diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 000000000..caaf4fc1a --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,11 @@ +version: 2 +updates: + - package-ecosystem: 'npm' + directory: '/' + schedule: + interval: weekly + + - package-ecosystem: 'github-actions' + directory: '/' + schedule: + interval: 'weekly' diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 37341787f..28c169766 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -13,9 +13,9 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v4 with: node-version: 18 cache: 'npm' diff --git a/.github/workflows/build_and_deploy_dev.yml b/.github/workflows/build_and_deploy_dev.yml index b61516357..c004556f4 100644 --- a/.github/workflows/build_and_deploy_dev.yml +++ b/.github/workflows/build_and_deploy_dev.yml @@ -36,7 +36,7 @@ jobs: name: Build and Deploy runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4 - name: Log into ghcr registry uses: docker/login-action@v3.0.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 000000000..2b44d2f24 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,37 @@ +name: "CodeQL" + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + schedule: + - cron: '27 10 * * 1' + +permissions: + contents: read + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + + - name: Initialize CodeQL + uses: github/codeql-action/init@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0 + with: + languages: 'javascript' + + - name: Autobuild + uses: github/codeql-action/autobuild@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0 diff --git a/package-lock.json b/package-lock.json index 36ab501ed..00da0fc4b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "service", - "version": "0.1.1", + "version": "1.1.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "service", - "version": "0.1.1", + "version": "1.1.0", "hasInstallScript": true, "license": "MIT", "dependencies": { diff --git a/package.json b/package.json index 4196aaba6..c5c78f5ea 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "service", - "version": "0.1.1", + "version": "1.1.0", "description": "Service side of clearlydefined.io.", "scripts": { "test": "nyc mocha --exit \"test/**/*.js\" && eslint .", diff --git a/providers/stores/mongoConfig.js b/providers/stores/mongoConfig.js index 6d1845c08..0ac1bcc29 100644 --- a/providers/stores/mongoConfig.js +++ b/providers/stores/mongoConfig.js @@ -17,9 +17,13 @@ function definitionPaged(options) { } function definitionTrimmed(options) { + const oldConfig = config.get('TRIMMED_DEFINITION_MONGO_COLLECTION_NAME') + if (oldConfig) { + console.warn('The TRIMMED_DEFINITION_MONGO_COLLECTION_NAME environment variable is deprecated. Use DEFINITION_MONGO_TRIMMED_COLLECTION_NAME instead.') + } return TrimmedMongoDefinitionStore(options || { ...dbOptions, - collectionName: config.get('DEFINITION_MONGO_TRIMMED_COLLECTION_NAME') || 'definitions-trimmed' + collectionName: config.get('DEFINITION_MONGO_TRIMMED_COLLECTION_NAME') || oldConfig || 'definitions-trimmed' }) }