darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 19:03:30 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
b348e8ed03e05c6fa6548048d6d3f08e6e6b8d20
notifications-admin/package.json

63 lines
1.8 KiB
JSON
Raw Normal View History

Use a Node-based tools for handling assets …or how to move a bunch of things from a bunch of different places into `app/static`. There are three main reasons not to use Flask Assets: - It had some strange behaviour like only - It was based on Ruby SASS, which is slower to get new features than libsass, and meant depending on Ruby, and having the SASS Gem globally installed—so you’re already out of being a ‘pure’ Python app - Martyn and I have experience of doing it this way on Marketplace, and we’ve ironed out the initial rough patches The specific technologies this introduces, all of which are Node-based: - Gulp – like a Makefile written in Javascript - NPM – package management, used for managing Gulp and its related dependencies - Bower – also package management, and the only way I can think to have GOV.UK template as a proper dependency …speaking of which, GOV.UK template is now a dependency. This means it can’t be modified at all (eg to add a global `#content` wrapper), so every page now inherits from a template that has this wrapper. But it also means that we have a clean upgrade path when the template is modified. Everything else (toolkit, elements) I’ve kept as submodules but moved them to a more logical place (`app/assets` not `app/assets/stylesheets`, because they contain more than just SASS/CSS).
2015-12-15 08:20:25 +00:00
{
"name": "notifications-admin",
"version": "0.0.1",
"description": "Admin front end for GOV.UK Notify",
Use EcmaScript 6, w/ transpiling for compatibility ES6 has some nice new features. Specifically relevant to this piece of work are: Arrow functions[1], whose `this` context is bound the value of `this` in the current scope and can’t be overidden. The code is cleaner as a result, and doesn’t need the addition of a bind polyfill for older browsers. Template strings[2], which are similar to triple-quoted multi line strings in Python. This means less fiddly and error-prone string concatenation. This commit adds Babel[3] to the Gulp pipeline. This transpiles Javascript written to the ES6 specification into code which is compatible with older browsers that don’t understand ES6 syntax. It also rewrites the gulpfile itself using some ES6 syntax, for the same reasons. 1. https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Functions/Arrow_functions 2. https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/template_strings 3. https://babeljs.io
2015-12-20 00:00:01 +00:00
"engines": {
Remove version restrictions for NPM We do need NPM to be run above those versions but I'd rather enforce that here after I'm sure this app will run on images that have a valid version.
2021-09-15 16:24:01 +01:00
"node": ">=10.15.3"
Use EcmaScript 6, w/ transpiling for compatibility ES6 has some nice new features. Specifically relevant to this piece of work are: Arrow functions[1], whose `this` context is bound the value of `this` in the current scope and can’t be overidden. The code is cleaner as a result, and doesn’t need the addition of a bind polyfill for older browsers. Template strings[2], which are similar to triple-quoted multi line strings in Python. This means less fiddly and error-prone string concatenation. This commit adds Babel[3] to the Gulp pipeline. This transpiles Javascript written to the ES6 specification into code which is compatible with older browsers that don’t understand ES6 syntax. It also rewrites the gulpfile itself using some ES6 syntax, for the same reasons. 1. https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Functions/Arrow_functions 2. https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/template_strings 3. https://babeljs.io
2015-12-20 00:00:01 +00:00
},
Use a Node-based tools for handling assets …or how to move a bunch of things from a bunch of different places into `app/static`. There are three main reasons not to use Flask Assets: - It had some strange behaviour like only - It was based on Ruby SASS, which is slower to get new features than libsass, and meant depending on Ruby, and having the SASS Gem globally installed—so you’re already out of being a ‘pure’ Python app - Martyn and I have experience of doing it this way on Marketplace, and we’ve ironed out the initial rough patches The specific technologies this introduces, all of which are Node-based: - Gulp – like a Makefile written in Javascript - NPM – package management, used for managing Gulp and its related dependencies - Bower – also package management, and the only way I can think to have GOV.UK template as a proper dependency …speaking of which, GOV.UK template is now a dependency. This means it can’t be modified at all (eg to add a global `#content` wrapper), so every page now inherits from a template that has this wrapper. But it also means that we have a clean upgrade path when the template is modified. Everything else (toolkit, elements) I’ve kept as submodules but moved them to a more logical place (`app/assets` not `app/assets/stylesheets`, because they contain more than just SASS/CSS).
2015-12-15 08:20:25 +00:00
"scripts": {
Move setup/teardown out of tests
2019-05-21 10:56:38 +01:00
"test": "gulp lint && jest --config tests/javascripts/jest.config.js tests/javascripts",
Rename module HighlightTags was bad because: - we haven’t called placeholders ‘tags’ for a long time - it also does resizing of the `<textarea>`, not just highlighting the placeholders
2019-10-16 15:20:05 +01:00
"test-watch": "jest --watch --config tests/javascripts/jest.config.js tests/javascripts",
Fix flakiness with Gulp + Travis Gulp was failing silently on Travis. I tracked this down to the task that builds a custom, slimmed-down version of jQuery from source. To fix this I’ve removed the task and replaced it with just `src`ing the minified version of jQuery from `node_modules`. Cons: - A few more kb of JS Pros: - Less random, afternoon-chewing complexity
2016-01-12 13:37:50 +00:00
"build": "gulp",
"watch": "gulp watch"
Use a Node-based tools for handling assets …or how to move a bunch of things from a bunch of different places into `app/static`. There are three main reasons not to use Flask Assets: - It had some strange behaviour like only - It was based on Ruby SASS, which is slower to get new features than libsass, and meant depending on Ruby, and having the SASS Gem globally installed—so you’re already out of being a ‘pure’ Python app - Martyn and I have experience of doing it this way on Marketplace, and we’ve ironed out the initial rough patches The specific technologies this introduces, all of which are Node-based: - Gulp – like a Makefile written in Javascript - NPM – package management, used for managing Gulp and its related dependencies - Bower – also package management, and the only way I can think to have GOV.UK template as a proper dependency …speaking of which, GOV.UK template is now a dependency. This means it can’t be modified at all (eg to add a global `#content` wrapper), so every page now inherits from a template that has this wrapper. But it also means that we have a clean upgrade path when the template is modified. Everything else (toolkit, elements) I’ve kept as submodules but moved them to a more logical place (`app/assets` not `app/assets/stylesheets`, because they contain more than just SASS/CSS).
2015-12-15 08:20:25 +00:00
},
"repository": {
"type": "git",
"url": "git+https://github.com/alphagov/notifications-admin.git"
},
"author": "Government Digital Service",
"license": "MIT",
"homepage": "https://github.com/alphagov/notifications-admin#readme",
"dependencies": {
Support registering a new authenticator This adds Yubico's FIDO2 library and two APIs for working with the "navigator.credentials.create()" function in JavaScript. The GET API uses the library to generate options for the "create()" function, and the POST API decodes and verifies the resulting credential. While the options and response are dict-like, CBOR is necessary to encode some of the byte-level values, which can't be represented in JSON. Much of the code here is based on the Yubico library example [1][2]. Implementation notes: - There are definitely better ways to alert the user about failure, but window.alert() will do for the time being. Using location.reload() is also a bit jarring if the page scrolls, but not a major issue. - Ideally we would use window.fetch() to do AJAX calls, but we don't have a polyfill for this, and we use $.ajax() elsewhere [3]. We need to do a few weird tricks [6] to stop jQuery trashing the data. - The FIDO2 server doesn't serve web requests; it's just a "server" in the sense of WebAuthn terminology. It lives in its own module, since it needs to be initialised with the app / config. - $.ajax returns a promise-like object. Although we've used ".fail()" elsewhere [3], I couldn't find a stub object that supports it, so I've gone for ".catch()", and used a Promise stub object in tests. - WebAuthn only works over HTTPS, but there's an exception for "localhost" [4]. However, the library is a bit too strict [5], so we have to disable origin verification to avoid needing HTTPS for dev work. [1]: https://github.com/Yubico/python-fido2/blob/c42d9628a4f33d20c4401096fa8d3fc466d5b77f/examples/server/server.py [2]: https://github.com/Yubico/python-fido2/blob/c42d9628a4f33d20c4401096fa8d3fc466d5b77f/examples/server/static/register.html [3]: https://github.com/alphagov/notifications-admin/blob/91453d36395b7a0cf2998dfb8a5f52cc9e96640f/app/assets/javascripts/updateContent.js#L33 [4]: https://stackoverflow.com/questions/55971593/navigator-credentials-is-null-on-local-server [5]: https://github.com/Yubico/python-fido2/blob/c42d9628a4f33d20c4401096fa8d3fc466d5b77f/fido2/rpid.py#L69 [6]: https://stackoverflow.com/questions/12394622/does-jquery-ajax-or-load-allow-for-responsetype-arraybuffer
2021-05-07 18:10:07 +01:00
"cbor-js": "0.1.0",
Update _delete_template_cache_for_service to delete all template version cache and not just the one ending in "None" Update all methods that were previous calling @cache.delete('service-{service-id}-template-None') to instead call _delete_template_cache_for_service Remove call to get service templates, it's not needed since all template version cache is being deleted.
2021-01-25 14:03:16 +00:00
"govuk_frontend_toolkit": "8.1.0",
Revert bump to library to unblock functional tests Version 3.1.3 of govuk-elements-sass makes everything with the `heading-small` class `display: block`. https://github.com/alphagov/govuk_elements/pull/552 We use that class in many places just to make the text bold with the assumption that it the styles it applies will not prevent our text rendering inline. This change breaks that assumption. We do need to swap these classes out for utility classes that just apply the bold styles but it can be done at a later date and we aren't missing out on much by reverting this library.
2019-04-16 11:10:25 +01:00
"govuk-elements-sass": "3.1.2",
Add GOVUK Frontend NPM module The GOVUK Frontend Jinja extension adds this as an extra location to source templates from.
2019-10-03 12:59:26 +01:00
"govuk-frontend": "2.13.0",
Add a page to manage a service’s whitelist Services who are in alpha or building prototypes need a way of sending to any email address or phone number without having to sign the MOU. This commit adds a page where they can whitelist up to 5 email addresses and 5 phone numbers. It uses the ‘list entry’ UI pattern from the Digital Marketplace frontend toolkit [1] [2] [3]. I had to do some modification: - of the Javascript, to make it work with the GOV.UK Module pattern - of the template to make it work with WTForms - of the content security policy, because the list entry pattern uses Hogan[1], which needs to use `eval()` (this should be fine if we’re only allowing it for scripts that we serve) - of our SASS lint config, to allow browser-targeting mixins to come after normal rules (so that they can override them) This commit also adds a new form class to validate and populate the two whitelists. The validation is fairly rudimentary at the moment, and doesn’t highlight which item in the list has the error, but it’s probably good enough. The list can only be updated all-at-once, this is how it’s possible to remove items from the list without having to make multiple `POST` requests. 1. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/templates/forms/list-entry.html 2. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/scss/forms/_list-entry.scss 3. https://github.com/alphagov/digitalmarketplace-frontend-toolkit/blob/434ad307913651ecb041ab94bdee748ebe066d1a/toolkit/javascripts/list-entry.js 4. http://twitter.github.io/hogan.js/
2016-09-20 12:30:00 +01:00
"hogan": "1.0.2",
Bump jquery from 3.4.1 to 3.5.0 Bumps [jquery](https://github.com/jquery/jquery) from 3.4.1 to 3.5.0. - [Release notes](https://github.com/jquery/jquery/releases) - [Commits](https://github.com/jquery/jquery/compare/3.4.1...3.5.0) Signed-off-by: dependabot[bot] <support@github.com>
2020-04-29 22:56:45 +00:00
"jquery": "3.5.0",
Add Leaflet.js for rendering slippy maps Leaflet seems to be the go-to library for rendering maps these days. It will be useful for the broadcast work. This commit add the leaflet Javascript and CSS to our asset pipeline. The Javascript is already minified so all we need to do is copy it. The CSS is uncompressed so we put it through the same pipe as our other stylesheets. I’m keeping these as separate files because they’re quite heavy (or the JS is at least – 38kb minified) so I want them to only be loaded on the pages where they’re used. Most users of Notify will never need to see a map.
2020-07-03 09:50:35 +01:00
"leaflet": "1.6.0",
Replace domdiff library with morphdom We added domdiff to replace the DiffDOM library here: https://github.com/alphagov/notifications-admin/commit/87f54d1e886f5c45ef7f12d88ef988c3f9343641 DiffDOM had updated its code to be written to the ECMAScript 6 (ES6) standard and so needed extra work to work with the older browsers in our support matrix. This was recorded as an issue here: https://www.pivotaltracker.com/n/projects/1443052/stories/165380360 Domdiff didn't work (see below for more details) so this replaces it with the morphdom library. Morphdom supports the same browsers as us and is relied on by a range of large open source projects: https://github.com/patrick-steele-idem/morphdom#what-projects-are-using-morphdom It was tricky to find alternatives to DiffDOM so if we have to source alternatives in future, other options could be: - https://github.com/choojs/nanomorph - https://diffhtml.org/index.html (using its outerHTML method) Why domdiff didn't work Turns out that domdiff was replacing the page HTML with the HTML from the AJAX response every time, not just when they differed. This isn't a bug. Domdiff is bare bones enough that it compares old DOM nodes to new DOM nodes with ===. With our code, this always results to false because our new nodes are made from HTML strings from AJAX response so are never the same node as the old one.
2022-01-27 10:44:20 +00:00
"morphdom": "2.6.1",
Make relative timestamps update automatically It’s weird to be on a page that says ‘2 seconds ago’ and stays stuck there. We don’t want to AJAX the whole page because it would get in the way of interacting with the list of notifications. This commit adds the venerable jQuery Timeago[1] plugin to keep the relative times accurate and fresh. 1. http://timeago.yarp.com/
2016-09-28 17:47:40 +01:00
"query-command-supported": "1.0.0",
Bump Gulp to 4.0.0 Brings in a new API which is a breaking change: https://github.com/gulpjs/gulp/blob/master/CHANGELOG.md#400 Requires gulpfile.babel.js to be a CommonJS module and for all tasks to be exported. Replaces using ES6 modules for the CommonJS to include other packages to match the type of module the gulpfile now is. Updates to 4.0.0 include `series` and `parallel` methods which remove the need for the `run-sequence` package. Also bumps gulp-specific libraries.
2019-04-01 09:58:13 +01:00
"textarea-caret": "3.1.0",
Bump remaining NPM packages used on client-side Means that only the following packages will now be out of date: 1. govuk_template_jinja 2. jquery Reasons: GOVUK Template Jinja This bumps it to 0.24.1, after which the only changes are to add analytics tracking to the GOV.UK logo and cookie banner. We don't need to track either of these and they were added for GOVUK analytics work. jQuery jQuery stops supporting IE<9 after version 1.12. This is pretty much our support now but if we move to IE>8 we shouldn't do it by bumping the version. This would just increase the amount of broken JS we ship to IE8. Also: both are deprecated and we will move off them in the near future.
2019-04-01 14:57:47 +01:00
"timeago": "1.6.5"
Add linting for SASS and Javascript Similar to how PEP8 enforces Python style, there are tools for front end code: - jshint[1] for Javascript - sass-lint[2] for SASS This commit adds the Gulp plugins for both, and sets up some sensible rules (which can be iterated on). It also adds a command to `./scripts/run_tests.sh`, so that any errors in the front end code will fail the build before it has a chance to be deployed. 1. http://jshint.com/ 2. https://www.npmjs.com/package/sass-lint
2016-02-08 11:05:07 +00:00
},
"devDependencies": {
Fix incorrect group for NPM dependencies This means we can use tools like "npm audit" to look for security vulnerabilities we definitely need to fix as they could pose a direct risk to users. I've checked each of them with @tombye and also against an external set of principles [^1]. Note: I've skimmed through the package-lock.json to check the only changes are to add "dev: true", as well as a few integrity hashes. [^1]: https://betterprogramming.pub/is-this-a-dependency-or-a-devdependency-678e04a55a5c
2022-05-05 14:52:32 +01:00
"@babel/core": "7.4.0",
"@babel/preset-env": "7.4.2",
Add better-npm-audit to check production packages This is the same as [^1]. [^1]: https://github.com/alphagov/document-download-frontend/pull/120
2022-05-06 15:34:54 +01:00
"better-npm-audit": "^3.7.3",
Fix incorrect group for NPM dependencies This means we can use tools like "npm audit" to look for security vulnerabilities we definitely need to fix as they could pose a direct risk to users. I've checked each of them with @tombye and also against an external set of principles [^1]. Note: I've skimmed through the package-lock.json to check the only changes are to add "dev: true", as well as a few integrity hashes. [^1]: https://betterprogramming.pub/is-this-a-dependency-or-a-devdependency-678e04a55a5c
2022-05-05 14:52:32 +01:00
"gulp": "4.0.2",
"gulp-add-src": "1.0.0",
"gulp-babel": "8.0.0",
"gulp-better-rollup": "4.0.1",
"gulp-clean-css": "4.3.0",
"gulp-concat": "2.6.1",
Fix GOV.UK template images
2016-02-23 10:56:48 +00:00
"gulp-css-url-adjuster": "0.2.3",
Add better-npm-audit to check production packages This is the same as [^1]. [^1]: https://github.com/alphagov/document-download-frontend/pull/120
2022-05-06 15:34:54 +01:00
"gulp-include": "2.4.1",
Update NPM packages to the latest version
2018-01-17 16:50:39 +00:00
"gulp-jshint": "2.1.0",
Bump gulp-sass Intended to deal with this security vulnerability: https://github.blog/2021-09-08-github-security-update-vulnerabilities-tar-npmcli-arborist/ Bumping gulp-sass to version 5 removes its dependency on the tar package mentioned in that article. Version 5 requires you to specify a compiler directly in the gulpfile so that code is changed in line with this guidance: https://github.com/dlmanning/gulp-sass/tree/master#migrating-to-version-5 Note: node-sass is now deprecated so this also changes the sass compiler gulp-sass uses to dart-sass (aka 'sass'), the compiler now recommended by the Sass project: https://sass-lang.com/dart-sass This also bumps gulp and all its plugin modules to their latest versions, for parity.
2021-09-09 14:33:30 +01:00
"gulp-prettyerror": "2.0.0",
Add better-npm-audit to check production packages This is the same as [^1]. [^1]: https://github.com/alphagov/document-download-frontend/pull/120
2022-05-06 15:34:54 +01:00
"gulp-sass": "5.0.0",
Bump Gulp to 4.0.0 Brings in a new API which is a breaking change: https://github.com/gulpjs/gulp/blob/master/CHANGELOG.md#400 Requires gulpfile.babel.js to be a CommonJS module and for all tasks to be exported. Replaces using ES6 modules for the CommonJS to include other packages to match the type of module the gulpfile now is. Updates to 4.0.0 include `series` and `parallel` methods which remove the need for the `run-sequence` package. Also bumps gulp-specific libraries.
2019-04-01 09:58:13 +01:00
"gulp-sass-lint": "1.4.0",
Add better-npm-audit to check production packages This is the same as [^1]. [^1]: https://github.com/alphagov/document-download-frontend/pull/120
2022-05-06 15:34:54 +01:00
"gulp-uglify": "3.0.2",
Add Jest and peer dependencies
2019-04-12 11:51:51 +01:00
"jest": "24.7.1",
Delay AJAX calls if the server is slow to respond By default our AJAX calls were 2 seconds. Then they were 5 seconds because someone reckoned 2 seconds was putting too much load on the system. Then we made them 10 seconds while we were having an incident. Then we made them 20 seconds for the heaviest pages, but back to 5 seconds or 2 seconds for the rest of the pages. This is not a good situation because: - it slows all services down equally, no matter how much traffic they have, or which features they have switched on - it slows everything down by the same amount, no matter how much load the platform is under - the values are set based on our worst performance, until we manually remember to switch them back - we spend time during incidents deploying changes to slow down the dashboard refresh time because it’s a nothing-to-lose change that might relieve some symptoms, when we could be spending time digging into the underlying cause This pull request makes the Javascript smarter about how long it waits until it makes another AJAX call. It bases the delay on how long the server takes to respond (as a proxy for how much load the server is under). It’s based on the square root of the response time, so is more sensitive to slow downs early on, and less sensitive to slow downs later on. This helps us give a more pronounced difference in delay between an AJAX call that is fast (for example the page for a single notification) and one that is slow (for example a dashboard for a service with lots of traffic). *Some examples of what this would mean for various pages* Page | Response time | Wait until next AJAX call ---|---|--- Check a reply to address | 130ms | 1,850ms Brand new service dashboard | 229ms | 2,783ms HM Passport Office dashboard | 634ms | 5,294ms NHS Coronavirus Service dashboard | 779ms | 5,977ms _Example of the kind of slowness we’ve seen during an incident_ | 6,000ms | 18,364ms GOV.UK email dashboard | `HTTP 504` | 😬
2020-04-08 17:55:53 +01:00
"jest-date-mock": "^1.0.8",
"jest-each": "^25.3.0",
Bump JSHint
2019-04-01 16:41:23 +01:00
"jshint": "2.10.2",
Add JS modules support & use for GOVUKFrontend The JS for GOVUKFrontend components is available individually so you can only include what you need: https://github.com/alphagov/govuk-frontend/blob/v2.13.0/docs/installation/installing-with-npm.md#option-2-import-javascript This uses the JS Modules syntax: *[JS module](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules) Our JS is delivered as one file so we need to use a bundler to convert the modules to a single file. This adds a build step to transpile all modules into a single file, which is then added to the files combined into the one that get delivered. Rollup is used as the simplest bundler to use for this purpose. It also introduces the least boilerplate JS. Note: the CommonJS plugin is needed as GOV.UK Frontend components are published as UMD modules. In future, this work should let us work on this story dependencies: https://www.pivotaltracker.com/story/show/165380360
2019-10-11 10:26:25 +01:00
"jshint-stylish": "2.2.1",
Fix incorrect group for NPM dependencies This means we can use tools like "npm audit" to look for security vulnerabilities we definitely need to fix as they could pose a direct risk to users. I've checked each of them with @tombye and also against an external set of principles [^1]. Note: I've skimmed through the package-lock.json to check the only changes are to add "dev: true", as well as a few integrity hashes. [^1]: https://betterprogramming.pub/is-this-a-dependency-or-a-devdependency-678e04a55a5c
2022-05-05 14:52:32 +01:00
"rollup": "1.23.1",
Add JS modules support & use for GOVUKFrontend The JS for GOVUKFrontend components is available individually so you can only include what you need: https://github.com/alphagov/govuk-frontend/blob/v2.13.0/docs/installation/installing-with-npm.md#option-2-import-javascript This uses the JS Modules syntax: *[JS module](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules) Our JS is delivered as one file so we need to use a bundler to convert the modules to a single file. This adds a build step to transpile all modules into a single file, which is then added to the files combined into the one that get delivered. Rollup is used as the simplest bundler to use for this purpose. It also introduces the least boilerplate JS. Note: the CommonJS plugin is needed as GOV.UK Frontend components are published as UMD modules. In future, this work should let us work on this story dependencies: https://www.pivotaltracker.com/story/show/165380360
2019-10-11 10:26:25 +01:00
"rollup-plugin-commonjs": "10.1.0",
Fix incorrect group for NPM dependencies This means we can use tools like "npm audit" to look for security vulnerabilities we definitely need to fix as they could pose a direct risk to users. I've checked each of them with @tombye and also against an external set of principles [^1]. Note: I've skimmed through the package-lock.json to check the only changes are to add "dev: true", as well as a few integrity hashes. [^1]: https://betterprogramming.pub/is-this-a-dependency-or-a-devdependency-678e04a55a5c
2022-05-05 14:52:32 +01:00
"rollup-plugin-node-resolve": "5.2.0",
"sass": "1.32.7",
"streamqueue": "1.1.2"
Use a Node-based tools for handling assets …or how to move a bunch of things from a bunch of different places into `app/static`. There are three main reasons not to use Flask Assets: - It had some strange behaviour like only - It was based on Ruby SASS, which is slower to get new features than libsass, and meant depending on Ruby, and having the SASS Gem globally installed—so you’re already out of being a ‘pure’ Python app - Martyn and I have experience of doing it this way on Marketplace, and we’ve ironed out the initial rough patches The specific technologies this introduces, all of which are Node-based: - Gulp – like a Makefile written in Javascript - NPM – package management, used for managing Gulp and its related dependencies - Bower – also package management, and the only way I can think to have GOV.UK template as a proper dependency …speaking of which, GOV.UK template is now a dependency. This means it can’t be modified at all (eg to add a global `#content` wrapper), so every page now inherits from a template that has this wrapper. But it also means that we have a clean upgrade path when the template is modified. Everything else (toolkit, elements) I’ve kept as submodules but moved them to a more logical place (`app/assets` not `app/assets/stylesheets`, because they contain more than just SASS/CSS).
2015-12-15 08:20:25 +00:00
}
}
Reference in New Issue Copy Permalink