https://monorepo.tools
#everything #monorepo #monorepos #tool

Anyone doing #github #actions - does anyone know a way to do dynamic environment variables, at the job level - based on a folder in a #monorepo?

I need to build container images and frontend apps, and pass to them different API paths and keys. At the moment every time an app is added, the secrets and vars need to get added to be passed down into the actions.

Cool. You can use `go work` and it no longer needs to reach out to external projects that are defined in `use` statements.

Still not sure if this is better or worse than a central `go.mod` if I am not doing versioning.

#golang #monorepo

It's 35k lines long!!! We *just* started moving old packages into the monorepo a few months ago, it's going to get MUCH BIGGER.

#monorepo is an #AntiPattern

#webDev #programming #pnpm

Somehow, every #packageManager that tries to replace #NPM is worse than the last.

I can't even open #PNPM's package_lock.json in my company's #monorepo because #VSCode runs out of memory trying to display a changeset.

I don't even WANT a fucking package_lock!!!

#NodeJS #JavaScript #yarn

I’ve just released attempt 2 at a workaround for monorepos with :github: Advanced Security Code Scanning results, to let you filter by project 🚀

My last try didn’t work out, but I’ve taken a new tack ⛵️ and come back with a new ✨ way…

https://github.com/advanced-security/monorepo-filtering-workaround

The sample Actions workflow I’ve shown works for CodeQL, but you can apply the same idea to any Code Scanning integration.

#GitHub #SAST #GitHubAdvancedSecurity #MonoRepo #DevSecOps #SecureCoding

If you have an #OpenSource project has #monorepo setup is it possible to fork only one part of the project? I have something that I would be interest in forking the backend but I would need a different front end (can't reuse the projects copyrights). 🤔

#git

People who are working with #npm #monorepo's, if I have a package (eslint config) in the monorepo that is used as `devDependency` in other package from the same repo, and that other package is going to be published. Does this `devDependency` has to be published too? Or can it stay private? I really don't see sense publishing it, but also couldn't find information whether npm cares about devDeps...

Also tagging #nx #lerna #turborepo #pnpm #javascript, in case you guys maybe know the answer.

3 - Repetição de código, você vai ter o mesmo arquivo, com o mesmo conteúdo em um ou mais projetos, se você tiver um #monorepo ainda, pior.

I've opensourced Actions/scripts to enhance #GitHub Code Scanning

🔖 tag-sarif: for filtering results in a #monorepo
🧭 remap-sarif: for scanning code that transpiles to #JavaScript

tag-sarif attaches custom tags to results to allow filtering in the Code Scanning UI

remap-sarif lets you scan languages/frameworks, such as Dart/Next.is, using Source Maps

Source:
https://lnkd.in/dZerNsGs
https://lnkd.in/dvmruWDJ

Actions:
https://lnkd.in/dTzVg-X3
https://lnkd.in/d9dSZ2ER

#SAST #DevSecOps #AppSec

Putting together my first blog post in almost a year about #Gradle #monorepo structure for #Kotlin projects. I'm going to call it "The Holy Gradle". 🏆

We found a way to combine turborepo's great builds with overmind's great process management.

https://gist.github.com/canadaduane/8b3da949fc106dfd9416f2ae21e9fd08

#nodejs #webdev #monorepo

Maintaining a #monorepo already has enough challenges. Keeping its #CODEOWNERS up to date can be difficult. I started on a new #GitHubCLI extension: `gh ext install heaths/gh-codeowners`

It does only simple linting for now but will have a fix mode for supported error types.

See https://github.com/heaths/gh-codeowners/releases/tag/v0.1.0 for more information. #GitHub

RT @malko25
Just published first public release of monospace, if you are stuck choosing between mono vs poly repo, give monospace a try! https://github.com/software-t-rex/monospace #monorepo #polyrepo #developers

Quite happy that I started splitting a larger #React app a while ago into a #monorepo with each workspace containing everything related to a feature.

Plus a core package with shared code, a package that wires everything together and two packages for the two build targets.

Can focus on a few folders when doing my work and it’s easier to show contributors where to work and they can mostly ignore the rest.

It’s also obvious in PRs when code leaks out of its workspace.

Are #monorepo only laziness of Javascript developers to do proper libraries?
What do you think of #monorepo ?

Трошки контексту: в мене #vscode ламається на спробі створи два проекти з двома go.mod файлами в одному вокрспейсі. Імпорти перестають працювати взагалі. Це я пробую налаштувати #monorepo. Але і з типовими проектами достатньо приколів в #vscode

@zen в мене #vscode ламається на спробі створи два проекти з двома go.mod файлами в одному вокрспейсі. Імпорти перестають працювати взагалі. :( Це я пробую налаштувати #monorepo. Але і з типовими проектами достатньо приколів...

To #monorepo or not to #monorepo, that is the dread of developers.

Sharing what I've been working on this past few months at @buffer @bufferdevs

#monorepo #rushstack #docker #kubernetes @tilt_dev