jackspagnolinhs-semantic-release-testing
Advanced tools
A variant of the Middy Error Handler for use in a FHIR AWS lambda.
This repository contains a variant of the Middy Error Handler for use in a FHIR AWS lambda. it is used in https://github.com/NHSDigital/prescriptionsforpatients
This repository creates an NPM/GitHub Packages package that is designed to be used as error handling middleware for a FHIR AWS lambda, return FHIR compliant error messages as OperationOutcome resources.
To integrate this into your project, install the package using the following:
# TODO: Update this once package is published
.devcontainer Contains a dockerfile and vscode devcontainer definition.github Contains github workflows that are used for building and deploying from pull requests and releasessrc Contains the source code for the projecttests Contains the tests for the projectContributions to this project are welcome from anyone, providing that they conform to the guidelines for contribution and the community code of conduct.
This code is dual licensed under the MIT license and the OGL (Open Government License). Any new work added to this repository must conform to the conditions of these licenses. In particular this means that this project may not depend on GPL-licensed or AGPL-licensed libraries, as these would violate the terms of those libraries' licenses.
The contents of this repository are protected by Crown Copyright (C).
It is recommended that you use visual studio code and a devcontainer as this will install all necessary components and correct versions of tools and languages.
See https://code.visualstudio.com/docs/devcontainers/containers for details on how to set this up on your host machine.
There is also a workspace file in .vscode that should be opened once you have started the devcontainer. The workspace file can also be opened outside of a devcontainer if you wish.
All commits must be made using signed commits
Once the steps at the link above have been completed. Add to your ~/.gnupg/gpg.conf as below:
use-agent
pinentry-mode loopback
and to your ~/.gnupg/gpg-agent.conf as below:
allow-loopback-pinentry
As described here: https://stackoverflow.com/a/59170001
You will need to create the files, if they do not already exist. This will ensure that your VSCode bash terminal prompts you for your GPG key password.
You can cache the gpg key passphrase by following instructions at https://superuser.com/questions/624343/keep-gnupg-credentials-cached-for-entire-user-session
The GitHub Actions require a secret to exist on the repo called "SONAR_TOKEN". This can be obtained from SonarCloud as described here. You will need the "Execute Analysis" permission for the project (NHSDigital_nhs-fhir-middy-error-handler) in order for the token to work.
Some pre-commit hooks are installed as part of the install above, to run basic lint checks and ensure you can't accidentally commit invalid changes. The pre-commit hook uses python package pre-commit and is configured in the file .pre-commit-config.yaml. A combination of these checks are also run in CI.
There are make commands that are run as part of the CI pipeline and help alias some functionality during development.
installclean clears up any files that have been generated by building or testing locally.deep-clean runs clean target and also removes any node_modules installed locally.lint runs lint for all codecheck-licenses checks licenses for all packages usedThis .github folder contains workflows and templates related to github
pull_request_template.yml: Template for pull requests.dependabot.yml: Dependabot definition fileWorkflows are in the .github/workflows folder
build.yml: Runs check-licenses, lint, test and sonarcloud scan against the repo. Called from pull_request.yml and release.ymlcombine-dependabot-prs.yml: Workflow for combining dependabot pull requests. Runs on demanddependabot_auto_approve_and_merge.yml: Workflow to auto merge dependabot updatespr-link.yaml: This workflow template links Pull Requests to Jira tickets and runs when a pull request is opened.pull_request.yml: Called when pull request is opened or updated. Runs build.yml.release.yml: Run when code is merged to main branch or a tag starting v is pushed. Calls build.yml.publish.yml: Publishes the package to GitHub Packages. Called on demand.FAQs
A variant of the Middy Error Handler for use in a FHIR AWS lambda.
We found that jackspagnolinhs-semantic-release-testing demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
TypeScript is porting its compiler to Go, delivering 10x faster builds, lower memory usage, and improved editor performance for a smoother developer experience.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.