<p>In the last couple of days I have been playing around with the idea of combining GitHub Actions and GitHub Pages to be able to dynamically build preview environments every time a pull request is opened against a repository hosting a client-side web app.</p><p>The idea is that you can quickly preview the changes made by some contributor, without having to clone their branch and running everything locally, something specially useful for open source projects.</p><p>In this article I will explain how to set everything up, and what are some considerations and problems you may face during the process.</p><h3>Enable github pages</h3><p>The first thing you need to do is enable your project to publish pages on some branch. I recommend creating a new branch for this, let&#x27;s say <code>preview-env</code>, and then enabling publishing on it.</p><p>In order to do that go to your repository and then <strong>Settings</strong> -&gt; <strong>Pages</strong>, look for the <strong>Source</strong> section, and you should see something like this:</p><p><img src="/assets/img/preview-envs/github-pages-before-enabling.png" alt="GitHub pages before enabling"/></p><p>Click in the dropdown and select your new branch, <code>preview-env</code>. Then click <strong>Save</strong>.</p><p><img src="/assets/img/preview-envs/github-pages-after-enabling.png" alt="GitHub pages after enabling"/></p><p>After saving you will see a message at the top of this section telling you what&#x27;s the URL in which the pages are published. It always follows the same pattern. If your organization is <code>my-org</code> and your repository is <code>my-repo</code>, the url will be <code>https://my-org.github.io/my-repo/</code>.</p><h3>Configure the workflow</h3><p>Now we need to configure a workflow that will &quot;deploy&quot; the preview environment for the branch every time a new pull request is created or updated:</p><p>Let&#x27;s imagine we have a React web app that is built with node.js. The configuration could look like this.</p><pre><pre><code class="language-yml"># .github/workflows/deploy-preview.yml
name: Deploy preview

on:
  pull_request: null

jobs:
  deploy:
    runs-on: ubuntu-20.04
    continue-on-error: true
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Use node.js 14.15
        uses: actions/setup-node@v1
        with:
          node-version: 14.15
      - name: Generate slug
        id: generate_slug
        run: echo &quot;##[set-output name=slug;]$(echo ${GITHUB_HEAD_REF#refs/heads/} | sed -r &#x27;s/[~\^]+//g&#x27; | sed -r &#x27;s/[^a-zA-Z0-9]+/-/g&#x27; | sed -r &#x27;s/^-+\|-+$//g&#x27; | tr A-Z a-z)&quot;
      - name: Build
        run: npm ci &amp;&amp; npm run build
      - name: Deploy
        uses: JamesIves/github-pages-deploy-action@4.1.1
        with:
          branch: preview-env
          folder: build
          target-folder: ${{ steps.generate_slug.outputs.slug }}
      - name: Publish env
        uses: marocchino/sticky-pull-request-comment@v2
        with:
          header: Preview environment
          message: |
            ## Preview environment
            https://my-org.github.io/my-repo/${{ steps.generate_slug.outputs.slug }}/
</code></pre></pre><blockquote><p>If you are not familiar with GitHub Actions yet, take a look at the <a target="_blank" rel="noopener noreferrer" href="https://docs.github.com/en/actions">official documentation</a>.</p></blockquote><p>This workflow will follow the next steps:</p><ul><li>Checkout the code from the repository.</li><li>Set-up node.js 14.15</li><li>Based on the branch name, generate a slug that we will use to have separated deployment folders for every pull request we receive. The slug is exposed to next steps as an output.</li><li>Build the project. This step will obviously depend on the needs of your project.</li><li>Using <a target="_blank" rel="noopener noreferrer" href="https://github.com/JamesIves/github-pages-deploy-action">JamesIves/github-pages-deploy-action</a>, deploy the contents we previously built in the GitHub page, under a sub-folder matching the slug we generated a few steps above, and under the branch <code>preview-env</code> (remember we enabled GitHub pages for this branch).</li><li>Finally, using <a target="_blank" rel="noopener noreferrer" href="https://github.com/marocchino/sticky-pull-request-comment">marocchino/sticky-pull-request-comment</a>, post a comment in the pull request with a link to the preview environment, so that you can just click on it and see the deployment.</li></ul><p>The steps may change depending on your needs and how you build your project. For example, I have an extra step to update a property in the <code>package.json</code> that is then used to allow serving the app in a sub-path instead of the root of the domain.</p><p>You may also not build your site with node.js, as you could be using any of the multiple existing static site generators out there, but you get the idea.</p><p>Finally, you have probably noticed the config includes <code>continue-on-error: true</code>. This will allow the pull request to be merged even if this process fails for some reason.</p><h3>Considerations when using forks</h3><p>While the configuration above will work perfectly when creating pull requests inside the same repository, there are some limitations when the pull request comes from a fork (which is the usual in OSS projects).</p><p>For security reasons, the <code>GITHUB_TOKEN</code> injected in those cases doesn&#x27;t have write permissions, which will make the &quot;deploy&quot; step fail.</p><p>Also, you cannot define your own token with more permissions and inject it as a secret, as the secrets are not exposed to workflows running on forks.</p><p>However, with a couple small config changes, we can work around these limitations:</p><h4>Change event</h4><p>The first thing we need to do is use the <code>pull_request_target</code> event instead of the <code>pull_request</code> one.</p><pre><pre><code class="language-diff">on:
-  pull_request: null
+  pull_request_target: null
</code></pre></pre><p>According to the documentation, this is equivalent to the <code>pull_request</code> event, but it runs in the scope of the base repository.</p><p>Thanks to this, the <code>GITHUB_TOKEN</code> will come with write permissions, and we will have access to secrets if needed.</p><h4>Checkout the fork</h4><p>The second thing we are going to change is that we now need to specify the repository to checkout.</p><p>In order to do that, we need to add two inputs to the &quot;Checkout code&quot; step, like this:</p><pre><pre><code class="language-diff">    steps:
      - name: Checkout code
        uses: actions/checkout@v2
+       with:
+         repository: ${{ github.event.pull_request.head.repo.full_name }}
+         ref: ${{ github.event.pull_request.head.ref }}
</code></pre></pre><p>This will ensure we checkout from the fork repository, instead of the base one, which is the default, as it&#x27;s the one where the <code>pull_request_target</code> event is scoped to.</p><p>And that&#x27;s it. With these two changes you can now deploy preview environments for pull requests coming from forks.</p><blockquote><p><strong>IMPORTANT!</strong> The limitations of the <code>pull_request</code> event are there for a reason. People could potentially get access to your secrets or manipulate your code. Proceed at your own risk.</p></blockquote><h3>Other considerations</h3><p>Other than the limitations for forks, there are a few other minor things to take into consideration.</p><ul><li>Changes in GitHub Pages do not reflect immediately. It may take up to a couple of minutes for the deployment to be available, but considering you will usually not review a PR right after it has been created, this should not be a big issue.</li><li>As you have seen, every time a pull request is created, the deployment will generate a new folder in your GitHub Pages branch. This may result in a lot of old folders to pile-up, so you may want to set up some way to clean them up periodically or after the pull request has been merged.</li><li>Due to the fact that GitHub Pages only allows static pages to be served, this process cannot be used with apps that require some kind of back-end or server-side logic.</li><li>If your project is already using GitHub Pages for something else (serve the project&#x27;s website or docs), that may conflict with this, preventing you from having this kind of preview envs.</li></ul>

Setting-up a preview environment for your client-side apps with GitHub Actions and GitHub Pages

<p>I remember many years ago, when I released my first open source project, that every time I had a new release ready, I was never sure what should be the new version number.</p><p>Versioning software is not as straightforward as it might look when you don&#x27;t have a lot of experience.</p><p>In this article I&#x27;ll try to explain the <a target="_blank" rel="noopener noreferrer" href="https://semver.org/">SemVer</a> approach to version software, and some things you might want to take into account on top of that.</p><h3>Semantic Versioning</h3><p>The first thing you need is a solid set of rules that help you decide which should your next version be.</p><p>I remember thinking <em>&quot;is this version big enough as to jump from 1.0 to 2.0?&quot;</em> or <em>&quot;I have seen projects using three numbers for the version, X.Y.Z, should I do the same?&quot;</em></p><p>Those questions are easier to answer if you stick to some standard that tells you what to do, and that will help others more easily understand your intention.</p><p>My recommendation is to use <a target="_blank" rel="noopener noreferrer" href="https://semver.org/">Semantic Versioning</a>, as it defines a solid starting point, and it&#x27;s quite adopted by the community.</p><p>Semantic Versioning states that you should use three numbers to identify versions, <code>MAJOR.MINOR.PATCH</code>, and follow these rules in order to decide which one to increase:</p><ul><li><code>PATCH</code>: the new release includes only bug fixes. People are encouraged to update to this release and no changes are needed in their code bases.</li><li><code>MINOR</code>: the new release includes new backwards-compatible features. People can update to this version without changing their code bases, and make use of the new features afterwards if they wish.</li><li><code>MAJOR</code>: the new release includes <a target="_blank" rel="noopener noreferrer" href="https://en.wikipedia.org/wiki/Backward_compatibility">backward compatibility</a> breaks. Changes in the code base will be needed when updating to this version.</li></ul><blockquote><p>These rules are easier to apply to libraries and frameworks than it is for apps and services. More about this later.</p></blockquote><h3>Try to keep backwards-compatibility</h3><p>Ok, we have some rules now. However, I have seen very frequently people mistaking what <em>can</em> be done with what <em>should</em> be done.</p><p>Yes, if you introduce a breaking change, you can update the major version and that&#x27;s it. However, if you do it too frequently, people won&#x27;t be happy, and you will end up with a fragmented user base, that stop updating to newer versions.</p><p>I remember using a library to deploy stuff that had a new major version every couple of months, changing things like &quot;The <code>host</code> function is now called <code>server</code>&quot;. Yes, ok, but why do I have to change my stuff so frequently.</p><p>It&#x27;s usually better to try to implement things in a backwards-compatible way, and keep track of the things you want to change and do it all at a time.</p><p>You can also deprecate things, and document the way you want those things to be done moving forward. That way you give people the chance to start changing their code and simplify a hypothetical upcoming major release.</p><h3>Provide clear upgrade paths</h3><p>As mentioned above, too frequent major version changes are not desirable, but sooner or later you will want to release a new major version for different reasons.</p><ul><li>Getting rid of that feature which is hard to maintain, introduces lots of bugs, and provides little value.</li><li>Supporting something new which is very hard to implement without breaking backwards compatibility.</li><li>Removing all those deprecated methods you have been dragging for months.</li><li>Fix design issues, where something was architected in the wrong way, and only spotted after some time.</li></ul><p>At the time this happens you will want your users to upgrade to the newer version, as you don&#x27;t want people to report bugs that only affect older versions, or to expect you to backport fixes to older versions because they haven&#x27;t updated to the new one.</p><p>The best way to achieve this is to provide clear and simple upgrade paths:</p><ul><li><p>Prepare your releases for the things to come: If you want to introduce new ways of doing things, do it before the major release, and deprecate the older ones. For example, you can have a new method that gets called by an older one, while you mark the old one as deprecated.</p><p>People will be more willing to update and change their code afterwards. By the time the major release is published, their code will be ready to upgrade.</p></li><li><p>Include a CHANGELOG file in your project, explaining the changes introduced in every version. A very good way to document a change log is the <a target="_blank" rel="noopener noreferrer" href="https://keepachangelog.com/">Keep a changelog</a> initiative.</p><p>You can also use some other platform to document the change log, like GitHub releases.</p></li><li><p>Include documentation on how to upgrade to a major release: This is probably the most important one. Document all the steps that need to be followed and all the required changes to update from a release to the next major one.</p><p>A good way to do this is by including an UPGRADE file in your project. You can see <a target="_blank" rel="noopener noreferrer" href="https://github.com/acmailer/acmailer/blob/main/UPGRADE.md">this example</a>.</p></li></ul><h3>Versioning libraries vs apps</h3><p>Semantic Versioning is a good standard to version software, but it plays much better with libraries and frameworks that are installed using some kind of package manager, than it does with apps and services that are not directly depended on.</p><p>For example, how do you identify a backward compatibility break on a web user interface?</p><p>With this kind of software there are more grey areas, and you will end up using your intuition.</p><p>For example, not long ago I released a <a href="/2020/12/24/released-shlink-web-client-v3-0-0/">new major version</a> for a web app I maintain, and it was completely compatible with the previous one. However, it introduced a larger amount of features than usual, and big UI changes, so I decided it was worth the bump.</p><p>Because of this there are projects that use different approaches to version apps. For example:</p><ul><li>Firefox and Chrome have 6-week cycles, and after each one of them they release a new major version no matter what.</li><li>Jetbrains publishes a few releases of their IDEs every year (I think 3) which always start with the year they were released on, like <code>2020.3.0</code>, and they increase the patch number for bugfixes.</li><li>Ubuntu releases 2 versions every year, one in April and one in October, and they are always identified by the year and month they were released on, like <code>19.04</code> or <code>20.10</code>.</li></ul><h3>Special versions</h3><p>There&#x27;s also a set of special versions that can be used to publish the so-called <strong>pre-release</strong> versions. These <a target="_blank" rel="noopener noreferrer" href="https://semver.org/#spec-item-9">are covered</a> by Semantic Versioning, but sometimes they are not so easy to understand.</p><p>It is also very likely that you never have to use these, as only relatively big projects will need this level of granularity, but it&#x27;s still good to know what&#x27;s their purpose and what do they imply.</p><h4>0.x.y</h4><p>It is possible to release a version of your software where the major number is <code>0</code>. When this happens, it means your software is still in its early stages.</p><p>It does not mean it&#x27;s necessarily unstable, but it means you are still introducing frequent changes on it, and therefore, it might be a bit more fragile than a version starting with a number greater than <code>0</code>.</p><h4>Alpha</h4><p>The intention of an alpha release is that a subset of people con test some new functionality, but you don&#x27;t want people to use it in production</p><p>Alpha versions are on their very early stages. Their public API is very likely to change, and they probably contain bugs.</p><p>Semantic Versioning states that alpha versions are identified by this pattern: <code>MAJOR.MINOR.PATCH-alpha.NUMBER</code>, for example <code>2.0.0-alpha.1</code>.</p><h4>Beta</h4><p>Similar to alpha versions, beta versions are also prone to contain bugs, but their API will in theory not change. That means that you could potentially adapt your software to start using a beta version, and when the corresponding stable release is published, you shouldn&#x27;t need that many changes.</p><p>Semantic Versioning defines a pattern similar to the one for alpha versions: <code>MAJOR.MINOR.PATCH-beta.NUMBER</code>, for example <code>2.0.0-beta.1</code>.</p><h4>Release candidate</h4><p>Release candidates (RC) are pre-release versions that you will want to publish for the general user-base to test an upcoming release. You want to publish a RC so that it&#x27;s battle tested by as many people as possible, in order to find possible bugs and edge cases.</p><p>They should not contain many bugs, but some could be found. The public API should not change anymore.</p><p>According to Semantic Versioning, the pattern to identify a RC is <code>MAJOR.MINOR.PATCH-rc.NUMBER</code>, for example <code>2.0.0-rc.1</code>.</p><h3>Conclusion</h3><p>We have seen some approaches and considerations to properly version your software.</p><p>Versioning is not so straightforward when you don&#x27;t have a lot of experience, but as you have seen, you just need to know a small set of rules and use a bit your intuition.</p><p>With those tools, you will be able to properly version your software.</p>

What to take into account when versioning software

<p>Two days ago I released the first major version in almost 2 years for <a target="_blank" rel="noopener noreferrer" href="https://github.com/shlinkio/shlink-web-client">shlink-web-client</a>, a web UI for <a target="_blank" rel="noopener noreferrer" href="https://shlink.io">shlink</a>, my self-hosted URL shortener.</p><p>This new version introduces several improvements to the project, and I thought it was worth writing a post to explain all of them in depth.</p><h3>New design</h3><p>The project has been using the same design almost since the beginning. It was clean, but it laked a bit of contrast and consistency in many sections.</p><p>Now the main background is light-gray, with components composed in white cards with a slight box shadow, that makes them easier to spot inside the app.</p><p>Also, the main area has now a max-width that prevents components from stretching too much on wide screens.</p><div class="row"><div class="col-md-6  "><img alt="Before" src="/assets/img/shlink-web-client-3/design-before.png" class="gallery-item"/><p class="text-center"><small>Before</small></p></div><div class="col-md-6  "><img alt="After" src="/assets/img/shlink-web-client-3/design-after.png" class="gallery-item"/><p class="text-center"><small>After</small></p></div></div><h3>Overview page</h3><p>Up until now, after connecting to a Shlink server, you went directly to the list of short URLs.</p><p>With this new version, you now see an overview page first, which displays some general stats, a quick short URL creation form, and the latest 5 short URLs.</p><p>From there, you can navigate to the full list of short URLs, with filtering capabilities, or go to the advanced short URL creation form.</p><div class="row"><div class="col-md-8 col-md-offset-2 "><img alt="Overview" src="/assets/img/shlink-web-client-3/overview.png" class="gallery-item"/><p class="text-center"><small>Overview</small></p></div></div><h3>Improved short URL creation form</h3><p>One of the sections with more room for improvement was the short URL creation form. It had all the inputs mixed, displaying just the &quot;long url&quot; one, with the option to un-collapsing the rest at will.</p><p>The new design groups the inputs by context, which makes it more clear. It also displays the inputs all the time, since the &quot;quick form&quot; is now located in the overview page.</p><div class="row"><div class="col-md-6  "><img alt="Before" src="/assets/img/shlink-web-client-3/creation-form-before.png" class="gallery-item"/><p class="text-center"><small>Before</small></p></div><div class="col-md-6  "><img alt="After" src="/assets/img/shlink-web-client-3/creation-form-after.png" class="gallery-item"/><p class="text-center"><small>After</small></p></div></div><h3>Enhanced visits page</h3><p>The visits page had a problem, it was trying to display too much information in a single place.</p><ul><li>Visits over time</li><li>Visits from every platform</li><li>Visits from every location</li><li>A list of visits as a table</li></ul><p>The new approach splits those in subsections with their own sub-route each (<code>/by-location</code>, <code>/by-context</code>, etc). This helps to render a smaller amount of charts at once, since they are a bit CPU greedy.</p><p>Also, only the visits from the last 30 days are loaded by default, making it load way faster for URLs with a lot of visits.</p><div class="row"><div class="col-md-6  "><img alt="Before" src="/assets/img/shlink-web-client-3/visits-before.png" class="gallery-item"/><p class="text-center"><small>Before</small></p></div><div class="col-md-6  "><img alt="After" src="/assets/img/shlink-web-client-3/visits-after.png" class="gallery-item"/><p class="text-center"><small>After</small></p></div></div><h3>Outer sections</h3><p>The app has some sections which are not related to a specific server, like creating/editing servers, or the settings page.</p><p>These sections have also been adapted to the new style, and they also have a max-width for wide screens.</p><div class="row"><div class="col-md-6  "><img alt="Before" src="/assets/img/shlink-web-client-3/create-server-before.png" class="gallery-item"/><p class="text-center"><small>Before</small></p></div><div class="col-md-6  "><img alt="After" src="/assets/img/shlink-web-client-3/create-server-after.png" class="gallery-item"/><p class="text-center"><small>After</small></p></div></div><h3>Date range selector</h3><p>A new component allows selecting date ranges either by relative time ranges (last 30 days, last 90 days...) or by selecting absolute start and end dates.</p><p>This component is used to filter both short URL lists and visits lists.</p><div class="row"><div class="col-md-6  col-md-offset-3"><img alt="Date range selector" src="/assets/img/shlink-web-client-3/date-range-selector.png" class=""/><p class="text-center"><small>Date range selector</small></p></div></div><h3>Domain selector</h3><p>Shlink has had multi-domain support for some versions, but changing the domain from the web client required to set the value manually, which is a bit error-prone.</p><p>This version introduces a new component which allows selecting from domains already used in the past (which is what you will want in most of the cases), preventing accidental typos.</p><p>It also allows setting new values in case you want to use a new domain that you never used before. This domain will then appear in the list the next time.</p><div class="row"><div class="col-md-6  "><img alt="Existing domains" src="/assets/img/shlink-web-client-3/domains-existing.png" class=""/><p class="text-center"><small>Existing domains</small></p></div><div class="col-md-6  "><img alt="New domain" src="/assets/img/shlink-web-client-3/domains-new.png" class=""/><p class="text-center"><small>New domain</small></p></div></div><h3>Other improvements</h3><p>The changes described so far were the major ones. However, v3.0.0 includes a few other minor improvements.</p><ul><li>Result and loading messages have been standardized: They are now more consistent and use the same set of components, which also ensures consistency in the future.</li><li>Error messages are now more descriptive: Instead of showing generic error messages when API calls fail, the actual error message is now always displayed, so that it&#x27;s easier to know what failed.</li><li>Dropped support for Shlink v1: All major versions come with some breaking changes that improve code maintainability. This one drops Shlink v1 support, which allows removing some conditional paths here and there.</li></ul><p>Other than the last point, Shlink v3.0.0 is mostly backwards compatible, so it&#x27;s safe to upgrade if you are already using Shlink v2.x</p><h3>Next steps</h3><p>Of course this doesn&#x27;t end here, and I have a lot of ideas to improve it even further.</p><ul><li>Dark theme: It&#x27;s what the cool kids do these days, and I have already done some experiments around it.</li><li>Shlink dashboard: Next gen web app for Shlink. You can read the whole reasoning in <a target="_blank" rel="noopener noreferrer" href="https://github.com/shlinkio/shlink-web-client/issues/338">this issue</a>.</li><li>Filtering in lists added to URL: Many sections allow filtering lists, but the state is saved in memory, which means it gets lost if the page is refreshed, and it cannot be bookmarked. The intention is to make all filtering params to become part of the URL.</li><li>Exporting visits in CSV: It&#x27;s cool to see charts full of info, but sometimes admins need to feed other services with the data, and consuming the original API is not always an option. Exporting visits to a CSV file will be supported soon by shlink-web-client.</li></ul>

Released shlink-web-client v3.0.0

<p>Let&#x27;s not deny that <a target="_blank" rel="noopener noreferrer" href="https://github.com/features/actions">GitHub actions</a> are hitting hard in the tech community, and many projects are transitioning from other continuous integration systems like <a target="_blank" rel="noopener noreferrer" href="https://circleci.com/">Circle CI</a> or <a target="_blank" rel="noopener noreferrer" href="https://travis-ci.org/">Travis CI</a>.</p><p>Personally I have been using Travis a lot during the past years, for all my OSS projects, and I have gotten very used to it.</p><p>However, people seem to be &quot;abandoning&quot; travis in favor of GitHub Actions, for different reasons. &quot;It&#x27;s faster&quot;, &quot;I can run smaller tasks in parallel&quot;, etc.</p><p>In my case, I have moved a few very specific tasks there, where travis was becoming a bottleneck, but I still have mixed feelings about the very-verbose yaml-based config needed to configure a few GitHub Actions, compared to the more concise travis one.</p><p>In this article I&#x27;ll explain how I improved a travis build to run several smaller tasks in parallel jobs, without having to completely move away from it.</p><h3>Initial state</h3><p>This project&#x27;s travis config is relatively simple. It is used to build a JS project for the web browser, and it has to run the next tasks:</p><ul><li>Lint the code, to make sure it fulfils the project&#x27;s coding standards.</li><li>Run unit tests.</li><li>Run mutation tests.</li><li>Build the docker image, to make sure none of the new changes broke it.</li><li>Conditionally publish a release on GitHub, with a dist file attached to it, if the build is being run for a git tag.</li></ul><pre><pre><code class="language-yaml">dist: bionic

language: node_js

branches:
  only:
    - /.*/

cache:
  directories:
    - node_modules

services:
  - docker

node_js:
  - &#x27;12.16.3&#x27;

install: npm ci

before_script:
  - echo &quot;Building commit range ${TRAVIS_COMMIT_RANGE}&quot;
  - export MUTATION_FILES=$(git diff ${TRAVIS_COMMIT_RANGE:-origin/main} --name-only | grep -E &#x27;src\/(.*).(ts|tsx)$&#x27; | paste -sd &quot;,&quot;)

script:
  - npm run lint
  - npm run test:ci
  - npm run mutate:ci
  - docker build -t project:test .

after_success:
  - node_modules/.bin/ocular coverage/clover.xml

before_deploy: npm run build ${TRAVIS_TAG#?}

deploy:
  - provider: releases
    api_key:
      secure: &lt;key&gt;
    file: &quot;./dist/project_${TRAVIS_TAG#?}_dist.zip&quot;
    skip_cleanup: true
    on:
      tags: true
</code></pre></pre><h3>Problems with this approach</h3><p>This is more or less ok, but the last two commands in <code>script</code> can be relatively slow and can delay the whole process.</p><p>Also, specially the mutation tests one, which is currently always considered successful regardless the result, can make the build reach the maximum run time allowed by travis, making the whole build falsely fail.</p><blockquote><p>The reason for the <code>before_script</code> step is to determine which source code files changed, and run mutation tests on them only, in order to mitigate this.</p></blockquote><p>Other than this, the build config defines &quot;global&quot; customizations that are actually only used for some tasks:</p><ul><li>Running <code>npm ci</code> is not required for the <code>docker build</code> task.</li><li>Getting the <code>docker</code> service is not required by any of the other tasks.</li><li>Determining changed files is only used by the <code>mutation tests</code> task.</li></ul><h3>Making use of jobs</h3><p>One cool feature travis supports is the use of a job <a target="_blank" rel="noopener noreferrer" href="https://docs.travis-ci.com/user/build-matrix/">build matrix</a>, that lets you define multiple jobs that run in parallel as part of the same build, and make each one of them do unrelated tasks.</p><p>Using this feature it is possible to improve the <code>.travis.yml</code> file, making it look like this:</p><pre><pre><code class="language-yaml">dist: bionic

language: node_js

branches:
  only:
    - /.*/

cache:
  directories:
    - node_modules

node_js:
  - &#x27;12.16.3&#x27;

jobs:
  fast_finish: true
  allow_failures:
    - name: &#x27;Mutation tests&#x27;
  include:

    - name: &#x27;Lint&#x27;
      install: npm ci
      script: npm run lint

    - name: &#x27;Unit tests&#x27;
      install: npm ci
      script: npm run test:ci
      after_success:
        - node_modules/.bin/ocular coverage/clover.xml

    - name: &#x27;Mutation tests&#x27;
      install: npm ci
      before_script:
        - echo &quot;Building commit range ${TRAVIS_COMMIT_RANGE}&quot;
        - export MUTATION_FILES=$(git diff ${TRAVIS_COMMIT_RANGE:-origin/main} --name-only | grep -E &#x27;src\/(.*).(ts|tsx)$&#x27; | paste -sd &quot;,&quot;)
      script: npm run mutate:ci

    - name: &#x27;Build docker image&#x27;
      services:
        - docker
      install: skip
      script: docker build -t project:test .

    - name: &#x27;Publish release&#x27;
      if: tag IS present
      install: skip
      script: skip
      before_deploy: npm run build ${TRAVIS_TAG#?}
      deploy:
        - provider: releases
          api_key:
            secure: &lt;key&gt;
          file: &quot;./dist/project_${TRAVIS_TAG#?}_dist.zip&quot;
          skip_cleanup: true
          on:
            tags: true
</code></pre></pre><p>This approach introduces all these benefits:</p><ul><li>Now linting, testing, mutation testing and building the docker image run in parallel, making the build finish earlier.</li><li>The mutation testing step is allowed to fail, and thanks to the <code>fast_finish</code> flag, travis won&#x27;t even wait for it to finish, considering the build successful once the rest have passed.</li><li>Configs that are only meaningful for certain jobs are defined in the job itself, instead of globally.</li><li>The &quot;publish release&quot; job only runs conditionally if the build is for a tag, thanks to the <code>if: tag IS present</code> condition. (More info about <a target="_blank" rel="noopener noreferrer" href="https://docs.travis-ci.com/user/conditional-builds-stages-jobs/">conditional jobs</a> in travis).</li><li>As soon as any of the jobs fails, the whole build fails and you don&#x27;t have to continue waiting. Before this, if the third task failed, you still had to wait for the previous two to finish.</li><li>Each job can have a name, making it more clear in travis UI what tasks are being run:</li></ul><p><img src="/assets/img/travis-multiple-jobs/travis-jobs.png" alt="Travis CI jobs"/></p><h3>Conclusion</h3><p>The main purpose of this article was to showcase that travis still has a lot to give. Github Actions are definitely cool, but there&#x27;s usually no silver bullet for everything, and a combination with other tools might be more suitable.</p><p>Also, this allows people using travis to improve their builds without having to change everything. Then, once you have split your tasks, if you still want to move to Github Actions, it should be easier.</p><blockquote><p>If you are curious, this is the project in which I use this travis configuration: <a target="_blank" rel="noopener noreferrer" href="https://github.com/shlinkio/shlink-web-client">shlinkio/shlink-web-client</a>.</p></blockquote>

Running several steps of a Travis CI build in parallel

<p>Asynchronous and non-blocking runtimes are pretty usual in many programming languages, as well as long-lived web apps that stay in memory and are capable of dispatching multiple HTTP requests without having to be fully bootstrapped every time. This has not been traditionally the case with PHP apps. </p><p>However, many projects are starting to get some adoption, that bring this long-lived approach to the PHP world.</p><p>The problem with this is that PHP developers are not used to this, and they tend to continue acting as they have always done. Also, libraries might have made some assumptions, making them not work as expected when used under this context.</p><p>Some of these projects are <a target="_blank" rel="noopener noreferrer" href="https://www.swoole.co.uk">swoole</a>, <a target="_blank" rel="noopener noreferrer" href="https://reactphp.org/">ReactPHP</a> or <a target="_blank" rel="noopener noreferrer" href="https://amphp.org/">Amphp</a>, to give some examples.</p><p>In this article, I will be focusing on the first one, and explain how to approach some of the pain points I have found after using it for a year and a half on an <a target="_blank" rel="noopener noreferrer" href="https://github.com/shlinkio/shlink">existing PHP project</a>.</p><h3>Introducing Swoole</h3><p>The main difference swoole has compared to other similar projects is that it&#x27;s written as a native PHP extension, and needs to be installed with <code>pecl</code>.</p><p>This is obviously a bit cumbersome, but the benefit is that, since it&#x27;s written in C++, it has a better handling of memory allocation, which is very important to achieve what it tries to do.</p><p>What swoole does is running a main process which bootstraps the PHP application once, and then keeps it in memory so that it can continue dispatching requests without having to load resources every time. This makes it really fast.</p><p>Those HTTP requests are handled by a set of child processes called &quot;web workers&quot;. Swoole forks the contents in memory for the main process to each one of the workers, so each worker has a &quot;copy&quot; of the application in memory.</p><p>Each worker is independent, but each one of them can only handle one request at a time, so you have to increase the number of workers if you expect a lot of concurrent traffic.</p><p>Other than web workers, swoole also has another set of child processes called &quot;task workers&quot;, which can be used to delegate long tasks at runtime to prevent web workers from getting blocked.</p><p>Here you can see a diagram of swoole&#x27;s architecture.</p><p><img src="https://www.swoole.co.uk/images/how-swoole-works.png" alt="How Swoole works"/></p><blockquote><p>More information can be found in <a target="_blank" rel="noopener noreferrer" href="https://www.swoole.co.uk/how-it-works">Swoole&#x27;s website</a>.</p></blockquote><h3>Problems to solve</h3><p>Now that we know how swoole works, let&#x27;s see some of the challanges I have faced in th past, which are usually not that ovbious when you are used to think in terms of &quot;blocking&quot; and &quot;short-lived&quot;.</p><h4>Database connections are kept open</h4><p>One of the first things you find out is that, since the application stays in memory, any database connection that has been opened by a worker (either web or task worker), will be kept open and reused in subsequent executions or HTTP requests served by the app.</p><p>This, which is in theory good, has a side effect, which is not obvious during development: <strong>the opened connection will eventually expire</strong>.</p><p>Since most of the popular database abstraction layers in PHP are coming from the times in which PHP was just a bootstrap-on-every-request technology, they never cared too much about expired database connections, as they would be opened again on next request.</p><p>However, when using swoole and the like, you have to implement some mechanism which takes care of reconnecting or gracefully recovering when this happens.</p><blockquote><p>I wrote an article explaining how I solved this on a middleware-based app served with swoole and using doctrine: <a href="/2019/11/04/how-to-properly-handle-a-doctrine-entity-manager-on-an-expressive-application-served-with-swoole/">How to properly handle a doctrine entity manager on an expressive application served with swoole</a></p></blockquote><p>Obviously, swoole (and also others) provides some tools to work with databases (like this <a target="_blank" rel="noopener noreferrer" href="https://www.swoole.co.uk/docs/modules/swoole-async-mysql-client">MySQL client</a>), which I&#x27;m sure do not have this problem (although, I haven&#x27;t personally tried this), but they are more limited than other well adopted libraries.</p><h4>In-memory caches don&#x27;t behave as expected</h4><p>It is a frequent practice to use local in-memory caches, like APCu, to improve applications performance in production.</p><p>Usually APCu is faster than other options, like redis or memcached, so it&#x27;s the choice when you only have one instance of your app running (meaning, you don&#x27;t have a cluster behind a load balancer).</p><p>However, even if you are running your app on just one server with swoole, because of the web worker system explained earlier, you actually have several copies of your app in memory, and each one of them will have a separated and not shared cache when using APCu.</p><p>This can lead to inconsistencies which are hard to debug, so you need to have it in mind.</p><p>Also, since the information that is being loaded is kept in memory anyway, you will not notice such a big improvement by using APCu or other in-memory caches.</p><blockquote><p>Notice that this problem does not happen when using distributed/centralized caching solutions, such as redis or memcached, as in that case, the caching technology is shared by all workers.</p></blockquote><h4>No need to optimize file including/requiring</h4><p>Many projects have complex configuration systems which are spread into several files. While this make it more maintainable, it also has a performance impact when all those files need to be loaded on every request.</p><p>Because of that, there are libraries like <a target="_blank" rel="noopener noreferrer" href="https://github.com/laminas/laminas-config-aggregator">laminas-config-aggregator</a> that can dynamically load config from many sources and, if some conditions are met, they can merge the result in a single bigger file that can be used in later requests.</p><p>In the case of swoole, as all the files will be kept in memory once loaded for the first time, there&#x27;s no need for this kind of optimization.</p><h4>Class autoloading happens once</h4><p>This point is very related with the previous one.</p><p>Composer offers a lot of optimization options so that class autoloading is faster in production. While you usually will still want to use some of those so that the first time a class is being loaded it is still reasonably fast, any subsequent hits will just use the class which is already in memory.</p><p>One of the composer flags you will probably don&#x27;t want use with swoole is <code>--apcu-autoloader</code>, because of the reasons mentioned two points above this one.</p><h4>Services should be truly stateless</h4><p>This is something that you should always do anyway, but it&#x27;s specially important when a service instance is kept in memory between HTTP requests.</p><p>Sometimes it&#x27;s easy to end up having some small piece of internal state on a service, where we save something as a side effect of a method call, to end up using it when another one of the public methods is invoked.</p><p>While this could seem harmless when the whole app is bootstrapped on every request, it can have very dangerous side effects when the app is served with swoole, because the instance will persist until another request is dispatched by the same web worker.</p><p>Just imagine you saved some user data on a service, and it ends up being served to another user on the next request. That won&#x27;t look good.</p><p>Because of this, make sure your services are truly stateless, and if for any reason that&#x27;s not possible, at least remember to have some mechanism in place that flushes the data just before finishing the request.</p><h4>Hot reloading for dev envs is not that good</h4><p>One thing we usually take for granted is that we can modify a PHP file and just by making a new request, the new code will be executed. However, when the code is kept in memory, it&#x27;s not that straightforward.</p><p>When you are developing a project which is served with swoole, you will have to restart the server every time to get your changes applied.</p><p>Swoole has a mechanism to do a light server reload, which is faster. You can find the docs in <a target="_blank" rel="noopener noreferrer" href="https://www.swoole.co.uk/docs/modules/swoole-server-reload">it&#x27;s website</a>.</p><p>The problem with this is that you need to implement the mechanism to invoke that when a file is changed, or use some library that does it for you.</p><p>Also, I have noticed that even calling that and seeing that the server is reloaded, does not always have the expected effect, and you have to still end up doing a hard reload. It&#x27;s something I don&#x27;t fully understand and I still need to investigate a bit further.</p><h3>Conclusion</h3><p>As it always happens when new technologies appear, it takes some time to get used to them, but I strongly suggest you to give a try to swoole or any other non-blocking runtime, because it makes your apps super fast.</p><p>Just remember to have all of the above in mind ;-)</p><p>That said, here you can find some libraries that will make your life easier when trying to serve existing projects with swoole, without having to couple with it and being able to continue using your favourite framework:</p><ul><li>IDE helper: <a target="_blank" rel="noopener noreferrer" href="https://github.com/swoft-cloud/swoole-ide-helper">https://github.com/swoft-cloud/swoole-ide-helper</a></li><li>Mezzio (formerly Zend Expressive): <a target="_blank" rel="noopener noreferrer" href="https://github.com/mezzio/mezzio-swoole">https://github.com/mezzio/mezzio-swoole</a></li><li>Symfony: <a target="_blank" rel="noopener noreferrer" href="https://github.com/k911/swoole-bundle">https://github.com/k911/swoole-bundle</a></li><li>Laravel: <a target="_blank" rel="noopener noreferrer" href="https://github.com/swooletw/laravel-swoole">https://github.com/swooletw/laravel-swoole</a></li></ul><p>Also, here you can find some more articles talking about this topic:</p><ul><li><a target="_blank" rel="noopener noreferrer" href="https://www.zend.com/blog/why-you-should-use-asynchronous-php">https://www.zend.com/blog/why-you-should-use-asynchronous-php</a></li><li><a target="_blank" rel="noopener noreferrer" href="https://samsonasik.wordpress.com/2020/04/05/using-swoole-in-mezzio-application-with-sdebug/">https://samsonasik.wordpress.com/2020/04/05/using-swoole-in-mezzio-application-with-sdebug/</a></li></ul>

Considerations when working with async PHP runtimes like swoole

<p>I&#x27;ve been wanting to write this article for a while, but it is a subject complex to approach.</p><p>Lately I&#x27;ve had some &quot;conflicts&quot; with users in some of the open source software (OSS) projects I maintain, and I have also seen some of the people I follow on Twitter dealing with the same.</p><p>Because of that I wanted to share my point of view on what should be the attitude and considerations when using OSS.</p><h3>Company vs personal</h3><p>The first thing you have to take into account when using OSS, is that there are two kinds of projects which usually have different goals.</p><h4>Company projects</h4><p>It is very common that companies which activity is related with software or make a deep use of technology, publish their own OSS projects.</p><p>These projects are usually born from some need the company has had which is not strictly part of their domain.</p><p>Thanks to publishing these projects they can find new talent (among contributors), or position themselves in the industry.</p><p>It&#x27;s also quite common that companies provide paid services which are related with these OSS projects, like specific hostings or deployment services, or just consultancy on using them.</p><h4>Personal projects</h4><p>There&#x27;s also projects which are usually maintained by one person, or a very small team, during their own free time.</p><p>These projects are created by people who do it mainly because they love to program and want to share something they have done.</p><p>The goal here is to get some visibility, show some skills, learn something new and contribute to the open source community.</p><p>While the main purpose is not usually getting money, they frequently accept donations and sponsorships.</p><hr/><p>Now we know the two main groups of OSS projects. Sometimes we think they are the same, but company projects are usually maintained by people which is paid by a company, and do it during their working hours.</p><p>On the other hand, personal projects cannot get that much attention and resources, so they cannot progress as fast as the company ones.</p><h3>Considerations</h3><p>That said, when we want to use an open source project or contribute to it, there are a few things to take into account.</p><h4>Always be polite</h4><p>While using a project, you will probably end up finding something is not working as you expected, or you&#x27;ll develop a new need for which the project does not provide a solution.</p><p>When reporting bugs or asking for new features, always try to <strong>be polite</strong>. Provide as many details as possible, be descriptive and help maintainers reproduce the issue.</p><p>If you are asked to do some tests and get back with the result, try to find the time to do it. You may think that&#x27;s not your work, but the issue will get solved much earlier and you will avoid frustrations.</p><p>There&#x27;s a formula I like to use when reporting issues, which consists in filling this template:</p><ul><li>I did <em>[action]</em>.</li><li>I expected <em>[behavior]</em> to happen.</li><li>Instead <em>[other_behavior]</em> happened.</li></ul><p>This will simplify maintainers see the user&#x27;s intention, and detect confusions which are not actually bugs. Helping the user use the tool will be easier this way.</p><h4>Don&#x27;t take anything for granted</h4><p>Just because you open a ticket, does not mean the team is going to work on it right away. There are several reasons that could delay it.</p><ul><li>The project has other priorities.</li><li>It&#x27;s hard to reproduce.</li><li>There&#x27;s no one available to work on it.</li><li>Maintainers just want to spend their time in something else (specially in the case of personal projects).</li></ul><p>The people working in the project is usually dealing with a much wider scope than you might think, so you have to be patient and understand this.</p><p>It could also happen that they don&#x27;t really want to maintain what you proposed, even though it&#x27;s a supper critical feature for you, but a project will never be able to cover the 100% of use cases.</p><h4>Consider contributing</h4><p>One of the main principles of the open source philosophy is collaboration.</p><p>If you have been using an OSS project, the best way to show some appreciation and collaborate with its continuity is by contributing to it.</p><p>There are several ways to contribute.</p><ul><li>You could improve the documentation,</li><li>You could provide some PR fixing some bug or improving the code.</li><li>You could provide some PR with some new feature.</li><li>You could make some economic donation or sponsorship.</li></ul><p>The last one is very rare, specially among individual users, but if your company is taking advantage of an OSS project, you should consider it.</p><p>For the other three cases, if there&#x27;s something you think you can help with, there&#x27;s something to take into account in relation with previous point. You should <strong>always ask first</strong>.</p><p>Maybe someone is already working on something similar, or the team has some ideas in mind that could be shared before starting any implementation, or, as I said before, maybe they just don&#x27;t want to maintain it.</p><p>If you ask first you will save yourself some time and frustrations.</p><h4>Follow the project rules</h4><p>All projects have rules, and I&#x27;m talking about any kind of rule. How to write issues, the code of conduct, the coding standards, the amount of people that need to approve a PR before merging it...</p><p>You have to always follow these rules. Don&#x27;t try to enforce something just because you consider it better.</p><p>If the project requires the use of spaces for indentation but you used tabs because you like them better, don&#x27;t get mad if maintainers don&#x27;t want to merge your PR.</p><h4>Don&#x27;t take it personally</h4><p>And finally, because of the reasons exposed in previous points, there will be decisions you don&#x27;t like.</p><p>Don&#x27;t take it personally, because it&#x27;s not in most of the cases.</p><p>Your issue could be closed because you didn&#x27;t follow the issue template, or because they asked you to check something and you didn&#x27;t give any feedback after some days.</p><p>Understand this can happen, and you can always be polite and open a discussion, but never get mad and accuse the team to be unfair or treat you in the wrong way.</p><h3>Conclusion</h3><p>This article describes a set of rules that should help people using OSS projects and people maintaining them to understand each other, but focusing on the former.</p><p>I will try to write something similar but focusing on how maintainers should behave. We obviously forget some times that there&#x27;s people trusting on us when using the software we write.</p>

Considerations to properly use open source software projects

<p>Some of you know that I work now as a full stack javascript developer, and I have interacted with a few different projects, both in front-end javascript and in nodejs.</p><p>My main concern about javascript has been that, apparently, the community has not adopted one of the practices that, for me, has been the most game changing of all: <strong>Dependency Injection</strong>.</p><blockquote><p>Take into account that this is my relative point of view, from a community which is still quite new to me, so if you find that something I say makes no sense at all, you are more than welcome to <a href="/#comments-box">leave a comment</a>.</p></blockquote><h3>Current state of DI in JS</h3><p>At the moment of writing this article, I have made some research, and my feeling is that only very strict object-oriented projects based on <code>Typescript</code> introduce the concept of Dependency Injection.</p><p>Frameworks like <a target="_blank" rel="noopener noreferrer" href="https://angular.io/"><code>Angular</code></a> and <a target="_blank" rel="noopener noreferrer" href="https://nestjs.com/"><code>NestJS</code></a> include dependency injection containers which allow us solving the dependency injection problem in a more than decent way.</p><p>However, these solutions force us to write a code which feels too coupled with the framework.</p><p>I have also found what seems to be a pretty popular framework-agnostic dependency injection container, <a target="_blank" rel="noopener noreferrer" href="http://inversify.io/"><code>InversifyJS</code></a>, which again, seems to be more <code>Typescript</code> oriented (despite the fact that it says it&#x27;s for plain javascript as well).</p><p>From my point of view, the main problem with this one is that its too complex to get it up and running, which makes people get tired of even trying dependency injection.</p><p>Other than this, I have not seen much adoption in plain javascript projects (maybe more functional than object-oriented), where developers just import or require the dependencies to be used from other modules and use them, which couples the code and makes it really hard to test (at least unit test).</p><h3>Good dependency injection</h3><p>I want to start by trying to define how I feel dependency injection should be done, so that it&#x27;s flexible and useful, and not scary to use:</p><ul><li><p>We should be able to write code in javascript modules in a way we don&#x27;t care where our dependencies come from, or how are they going to be created.</p><p>  I have seen some attempts in which dependencies are imported or required in the code, but then the module exports some way to override the dependency at runtime (with the intention to do it in tests).</p><p>  This is a sort of working approach, but it feels a little bit hacky. It&#x27;s also always importing external code which could have other side effects.</p></li><li><p>We should never be forced to couple our own code with the dependency injection framework. At some point we could want to change the implementation, and that shouldn&#x27;t make us change our code.</p></li><li><p>The dependency injection container (which is the object which encapsulates how dependencies are created and injected into objects, <strong>DIC</strong> from now on), should never leak into our code.</p><p>  It belongs to bootstrapping scripts only. It is also acceptable to get it in code which only purpose is creating objects in the context of dependency injection itself.</p><p>  By importing or requiring the DIC inside modules, we are hiding the module&#x27;s dependencies, and ending up with the ugly service locator anti pattern.</p></li><li><p>Configuring the DIC should always be an easy task. We should be able to just provide simple configuration or simple factories for corner cases in which a basic config is not enough.</p><p>  When the DIC is hard to configure or too feature-bloated, people end up with the feeling that dependency injection is not worth it.</p></li><li><p>The DIC should be able to recursively resolve dependencies. We shouldn&#x27;t need to know what are the dependencies of our dependencies. When creating an object, it should be enough to just pull its direct dependencies from the container, and it should know how to recursively resolve the rest.</p></li></ul><p>With all this in mind, I have created a proof of concept <a target="_blank" rel="noopener noreferrer" href="https://expressjs.com/"><code>express.js</code></a>-based project which makes use of a very simple custom DIC to solve dependency injection.</p><p>You can find the project <a target="_blank" rel="noopener noreferrer" href="https://github.com/acelaya-blog/dependency-injection-container-js">here</a>.</p><h3>Explaining the proof of concept</h3><p>The project is pretty simple. You can just clone it and then run <code>npm install &amp;&amp; node server.js</code>. It will serve the app in <a target="_blank" rel="noopener noreferrer" href="http://localhost:3000">localhost:3000</a>.</p><p>The default path just displays a &quot;Hello World&quot; message, and it has a second <a target="_blank" rel="noopener noreferrer" href="http://localhost:3000/users">/users</a> path which returns a JSON response where some data is dynamically generated. You can refresh the page in order to see it.</p><p>The main characteristic of this project is that, if you open any of the files in <code>controllers</code> or <code>services</code>, you&#x27;ll see they don&#x27;t import or require anything.</p><p>Instead they just expose a builder function (or factory function, or construction function, or whatever you want to name it), which in turn returns the actual object which is going to be used at runtime (remember that, in javascript, functions are first-class objects).</p><p>Let&#x27;s take the <code>listUsersController</code> as an example:</p><pre><pre><code class="language-js">const listUsersController = getUsers =&gt; (req, res, next) =&gt; {
    const users = getUsers();
    res.send(JSON.stringify(users));
};

module.exports = listUsersController;
</code></pre></pre><p>What this module exports is a function where a dependency has to be injected. However, when implementing the controller, we don&#x27;t care where it is going to come from. We just expose the fact that the controller needs that <code>getUsers</code> dependency in order to properly work.</p><p>When that function is called with the dependency, it will return the actual controller (a simple express middleware).</p><p>The only place where actual modules are imported is the <code>config/services.js</code> file, which is a simple map where we basically define which are the dependencies for every object.</p><pre><pre><code class="language-js">const homeControllerFactory = require(&#x27;../controllers/homeController&#x27;);
const listUsersControllerFactory = require(&#x27;../controllers/listUsersController&#x27;);

const utils = require(&#x27;../services/utils&#x27;);
const getUsersFactory = require(&#x27;../services/getUsers&#x27;);

const services = {
    mainController: container =&gt; homeControllerFactory(),
    listUsersController: container =&gt; {
        const getUsers = container.get(&#x27;getUsers&#x27;);
        return listUsersControllerFactory(getUsers);
    },

    utilsService: container =&gt; utils,
    getUsers: container =&gt; {
        const utils = container.get(&#x27;utilsService&#x27;);
        return getUsersFactory(utils);
    }
};

module.exports = services;
</code></pre></pre><p>This file only defines how the builder/creator/factory functions for every object have to be invoked, by first pulling their direct dependencies from the container, if any.</p><p>This file is then imported in the <code>server.js</code> file, which is our entry point. Together with the <code>container/container.js</code> file, they make a super basic dependency injection container.</p><p>Since this DIC is capable of recursively resolving dependencies, our <code>server.js</code> file is the only place where we manually pull objects from the container (the controllers in this case).</p><pre><pre><code class="language-js">const express = require(&#x27;express&#x27;);
const services = require(&#x27;./config/services&#x27;);
const container = require(&#x27;./container/cotainer&#x27;)(services);

const app = express();
const port = 3000;

// We pull the controllers from the container here
app.get(&#x27;/&#x27;, container.get(&#x27;mainController&#x27;));
app.get(&#x27;/users&#x27;, container.get(&#x27;listUsersController&#x27;));

app.listen(port, () =&gt; console.log(`Example app listening on port ${port}!`));
</code></pre></pre><h3>Evolving the proof of concept</h3><p>We have defined a pretty simple approach where we have been able to fulfil all the requirements for a good dependency injection.</p><p>The code is easy to maintain, completely decoupled from the container and from other modules, and registering objects just takes two or three lines of code.</p><p>The main problem is that we are now forced to maintain a too basic DIC which also lacks some basic features, like lazy loading or avoiding the same service to be created more than once.</p><p>In order to solve that, we are going to introduce a project dependency on the <a target="_blank" rel="noopener noreferrer" href="https://github.com/young-steveo/bottlejs"><code>BottleJS</code></a> package, which is a dependency injection <em>micro</em> container.</p><p>Thanks to that package, we can evolve and merge our <code>config/services.js</code> and <code>container/container.js</code> files into a single one which looks like this:</p><pre><pre><code class="language-js">const Bottle = require(&#x27;bottlejs&#x27;);
 
const homeControllerFactory = require(&#x27;../controllers/homeController&#x27;);
const listUsersControllerFactory = require(&#x27;../controllers/listUsersController&#x27;);

const utils = require(&#x27;../services/utils&#x27;);
const getUsersFactory = require(&#x27;../services/getUsers&#x27;);

const bottle = new Bottle();

bottle.constant(&#x27;utilsService&#x27;, utils);
bottle.serviceFactory(&#x27;getUsers&#x27;, getUsersFactory, &#x27;utilsService&#x27;);

bottle.serviceFactory(&#x27;mainController&#x27;, homeControllerFactory);
bottle.serviceFactory(&#x27;listUsersController&#x27;, listUsersControllerFactory, &#x27;getUsers&#x27;);

module.exports = bottle.container;
</code></pre></pre><p>It&#x27;s basically the same, but this time, we just need to pass the list of dependencies for every object by its name to a <code>Bottle</code> instance, and then export the bottle container.</p><p>This container has also a few interesting extra features which might be handy in larger projects.</p><blockquote><p>The amount of stars in this package makes me think that maybe my previous conclusion was wrong, and dependency injection is more extended in javascript projects than I thought.</p></blockquote><p>You can find the whole proof of concept project using <code>BottleJS</code> in the same repository, under the <code>with-bottle</code> branch, <a target="_blank" rel="noopener noreferrer" href="https://github.com/acelaya-blog/dependency-injection-container-js/tree/with-bottle">here</a>.</p><h3>Conclusion</h3><p>My conclusion is that dependency injection in plain javascript and even non object-oriented projects is, not only possible, but desirable.</p><p>Having a really decoupled codebase, where true <a target="_blank" rel="noopener noreferrer" href="https://en.wikipedia.org/wiki/Dependency_inversion_principle">dependency inversion</a> is achieved thanks to dependency injection, will make our projects much easier to maintain in the long term, and easier to unit test.</p><blockquote><p>I have not covered other scenarios in this article, like front-end application with <a target="_blank" rel="noopener noreferrer" href="https://reactjs.org/">ReactJS</a> or <a target="_blank" rel="noopener noreferrer" href="https://vuejs.org/">VueJS</a>. I will try to do it in the future, when I have become wiser :P</p></blockquote><blockquote><p><strong>Update 2018-12-16:</strong> I have found an article where <a target="_blank" rel="noopener noreferrer" href="https://medium.com/@magnusjt">Magnus Tovslid</a> proposes a very similar approach but for ReactJS and Redux front-end applications. Take a look at it, it&#x27;s very interesting. <a target="_blank" rel="noopener noreferrer" href="https://medium.com/@magnusjt/inversion-of-control-and-di-in-reactjs-and-redux-35161fcef847">Inversion of Control and DI in Reactjs and Redux</a></p></blockquote>

Dependency injection in nodejs projects

<p>A couple years ago I wrote a <a href="/2016/06/12/using-service-manager-3-lazy-services-to-improve-your-php-application-performance/">post</a> about how to improve PHP applications performance by using <code>zend-servicemanager</code> lazy services.</p><p>In that article I explained how the <code>ServiceManager</code> takes advantage of the proxy design pattern to delay the creation of services, when they are marked as <strong>lazy</strong>.</p><p>That can improve performance if the object is resource consuming, but that is not the only advantage behind proxies.</p><h3>A use case</h3><p>Some days ago I was working on a new feature for <a target="_blank" rel="noopener noreferrer" href="https://shlink.io">Shlink</a>, an open source project I maintain.</p><p>The feature consisted on adding support to geolocate IP addresses by using <a target="_blank" rel="noopener noreferrer" href="https://dev.maxmind.com/geoip/geoip2/geolite2/">GeoLite2</a>, an IP address database which is updated every month.</p><p>They have an official <a target="_blank" rel="noopener noreferrer" href="https://github.com/maxmind/GeoIP2-php">PHP library</a>, which exposes a <code>GeoIp2\Database\Reader</code> service where you need to inject the path to the GeoLite2 library file.</p><p>Since <strong>Shlink</strong> uses the <code>zend-servicemanager</code> to manage dependency injection, I created a factory like this (these examples are pseudocode):</p><pre><pre><code class="language-php">&lt;?php
declare(strict_types=1);

namespace Shlinkio\Shlink\Factory;

use GeoIp2\Database\Reader;
use Interop\Container\ContainerInterface;
use Zend\ServiceManager\Factory\FactoryInterface;

class GeoLiteReaderFactory implements FactoryInterface
{
    public function __invoke(ContainerInterface $container, $requestedName, array $options = null)
    {
        $geoLiteDbLocation = $container-&gt;get(&#x27;config&#x27;)[&#x27;geolite2&#x27;][&#x27;db_location&#x27;] ?? &#x27;&#x27;;
        return new Reader($geoLiteDbLocation);
    }
}
</code></pre></pre><p>And then registered it like this:</p><pre><pre><code class="language-php">&lt;?php
declare(strict_types=1);

namespace Shlinkio\Shlink\Common;

use GeoIp2\Database\Reader;
use Shlinkio\Shlink\Factory\GeoLiteReaderFactory;

return [

    &#x27;dependencies&#x27; =&gt; [
        &#x27;factories&#x27; =&gt; [
            Reader::class =&gt; GeoLiteReaderFactory::class,
        ],
    ],

];
</code></pre></pre><p>Then I registered other services which were depending on this one, and everything seemed to be ok.</p><h3>The issue</h3><p>My intention was to download the GeoLite2 database during <strong>Shlink</strong>&#x27;s installation.</p><p>The problem is that the <code>GeoIp2\Database\Reader</code> service throws an exception if the file you specified does not exist, and the first time <strong>Shlink</strong> is executed, it does not exist.</p><p>The way I designed my service graph was making the <code>GeoIp2\Database\Reader</code> object to be instantiated, and throw an error before being able to download the file.</p><p>I started to think on ways to workaround this issue, but none of them seemed clean enough.</p><p>Then I thought &quot;maybe I can wrap the object somehow, so that it is not created until it is going to be actually used&quot;, and then I realized that was exactly what a Proxy does, and also, that the <code>ServiceManager</code> includes its own implementation to do this.</p><h3>The solution</h3><p>The solution was pretty straightforward. I just had to mark the service as lazy, changing the configuration to this:</p><pre><pre><code class="language-php">&lt;?php
declare(strict_types=1);

namespace Shlinkio\Shlink\Common;

use GeoIp2\Database\Reader;
use Shlinkio\Shlink\Factory\GeoLiteReaderFactory;
use Zend\ServiceManager\Proxy\LazyServiceFactory;

return [

    &#x27;dependencies&#x27; =&gt; [
        &#x27;factories&#x27; =&gt; [
            Reader::class =&gt; GeoLiteReaderFactory::class,
        ],
    ],
    
    &#x27;delegators&#x27; =&gt; [
        Reader::class =&gt; [
            LazyServiceFactory::class,
        ],
    ],
    
    &#x27;lazy_services&#x27; =&gt; [
        &#x27;class_map&#x27; =&gt; [
            Reader::class =&gt; Reader::class,
        ],
        &#x27;proxies_target_dir&#x27; =&gt; &#x27;data/proxies&#x27;,
        &#x27;proxies_namespace&#x27; =&gt; &#x27;ShlinkProxy&#x27;,
        &#x27;write_proxy_files&#x27; =&gt; true,
    ],

];
</code></pre></pre><p>And that&#x27;s it. No further code changes were needed, only configuration.</p><p>With this change, the constructor of the <code>GeoIp2\Database\Reader</code> is no longer run until the object is going to be actually used, which allows <strong>Shlink</strong> to be installed, and the database file to be downloaded.</p><blockquote><p>If you want to more deeply understand what the new config actually means, it is explained in detail in my <a href="/2016/06/12/using-service-manager-3-lazy-services-to-improve-your-php-application-performance/">previous article</a> about lazy services.</p></blockquote><h3>Conclusion</h3><p>With this article I just wanted to share how to solve a specific issue introduced by third party code, where you don&#x27;t have the &quot;power&quot; to change the implementation.</p><p>I also wanted to expose a real use case, which will probably remind you to some real situation in which you have faced a similar problem in the past.</p>