Page History
...
- Testing DSpace 7 Pull Requests - How to use existing Docker scripts to spin up PRs more easily locally, in order to test them or review them.
- Spin up code in virtual environment (quickly) for easier reviews/testing
- GitHub CodeSpaces: https://docs.github.com/en/codespaces/overview
- Tim Donohue has played with this, and it's possible to spin up DSpace 7 in CodeSpaces. However, you need to use a 4 Core / 8GB RAM machine type (otherwise, the UI will often fail to build with an "error 137" - meaning it ran out of memory during the build process). Connecting the UI to a running Backend is also not super-easy right now, as codespaces assigns a random URL. We'd need to likely provide a Codespaces configuration for DSpace to make this easier.
- May be a way to use our Docker scripts in CodeSpaces, but it's not easy yet. See https://notes.alexkehayias.com/running-docker-compose-in-codespaces/
- GitPod: https://www.gitpod.io/for/opensource
- GitHub CodeSpaces: https://docs.github.com/en/codespaces/overview
- Automated Code Reviewing resources. Tools/resources exist which can do some automatic checking/verification of code quality in Pull Requests. Some examples include:
- Code Scanning in GitHub. We already do some of this, but currently we only scan for security-oriented code issues.
- Free & integrated into GitHub. Interface is a bit clunky at times though.
- Highly Configurable (e.g. see query types)
- Could configure this to also check PR code quality against coding best practices (currently we only scan for major bugs / security issues). See these settings
- SonarCloud.io - This is a hosted version of SonarQube.
- Free for open source projects. Integrates with GitHub & supports both Java and TypeScript. Can run on every new PR.
- Example projects: https://sonarcloud.io/explore/projects
- Test analysis run by Tim on DSpace backend/frontend: https://sonarcloud.io/organizations/tdonohue/projects (Keep in mind, there are definitely false positives listed here. These are just raw reports)
- Pros: Highly Configurable Used by other major OS projects like Apache. Good documentation/resources on how to fix any issues that are found. SonarQube is open source itself.
- DeepSource
- Free for open source projects. Integrates with GitHub & supports both Java and TypeScript. Can run on every new PR.
- Test analysis run by Tim on DSpace backend/frontend (Keep in mind, there are definitely false positives listed in both. These are just raw reports)
- Not as configurable, but able to turn off individual rules if they are too "noisy" or not useful.
- Pros: Some "autofix" options. Good documentation/resources on how to fix any issues that are found.
- Code Scanning in GitHub. We already do some of this, but currently we only scan for security-oriented code issues.
...
Overview
Content Tools