Open MatissJanis opened 1 week ago
I took a stab at this as one of my first potential changes to actual
.
I could either do it through express-actuator
(already used for /info
/health
and /metrics
) but it required a git.properties file be generated for every commit and I'm not sure how practical that is.
Alternatively I made a /info/git
endpoint that did
execSync('git rev-parse HEAD', { cwd: config.projectRoot }).toString().trim();
Are we okay with exec calls?
For actual-server
: ideally I wouldn't want to have usage of exec
within the codebase. It can potentially lead to arbitrary code execution down the line (all it takes is for a junior to come in and add a variable in the shell command.. and 💣). What if we created a new file when running yarn start
that wrote a new file with active commit hash? And then just read from that file to get the hash. Same thing could be applied for yarn build
.
For actual
: the hash here would be different. No quick ideas how to solve it.
Ah sorry! Slipped my mind that this was in actual
not actual-server
. Generating the file for the server on start is a great idea and would sort that out though!
actual
gets its version information directly from package.json
, but generating the same file on start and reading from it should do the trick? I'm going to have to think a bit about how builds work and how it would work bundled into actual-server
. Maybe if the file isn't there we know it's been imported not directly started and we can fallback to the version in package.json. It wouldn't work for edge builds of actual packaged into actual-server
though.
We show the active version in the settings page. For
demo.actualbudget.org
this version number is correct.For edge: we should show the commit hash there (or other unique identifier).