-alpine
+  script:
+    - npm ci
+    - npm run snyk:test
+  only:
+    - main
+snyk_container_scan:
+  stage: security
+  image: docker:20.10.16
+  services:
+    - docker:20.10.16-dind
+  script:
+    - apk add --no-cache nodejs npm
+    - npm install -g snyk
+    - docker build -t <%= projectName %>:latest .
+    - snyk container test <%= projectName %>:latest --file=Dockerfile --severity-threshold=high --skip-unused-projects
+sonarqube_check:
+  stage: quality
+  image:
+    name: sonarsource/sonar-scanner-cli:latest
+    entrypoint: [""]
+  variables:
+    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"
+    GIT_DEPTH: "0"
+  cache:
+    key: "${CI_JOB_NAME}"
+    paths:
+      - .sonar/cache
+  script:
+    - sonar-scanner
+  only:
+    - main
+<% } %>
+build_app:
+  stage: build
+  image: node:22-alpine
+  script:
+    - npm run build --if-present

package/templates/common/.lintstagedrc CHANGED Viewed

@@ -1,6 +1,6 @@
-{
-  "*.{js,ts}": [
-    "eslint --fix",
-    "prettier --write"
-  ]
-}
+{
+  "*.{js,ts}": [
+    "eslint --fix",
+    "prettier --write"
+  ]
+}

package/templates/common/.prettierrc CHANGED Viewed

@@ -1,7 +1,7 @@
-{
-  "semi": true,
-  "trailingComma": "all",
-  "singleQuote": true,
-  "printWidth": 100,
-  "tabWidth": 2
-}
+{
+  "semi": true,
+  "trailingComma": "all",
+  "singleQuote": true,
+  "printWidth": 100,
+  "tabWidth": 2
+}

package/templates/common/Dockerfile CHANGED Viewed

@@ -1,73 +1,73 @@
-# ==========================================
-# Stage 1: Builder
-# ==========================================
-FROM node:22-alpine AS builder
-# Upgrade OS packages to fix upstream vulnerabilities (Snyk-detected)
-RUN apk update && apk upgrade && \
-    apk add --no-cache ca-certificates zlib>=1.3.2-r0 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/main
-WORKDIR /app
-ENV NPM_CONFIG_UPDATE_NOTIFIER=false
-# Upgrade npm using corepack (safer in Alpine)
-RUN corepack enable && corepack prepare npm@11.6.4 --activate
-COPY package*.json ./
-COPY tsconfig*.json ./
-# Install ALL dependencies (including devDeps for build)
-RUN npm ci --no-audit --no-fund || npm ci --no-audit --no-fund || npm ci --no-audit --no-fund
-COPY . .
-# Build for production
-<% if (language === 'TypeScript') { %>RUN npm run build<% } %>
-# ==========================================
-# Stage 2: Production
-# ==========================================
-FROM node:22-alpine AS production
-# Upgrade OS packages to fix upstream vulnerabilities (Snyk-detected)
-RUN apk update && apk upgrade && \
-    apk add --no-cache ca-certificates zlib>=1.3.2-r0 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/main
-WORKDIR /app
-ENV NODE_ENV=production
-ENV NPM_CONFIG_UPDATE_NOTIFIER=false
-# Upgrade npm using corepack (safer in Alpine)
-RUN corepack enable && corepack prepare npm@11.6.4 --activate
-COPY package*.json ./
-# Install ONLY production dependencies
-RUN npm ci --only=production --ignore-scripts --no-audit --no-fund || npm ci --only=production --ignore-scripts --no-audit --no-fund || npm ci --only=production --ignore-scripts --no-audit --no-fund
-# Remove npm and caches to achieve Zero-Vulnerability status in the final image
-RUN rm -rf /usr/local/lib/node_modules/npm /usr/local/bin/npm /usr/local/bin/npx /root/.npm /root/.cache
-# Copy built artifacts from builder
-<% if (language === 'TypeScript') { %>
-COPY --from=builder /app/dist ./dist
-<% } else { %>
-COPY --from=builder /app/src ./src
-<% } %>
-# Copy other necessary files (like views if MVC)
-<% if (viewEngine && viewEngine !== 'None') { %>
-COPY --from=builder /app/src/views ./dist/views
-<% if (viewEngine && viewEngine !== 'None') { %>COPY --from=builder /app/public ./public<% } %>
-<% } %>
-EXPOSE 3000
-# Create logs directory and give permissions to node user
-RUN mkdir -p logs && chown -R node:node logs
-USER node
-# Start application directly with node (safe even without npm)
-CMD ["node", "<% if (language === 'TypeScript') { %>dist/index.js<% } else { %>src/index.js<% } %>"]
+# ==========================================
+# Stage 1: Builder
+# ==========================================
+FROM node:22-alpine AS builder
+# Upgrade OS packages to fix upstream vulnerabilities (Snyk-detected)
+RUN apk update && apk upgrade && \
+    apk add --no-cache ca-certificates zlib>=1.3.2-r0 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/main
+WORKDIR /app
+ENV NPM_CONFIG_UPDATE_NOTIFIER=false
+# Upgrade npm using corepack (safer in Alpine)
+RUN corepack enable && corepack prepare npm@11.6.4 --activate
+COPY package*.json ./
+COPY tsconfig*.json ./
+# Install ALL dependencies (including devDeps for build)
+RUN npm ci --no-audit --no-fund || npm ci --no-audit --no-fund || npm ci --no-audit --no-fund
+COPY . .
+# Build for production
+<% if (language === 'TypeScript') { %>RUN npm run build<% } %>
+# ==========================================
+# Stage 2: Production
+# ==========================================
+FROM node:22-alpine AS production
+# Upgrade OS packages to fix upstream vulnerabilities (Snyk-detected)
+RUN apk update && apk upgrade && \
+    apk add --no-cache ca-certificates zlib>=1.3.2-r0 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/main
+WORKDIR /app
+ENV NODE_ENV=production
+ENV NPM_CONFIG_UPDATE_NOTIFIER=false
+# Upgrade npm using corepack (safer in Alpine)
+RUN corepack enable && corepack prepare npm@11.6.4 --activate
+COPY package*.json ./
+# Install ONLY production dependencies
+RUN npm ci --only=production --ignore-scripts --no-audit --no-fund || npm ci --only=production --ignore-scripts --no-audit --no-fund || npm ci --only=production --ignore-scripts --no-audit --no-fund
+# Remove npm and caches to achieve Zero-Vulnerability status in the final image
+RUN rm -rf /usr/local/lib/node_modules/npm /usr/local/bin/npm /usr/local/bin/npx /root/.npm /root/.cache
+# Copy built artifacts from builder
+<% if (language === 'TypeScript') { %>
+COPY --from=builder /app/dist ./dist
+<% } else { %>
+COPY --from=builder /app/src ./src
+<% } %>
+# Copy other necessary files (like views if MVC)
+<% if (viewEngine && viewEngine !== 'None') { %>
+COPY --from=builder /app/src/views ./dist/views
+<% if (viewEngine && viewEngine !== 'None') { %>COPY --from=builder /app/public ./public<% } %>
+<% } %>
+EXPOSE 3000
+# Create logs directory and give permissions to node user
+RUN mkdir -p logs && chown -R node:node logs
+USER node
+# Start application directly with node (safe even without npm)
+CMD ["node", "<% if (language === 'TypeScript') { %>dist/index.js<% } else { %>src/index.js<% } %>"]

package/templates/common/Jenkinsfile.ejs CHANGED Viewed

@@ -1,87 +1,87 @@
-pipeline {
-    agent any
-    environment {
-        CI = 'true'
-    }
-    stages {
-        stage('Install Dependencies') {
-            steps {
-                // Use npm ci for clean install if package-lock.json exists, else npm install
-                sh 'if [ -f package-lock.json ]; then npm ci; else npm install; fi'
-            }
-        }
-        stage('Lint') {
-            steps {
-                sh 'npm run lint'
-            }
-        }
-        stage('Unit Test') {
-            steps {
-                sh 'npm run test:coverage'
-            }
-        }
-        stage('E2E Test') {
-            steps {
-                sh 'npm run test:e2e'
-            }
-        }
-<% if (includeSecurity) { %>
-        stage('SonarQube Analysis') {
-            environment {
-                scannerHome = tool 'SonarScanner'
-            }
-            steps {
-                withSonarQubeEnv('SonarQube') {
-                    sh "${scannerHome}/bin/sonar-scanner"
-                }
-            }
-        }
-        stage('Security Scan') {
-            steps {
-                sh 'npm audit --audit-level=high'
-                sh 'npm run snyk:test'
-            }
-        }
-        stage('Snyk Container Scan') {
-            steps {
-                script {
-                    sh 'docker build -t <%= projectName %>:latest .'
-                    sh 'snyk container test <%= projectName %>:latest --file=Dockerfile --severity-threshold=high --skip-unused-projects'
-                }
-            }
-        }
-<% } %>
-        // stage('Docker Build & Push') {
-        //     steps {
-        //         script {
-        //             docker.withRegistry('https://registry.hub.docker.com', 'docker-hub-credentials') {
-        //                 def appImage = docker.build("my-image:${env.BUILD_ID}")
-        //                 appImage.push()
-        //                 appImage.push("latest")
-        //             }
-        //         }
-        //     }
-        // }
-        // stage('Deploy to Staging') {
-        //     steps {
-        //         sh './scripts/deploy.sh staging'
-        //     }
-        // }
-    }
-    post {
-        always {
-            // Clean up workspace
-            cleanWs()
-        }
-    }
-}
+pipeline {
+    agent any
+    environment {
+        CI = 'true'
+    }
+    stages {
+        stage('Install Dependencies') {
+            steps {
+                // Use npm ci for clean install if package-lock.json exists, else npm install
+                sh 'if [ -f package-lock.json ]; then npm ci; else npm install; fi'
+            }
+        }
+        stage('Lint') {
+            steps {
+                sh 'npm run lint'
+            }
+        }
+        stage('Unit Test') {
+            steps {
+                sh 'npm run test:coverage'
+            }
+        }
+        stage('E2E Test') {
+            steps {
+                sh 'npm run test:e2e'
+            }
+        }
+<% if (includeSecurity) { %>
+        stage('SonarQube Analysis') {
+            environment {
+                scannerHome = tool 'SonarScanner'
+            }
+            steps {
+                withSonarQubeEnv('SonarQube') {
+                    sh "${scannerHome}/bin/sonar-scanner"
+                }
+            }
+        }
+        stage('Security Scan') {
+            steps {
+                sh 'npm audit --audit-level=high'
+                sh 'npm run snyk:test'
+            }
+        }
+        stage('Snyk Container Scan') {
+            steps {
+                script {
+                    sh 'docker build -t <%= projectName %>:latest .'
+                    sh 'snyk container test <%= projectName %>:latest --file=Dockerfile --severity-threshold=high --skip-unused-projects'
+                }
+            }
+        }
+<% } %>
+        // stage('Docker Build & Push') {
+        //     steps {
+        //         script {
+        //             docker.withRegistry('https://registry.hub.docker.com', 'docker-hub-credentials') {
+        //                 def appImage = docker.build("my-image:${env.BUILD_ID}")
+        //                 appImage.push()
+        //                 appImage.push("latest")
+        //             }
+        //         }
+        //     }
+        // }
+        // stage('Deploy to Staging') {
+        //     steps {
+        //         sh './scripts/deploy.sh staging'
+        //     }
+        // }
+    }
+    post {
+        always {
+            // Clean up workspace
+            cleanWs()
+        }
+    }
+}

package/templates/common/SECURITY.md CHANGED Viewed

@@ -1,20 +1,20 @@
-# Security Policy
-## Supported Versions
-Only the latest `main` branch is supported for security updates.
-| Version | Supported          |
-| ------- | ------------------ |
-| 1.0.x   | :white_check_mark: |
-| < 1.0   | :x:                |
-## Reporting a Vulnerability
-We take the security of this project seriously. If you believe you have found a security vulnerability, please report it following these steps:
-1. **Do not open a public issue.**
-2. Send an email to the project maintainers (see `package.json`).
-3. Provide a detailed description of the vulnerability, including steps to reproduce.
-We will acknowledge your report within 48 hours and work on a fix as soon as possible.
+# Security Policy
+## Supported Versions
+Only the latest `main` branch is supported for security updates.
+| Version | Supported          |
+| ------- | ------------------ |
+| 1.0.x   | :white_check_mark: |
+| < 1.0   | :x:                |
+## Reporting a Vulnerability
+We take the security of this project seriously. If you believe you have found a security vulnerability, please report it following these steps:
+1. **Do not open a public issue.**
+2. Send an email to the project maintainers (see `package.json`).
+3. Provide a detailed description of the vulnerability, including steps to reproduce.
+We will acknowledge your report within 48 hours and work on a fix as soon as possible.