Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RFC: Remove PM2 dependency from Mockoon CLI #1081

Closed
martin-bucinskas opened this issue Jul 14, 2023 · 1 comment
Closed

RFC: Remove PM2 dependency from Mockoon CLI #1081

martin-bucinskas opened this issue Jul 14, 2023 · 1 comment
Assignees
@255kb
Labels
feature New feature request

Comments

@martin-bucinskas
Copy link
Contributor

martin-bucinskas commented Jul 14, 2023
edited

Proposing to remove PM2 dependency from Mockoon CLI.

Why

Considering that most people that do use mockoon cli use the docker functionality and wrap it as a container image,
there seems to be no need to allow virtual horizontal scaling that PM2 offers to run multiple mockoon processes within the "same" NodeJS process, as orchestrators such as kubernetes (other tools also available) already handle the vertical and horizontal scaling of pods or containers. There is little benefit of having a huge dependency on something that would run perfectly without the daemon process management that PM2 offers.

Context

In the last couple of days, there have been some CVEs raised regarding VM2 affecting all versions reaching the score of 9.8.

Unfortunately a dependency that Mockoon CLI uses, also uses the vulnerable VM2 dependency, making any sort of automated vulnerability checking as part of pipelines flag up as a vulnerable component. There is no easy way to mitigate this as of now, since the maintainer of VM2 has dropped support of the project.

There is an alternative available package called isolated-vm which can do the same job as VM2 did but its got issues on its own, but this is for the PM2 maintainers to decide, and there is no clear timelines when PM2 will be updated and resolved. - Unitech/pm2#5639

edit: 14/07/23 - just adding a note that despite mockoon cli using PM2 as a dependency, the PM2 and VM2 functionality is behind a feature flag that is generally disabled when running the cli as a container image - shouldn't need to worry about existing running components!
@255kb 255kb added the feature New feature request label Jul 15, 2023
@255kb 255kb self-assigned this Jul 17, 2023
255kb added a commit that referenced this issue Jul 20, 2023
@255kb
CLI refactoring
6cecc7b 
- remove PM2 dependency
- remove list and stop commands, remove `--pname` flag
- make foreground the default and remove the `--daemon-flag`
- simplify the dockerize command to only generates a Dockerfile, and enable file downloading
- remove some dependencies to simplify maintenance (inquirer, etc.)
Closes #1081
255kb added a commit that referenced this issue Jul 21, 2023
@255kb
CLI refactoring
5fd3cbd 
- remove PM2 dependency
- remove list and stop commands, remove `--pname` flag
- make foreground the default and remove the `--daemon-flag`
- simplify the dockerize command to only generates a Dockerfile, and enable file downloading
- remove some dependencies to simplify maintenance (inquirer, etc.)
Closes #1081
@255kb 255kb mentioned this issue Jul 21, 2023
Merged
4 tasks
255kb added a commit that referenced this issue Jul 21, 2023
@255kb
CLI refactoring
48b74bc 
- remove PM2 dependency
- remove list and stop commands, remove `--pname` flag
- make foreground the default and remove the `--daemon-flag`
- simplify the dockerize command to only generates a Dockerfile, and enable file downloading
- remove some dependencies to simplify maintenance (inquirer, etc.)
Closes #1081
255kb added a commit to mockoon/mockoon.com that referenced this issue Jul 21, 2023
@255kb
Update CLI screenshots docs and tutorials for mockoon/mockoon#1081
73458a2
255kb added a commit that referenced this issue Jul 21, 2023
@255kb
CLI refactoring
afe986a 
- remove PM2 dependency
- remove list and stop commands, remove `--pname` flag
- make foreground the default and remove the `--daemon-flag`
- simplify the dockerize command to only generates a Dockerfile, and enable file downloading
- remove some dependencies to simplify maintenance (inquirer, etc.)
Closes #1081
255kb added a commit that referenced this issue Jul 21, 2023
@255kb
CLI refactoring (#1090)
263716e 
- remove PM2 dependency
- remove list and stop commands, remove `--pname` flag
- make foreground the default and remove the `--daemon-flag`
- simplify the dockerize command to only generates a Dockerfile, and enable file downloading
- remove some dependencies to simplify maintenance (inquirer, etc.)
Closes #1081
@255kb 255kb closed this as completed Jul 21, 2023
255kb added a commit that referenced this issue Jul 24, 2023
@255kb @ajatkj @n1ce1041
Release/next (#1093)
298acdc 
* Logs standardization (#1064)

- add log transaction option to serverless and desktop
- extract server logging to commons-server
- standardize how server is logging its events
- use same logger (winston) for all the applications
- redact authorization headers when logging to file
Closes #978
Closes #688
Closes #1063

* Add context menu entry to move an environment file (#1065)

Closes #1062

* Review desktop messages and logging after #1063

* Fix documentation generator

* Enable OpenAPI `example` export (#1067)

fixes OpenAPI export crashing with CRUD routes
Closes #352
Closes #1066

* Make `data` helpers compatible with safestring (#1071)

Closes #1069

* Remove reload view and rewrite change detection

use custom rxjs operator that listen to the object changed and some reducer actions that always force the refresh
Also disable template generation on pressing enter if quota reached

* Switch lerna version to fixed

* Add stringify option to oneof helper

* Allow search of hidden routes in the desktop app (#1083)

Automatically uncollapse parent folders of selected route after a search
Closes #960

* Fix for faker methods with numbers in their names (#1084)

* Enable watch mode for libraries

Closes #1076

* Added crudkey property, updated environment and databucket actions (#1082)

* Added crudkey property, updated environment and databucket actions

* Updated crudKey to be a property of RouteResponse
Closes #1041

* Fix package lock and crudKey tooltip wording

* Move crudKey field next to CRUD data bucket selector in desktop app

* CLI refactoring (#1090)

- remove PM2 dependency
- remove list and stop commands, remove `--pname` flag
- make foreground the default and remove the `--daemon-flag`
- simplify the dockerize command to only generates a Dockerfile, and enable file downloading
- remove some dependencies to simplify maintenance (inquirer, etc.)
Closes #1081

* Update repository images

* Update CLI documentation headers and links

* Enable truncation for log menu entries in desktop app

Closes #1085

* Update dependencies

* New prettier format

---------

Co-authored-by: ajatkj <ajatkj@yahoo.co.in>
Co-authored-by: n1ce1041 <70496526+n1ce1041@users.noreply.github.com>
255kb added a commit to mockoon/mockoon.com that referenced this issue Jul 24, 2023
@255kb
Release 4.0.0
af48c4c 
- Add new changelog
- Update docs screenshots
- Update plans wording
- Update CRUD docs and tutorial for id property customization
- Update CLI screenshots docs and tutorials for mockoon/mockoon#1081
- Update repo images and CLI illustrations for new logs format
@255kb
Copy link
Member

255kb commented Jul 24, 2023

📦 This is now available with release v4.0.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@255kb 255kb

Labels
feature New feature request
Projects
Mockoon's public roadmap
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@255kb @martin-bucinskas