Codemirror Editor (#112)

JSPaste · Aug 28, 2024 · 5ad7364 · 5ad7364
2 parents 09ae712 + bf8725d
commit 5ad7364
Show file tree

Hide file tree

Showing 74 changed files with 1,509 additions and 2,021 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -1,9 +1,4 @@
 *
-!public/
-!src/
-!bun.lockb
+!dist/
 !bunfig.toml
-!LICENSE
-!next.config.js
-!package.json
-!tsconfig.json
+!LICENSE
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,19 +1,19 @@
-name: "CD -> Release"
+name: CD -> Release
 on:
   workflow_dispatch:
     inputs:
       image-action:
-        description: "Container image action"
+        description: Container image action
         type: choice
         required: true
-        default: "none"
+        default: none
         options:
-          - "none"
-          - "build"
-          - "build-release"
+          - none
+          - build
+          - build-release
 
 concurrency:
-  group: "${{ github.workflow }}-${{ github.ref }}"
+  group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: false
 
 permissions:
@@ -22,8 +22,8 @@ permissions:
 jobs:
   container:
     if: ${{ github.repository_owner == 'jspaste' && inputs.image-action != 'none' }}
-    name: "Build container image"
-    runs-on: ubuntu-latest
+    name: Build container image
+    runs-on: ubuntu-24.04
     env:
       REGISTRY: ghcr.io
 
@@ -33,17 +33,20 @@ jobs:
       packages: write
 
     steps:
-      - name: "Harden Runner"
+      - name: Harden Runner
         uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           egress-policy: audit
 
-      - name: "Setup QEMU"
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5 # v2.0.1
+
+      - name: Setup QEMU
         run: |
           sudo apt-get update
           sudo apt-get install -y qemu-user-static
 
-      - name: "Setup tags"
+      - name: Setup tags
         id: tags-image
         run: |
           TIMESTAMP="$(date +%Y.%m.%d)"
@@ -62,33 +65,38 @@ jobs:
 
           echo "tags=${TAGS[*]}" >>"$GITHUB_OUTPUT"
 
-      - name: "Checkout"
+      - name: Checkout
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
 
-      - name: "Build image"
+      - name: Setup production dependencies
+        run: bun install --frozen-lockfile --production
+
+      - name: Run build:standalone
+        run: bun run build:standalone
+
+      - name: Build image
         id: build-image
         uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2.13
         with:
-          archs: amd64, arm64
           containerfiles: Dockerfile
+          platforms: linux/amd64,linux/arm64
           image: ${{ github.repository }}
           layers: true
           oci: true
           tags: ${{ steps.tags-image.outputs.tags }}
-          extra-args: --squash
 
       - if: ${{ inputs.image-action == 'build-release' }}
-        name: "Login to GHCR"
+        name: Login to GHCR
         uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1.7
         with:
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
           registry: ${{ env.REGISTRY }}
 
       - if: ${{ inputs.image-action == 'build-release' }}
-        name: "Push to GHCR"
+        name: Push to GHCR
         id: push-image
         uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2.8
         with:
@@ -97,9 +105,9 @@ jobs:
           registry: ${{ env.REGISTRY }}
 
       - if: ${{ inputs.image-action == 'build-release' }}
-        name: "Attest image"
+        name: Attest image
         uses: actions/attest-build-provenance@6149ea5740be74af77f260b9db67e633f6b0a9a1 # v1.4.2
         with:
-          subject-name: "${{ env.REGISTRY }}/${{ steps.build-image.outputs.image }}"
+          subject-name: ${{ env.REGISTRY }}/${{ steps.build-image.outputs.image }}
           subject-digest: ${{ steps.push-image.outputs.digest }}
           push-to-registry: false
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -1,8 +1,8 @@
-name: 'CI -> Security'
+name: CI -> Security
 on:
   branch_protection_rule:
   schedule:
-    - cron: '33 3 * * 1'
+    - cron: 33 3 * * 1
 
   push:
     branches:
@@ -22,64 +22,66 @@ permissions: read-all
 
 jobs:
   codeql:
-    name: 'CodeQL'
-    runs-on: ubuntu-latest
+    name: CodeQL
+    runs-on: ubuntu-24.04
     strategy:
       fail-fast: false
       matrix:
-        language:
-          - javascript-typescript
+        include:
+          - language: javascript-typescript
+            build-mode: none
 
     permissions:
       security-events: write
 
     steps:
-      - name: 'Harden Runner'
+      - name: Harden Runner
         uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           egress-policy: audit
 
-      - name: 'Checkout'
+      - name: Checkout
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
 
-      - name: 'Setup CodeQL'
+      - name: Setup CodeQL
         uses: github/codeql-action/init@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5
         with:
           languages: ${{ matrix.language }}
+          build-mode: ${{ matrix.build-mode }}
 
-      - name: 'Run analysis'
+      - name: Run analysis
         uses: github/codeql-action/analyze@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5
         with:
-          category: '/language:${{ matrix.language }}'
+          category: /language:${{matrix.language}}
 
   scoreboard:
-    name: 'Scorecard'
-    runs-on: ubuntu-latest
+    name: Scorecard
+    runs-on: ubuntu-24.04
     permissions:
       security-events: write
       id-token: write
 
     steps:
-      - name: 'Harden Runner'
+      - name: Harden Runner
         uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           egress-policy: audit
 
-      - name: 'Checkout'
+      - name: Checkout
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
 
-      - name: 'Run analysis'
+      - name: Run analysis
         uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
         with:
           results_file: scoreboard.sarif
           results_format: sarif
           publish_results: true
 
-      - name: 'Upload to code-scanning'
+      - name: Upload to code-scanning
         uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5
         with:
           sarif_file: scoreboard.sarif
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -1,4 +1,4 @@
-name: 'CI -> Test'
+name: CI -> Test
 on:
   workflow_dispatch:
   push:
@@ -16,32 +16,38 @@ on:
       - '.*ignore'
 
 concurrency:
-  group: '${{ github.workflow }}-${{ github.ref }}'
+  group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
 permissions:
   contents: read
 
 jobs:
   lint:
-    name: 'Lint'
-    runs-on: ubuntu-latest
+    name: Test
+    runs-on: ubuntu-24.04
     steps:
-      - name: 'Harden Runner'
+      - name: Harden Runner
         uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           egress-policy: audit
 
-      - name: 'Checkout'
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5 # v2.0.1
+
+      - name: Checkout
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
 
-      - name: 'Setup Bun'
-        uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5 # v2
+      - name: Setup production dependencies
+        run: bun install --frozen-lockfile --production
+
+      - name: Run build:standalone
+        run: bun run build:standalone
 
-      - name: 'Setup dependencies'
+      - name: Setup development dependencies
         run: bun install --frozen-lockfile
 
-      - name: 'Run lint'
+      - name: Run lint
         run: bun run lint
diff --git a/.gitignore b/.gitignore
@@ -16,6 +16,9 @@ lerna-debug.log*
 # Finder (MacOS) folder config
 .DS_Store/
 
+# Million lint
+.million
+
 # Diagnostic reports (https://nodejs.org/api/report.html)
 report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
 

diff --git a/Dockerfile b/Dockerfile
@@ -1,17 +1,9 @@
-FROM docker.io/oven/bun:1-alpine AS builder
-WORKDIR /build/
-
-COPY . ./
-
-RUN bun install --production --frozen-lockfile && \
-    bun run build:standalone
-
+# Required to build the standalone locally before building the image container: "bun run build:standalone"
 FROM docker.io/oven/bun:1-distroless
 WORKDIR /frontend/
 
-COPY --chown=nonroot --from=builder /build/.next/standalone ./
-COPY --chown=nonroot --from=builder /build/.next/static ./.next/static
-COPY --chown=nonroot --from=builder /build/public ./public
+COPY --chown=nonroot ./dist ./
+COPY --chown=nonroot ./LICENSE ./
 
 LABEL org.opencontainers.image.url="https://jspaste.eu" \
       org.opencontainers.image.source="https://github.com/jspaste/frontend" \
@@ -20,9 +12,8 @@ LABEL org.opencontainers.image.url="https://jspaste.eu" \
       org.opencontainers.image.documentation="https://docs.jspaste.eu" \
       org.opencontainers.image.licenses="EUPL-1.2"
 
-ENV HOSTNAME=0.0.0.0
-ENV PORT=3000
+ENV NODE_ENV=production
 
 EXPOSE 3000
 
-CMD ["server.js"]
+ENTRYPOINT ["bun", "run", "./server/index.js"]
diff --git a/README.md b/README.md
@@ -1,3 +1,3 @@
 # Frontend
 
-This repository contains the frontend code for [JSPaste](https://jspaste.eu). It is built using [Bun](https://bun.sh) and [Next.js](https://nextjs.org)
+This repository contains the frontend code for [JSPaste](https://jspaste.eu).