Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
next-build-id
Advanced tools
Changelog
3.0.0 (2019-08-16)
async
/await
), changes return value from object to string (to be more compatible with generateBuildId
), removes hacky file overwriting and thus the CLI (file overwriting is no longer necessary for modern versions of Next).See README for further details.
<a name="2.0.1"></a>
Readme
Use a consistent, git-based build id for your Next.js app
Small package to generate a consistent, git-based build id for your Next.js app when running next build
on each server in a multi-server deployment.
This module exports a function that you can use as your generateBuildId config option in next.config.js.
By default, it will use the latest git commit hash from the local git repository (equivalent of git rev-parse HEAD
):
// next.config.js
const nextBuildId = require('next-build-id')
module.exports = {
generateBuildId: () => nextBuildId({ dir: __dirname })
}
// => 'f9fc968afa249d162c924a8d5b4ce6562c164c2e'
If you'd rather use a build id relative to the most recent tag in your git repo, pass describe: true
as an option and the output of git describe --tags
will be used instead:
// next.config.js
const nextBuildId = require('next-build-id')
module.exports = {
generateBuildId: () => nextBuildId({ dir: __dirname, describe: true })
}
// => 'v1.0.0' (no changes since v1.0.0 tag)
// => 'v1.0.0-19-ga8f7eee' (19 changes since v1.0.0 tag)
This module also exposes a synchronous version for custom needs, e.g. passing the build id directly to a Sentry configuration. Just call nextBuildId.sync({ dir: __dirname })
instead.
If you're running multiple instances of your app sitting behind a load balancer without session affinity (and you're building your app directly on each production server instead of pre-packaging it), a tool like this is necessary to avoid Next.js errors like "invalid build file hash", which happens when the same client (browser code) talks to multiple server backends (Node server) that have different build ids.
The build id used by your app is stored on the file system in a BUILD_ID
text file in your build directory, which is .next
by default.
$ npm i next-build-id
This module exports two functions, one that is asynchronous (nextBuildId()
primary export) and one that is synchronous (nextBuildId.sync()
). Both functions accept a single options object, supporting the same options listed below. Both functions return (or resolve to) a string, representing the git-based build id.
The options supported are:
dir
(string, default process.cwd()
): a directory within the local git repository
Using __dirname
from your next.config.js module is generally safe. The default value is assumed to be the directory from which you are running the next build
command, but this may not be correct based on how you build your Next.js app.
describe
(boolean, default false
): use git tag description instead of latest commit sha
Specify this as true
to use git describe --tags
instead of git rev-parse HEAD
for generating the build id. If there are no tags in your local git repository, the latest commit sha will be used instead, unless you also specify fallbackToSha: false
.
fallbackToSha
(boolean, default true
): fallback to latest commit sha when describe: true
and no tags exist
Only applies when using describe: true
. If you want to be strict about requiring the use (and presence) of tags, then disable this with fallbackToSha: false
, in which case an error will be thrown if no tags exist.
Note that this module really provides a generic way to get an id or status string for any local git repository, meaning it is not directly tied to Next.js in any way - it just depends on how you use it.
ISC © Andrew Goode
FAQs
Use a consistent, git-based build id for your Next.js app
The npm package next-build-id receives a total of 28,302 weekly downloads. As such, next-build-id popularity was classified as popular.
We found that next-build-id demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.