Wuesteon
|
aab8c73a9c
|
feat: add multi-layered runtime config protection system
Add comprehensive defense system to prevent runtime config bugs across all projects:
## 1. Enhanced ESLint Rules
- Added @typescript-eslint/no-floating-promises (error)
Catches: fetch(`${getAuthUrl()}/api`) without await
- Added @typescript-eslint/no-misused-promises (error)
Catches: Promises in conditionals and logical expressions
- Added @typescript-eslint/require-await (warn)
Ensures async functions actually use await
## 2. Validation Script (scripts/validate-runtime-config.mjs)
Automated checker that scans all web apps for:
- ✅ Required files (runtime.ts, docker-entrypoint.sh, Dockerfile)
- ❌ Window injection patterns (window.__PUBLIC_*)
- ❌ Build-time env usage in stores/api (import.meta.env.PUBLIC_*)
- ❌ Missing await on async config functions
- ⚠️ Docker entrypoint best practices
Usage: pnpm validate:runtime-config
## 3. Comprehensive Documentation (docs/RUNTIME_CONFIG.md)
Complete implementation guide covering:
- Why runtime configuration is needed
- Step-by-step implementation guide
- Common patterns (API clients, auth stores)
- Anti-patterns to avoid
- Migration checklist
- ESLint protection details
## Benefits
- Prevents "[object Promise]" in API URLs (staging bug)
- Catches missing await at lint time
- Validates all apps automatically
- Clear documentation for new projects
- Can run in CI/CD
## Future Work
- Add to pre-push hook (optional)
- Create project generator/template
- Shared runtime config package
This prevents the class of bugs we just fixed in manacore-web where
getAuthUrl() was called without await, causing ERR_CONNECTION_REFUSED
on staging.
|
2025-12-16 00:28:57 +01:00 |
|