Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
app.json
is a manifest format for describing web apps. It's a file in the root
directory of your app that describes build requirements, environment variables, addons,
and other information.
This repository contains the source for an npm module called app.json, which has many facets:
For more info about app.json
, see
To use the command line tool, install it globally using npm:
npm install app.json --global
Now you can run app.json
(or simply app
) on the command line.
You can use the CLI to create new Heroku apps from publicly-accessible .tar.gz
or .tgz
files (colloquially known as "tarballs"), or from GitHub and Bitbucket URLs. The general form is:
app.json clone <repo> [new-app-name]
repo
is required.new-app-name
is optional.Here are some examples:
# GitHub shorthand URL
app.json clone github:zeke/slideshow
# GitHub shorthand URL with branch
app.json clone github:zeke/slideshow#master
# GitHub shorthand URL
app.json clone bitbucket:sikelianos/slideshow
# GitHub shorthand URL with branch
app.json clone bitbucket:sikelianos/slideshow#master
# GitHub full URL
app.json clone https://github.com/zeke/slideshow.git my-slideshow
# Tarball URL
app.json clone http://app.json.s3.amazonaws.com/zeke-slideshow-a95e802.tar.gz
The init
command will create a new app.json
file in your current
working directory. If the directory already has a Heroku git remote in .git/config
,
the CLI will attempt to populate the env
and addons
properties of the new
app.json
file with live data from your running Heroku app.
app.json init
Use the validate
command to ensure that your app.json
file conforms to the
schema.
app.json validate
Use the update
command to fetch the latest addons
and env
properties from
a running Heroku app.
app.json update
Download the module from npm and save it to your package.json:
npm install app.json --save
Require it in your script:
var App = require("app.json")
If browserify isn't your thing, use the pre-compiled browser-ready bundle in
dist/app.js. Include this file in your html page and it will create
window.App
for you.
The app.json schema is defined using the JSON Schema specification and is validated with the revalidator node module. View the raw schema or the auto-generated app.json Schema Documentation on Heroku Dev Center.
Instantiate with a JSON filename:
var app = App.new(__dirname + "/path/to/app.json")
Instantiate with a JSON string:
var json = "{name: \"small-sharp-tool\", description: \"This app does one little thing, and does it well.\"}"
var app = App.new(json)
Instantiate with a JavaScript object:
var app = App.new({
name: "small-sharp-tool",
description: "This app does one little thing, and does it well."
})
You can fetch app manifests straight from GitHub or Bitbucket. The
app-json-fetcher service is used
to make the app.json
file downloadable from browsers.
url
can be a fully qualified repository URL or a shorthand string in the form github:user/repo
or bitbucket:user/repo
App.fetch("github:zeke/slideshow", function(err, manifest) {
console.log(err, manifest)
})
Generates an example manifest from example
properties in the schema.
App.example
A getter method that validates the app manifest and returns true
or false
Returns an array of error objects:
[
{property: "name", message: "is required"},
{property: "website", message: "is not a valid url"}
]
If the manifest is valid, an empty array is returned.
Returns a pretty JSON string of the manifest, minus any undocumented properties.
Fetch pricing data about the app's required addons by hitting the Heroku Platform API.
See CONTRIBUTING.md
MIT
FAQs
Create, validate, and render Heroku app.json manifests
The npm package app.json receives a total of 7 weekly downloads. As such, app.json popularity was classified as not popular.
We found that app.json demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.