Security News
Fluent Assertions Faces Backlash After Abandoning Open Source Licensing
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
@gjuchault/typescript-service-starter
Advanced tools
Yet another (opinionated) TypeScript service starter template.
And extends the ones from typescript-library-starter
npx degit gjuchault/typescript-service-starter my-project
or click on the Use this template
button on GitHub!cd my-project
npm install
git init
(if you used degit)node --run setup
echo "HTTP_COOKIE_SIGNING_SECRET=$(node --run generate-secret)" > .env.local
To enable deployment, you will need to:
NPM_TOKEN
secret in GitHub Actions (Settings > Secrets > Actions)GITHUB_TOKEN
write permissions for GitHub releases (Settings > Actions > General > Workflow permissions)This template is based on Fastify with some nice defaults (circuit breaker, redis rate limit, etc.). openapi-typescript is used to have nice routes & automatic client generation with zod and TypeScript.
Client should be published when this package is released. You can use openapi-fetch easily with it:
import createClient from "openapi-fetch";
import type { paths as api } from "typescript-service-starter";
export const client = createClient<api>({ baseUrl: "" });
const res = await client.GET("/api/docs");
You can check openapi-ts's documentation for more details.
Commands:
generate-client
: creates the client/
folder with YAML and JSON OpenAPI schemas as well as openapi-typescript' schemasIt leverages PostgreSQL as a storage (through slonik), umzug for migrations, Redis (or compatible like KeyDB or Dragonfly) as a cache through ioredis.
Commands:
migrate:up
: run migrations up to the latest onemigrate:down [n=1]
: revert n migrationsmigrate:create
: create a new migration fileFor the logging & telemetry part, it uses pino and OpenTelemetry (for both tracing and metrics). To handle distributed tracing, it expects W3C's traceparent header to carry trace id & parent span id (example header: traceparent: '00-82d7adc64d7020e7fe7ff263dd5ba4dc-dd932b8fbc70946d-01'
).
You can find an example of a working fullstack telemetry in docker-compose.yaml
, where this service directly pushes to prometheus and jaeger without the use of a collector.
This template is not compiled and should be run with Node --strip-types option. This means you can not leverage node_modules and file system at runtime: reading static files from node_modules, hooking require
, etc. ill not be possible. This implies to be mindful on libraries (that would read static files from there older), or automatic instrumentation (that hook require
). Yet it comes with super small Docker images hat are fast to deploy.
src/
├── contexts # contexts your service is handling (in the DDD sense)
│ ├── your-context
│ │ ├── application # service code
│ │ ├── domain # pure functions & TypeScript models of your entities
│ │ ├── presentation # communication layer (http)
│ │ ├── repository # storage of your entities
├── helpers # utilities functions & non-domain code
├── infrastructure # technical components (cache, database connection, etc.)
└── test-helpers # test utilities (starting default port, resetting database, etc.)
Dependencies are passed as last-parameter so methods are testable easily and avoid mocking modules.
TypeScript Service Starter relies on Volta to ensure Node.js version to be consistent across developers. It's also used in the GitHub workflow file.
Leverages --strip-types
to avoid build step, but keeps tsc
to generate .d.ts
files.
Commands:
start
: starts the bundled (see below) server with .env
and .env.local
env filesdev
: starts src
server with .env
and .env.local
filesworker
: starts the worker with .env
, .env.local
env filestype:check
: validates types with tsc
This library is providing a very small Docker image thanks to bundling and code-splitting.
Running node --run bundle
will bundle all of the src/
and node_modules/
code into two files:
build/index.js
which runs the serverbuild/worker.js
which runs the task scheduler's workerThis will drastically improve the Docker image size: it only contains alpine, node, env files and the bundle files — no node_modules; but comes with one cost: dependencies can not base their code on a file structure containing a node_modules
folder (typically to find static files there)
Commands:
bundle
: creates the build/
directory containing the entrypoints and shared codestart:prod
: runs the http server entrypointworker:prod
: runs the worker entrypointTypeScript Library Starter uses Node.js's native test runner. Coverage is done using c8 but will switch to Node.js's one once out.
Commands:
test
: runs test runner for both unit and integration teststest:watch
: runs test runner in watch modetest:coverage
: runs test runner and generates coverage reportsThis template relies on Biome to format and lint. It also uses cspell to ensure correct spelling.
Commands:
lint
: runs Biome with automatic fixinglint:check
: runs Biome without automatic fixing (used in CI)spell:check
: runs spell checkingUnder the hood, this service uses semantic-release and Commitizen.
The goal is to avoid manual release processes. Using semantic-release
will automatically create a GitHub release (hence tags) as well as an npm release.
Based on your commit history, semantic-release
will automatically create a patch, feature or breaking release.
Commands:
cz
: interactive CLI that helps you generate a proper git commit message, using Commitizensemantic-release
: triggers a release (used in CI)FAQs
Yet another typescript service starter template
The npm package @gjuchault/typescript-service-starter receives a total of 8 weekly downloads. As such, @gjuchault/typescript-service-starter popularity was classified as not popular.
We found that @gjuchault/typescript-service-starter demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.