[mercury] The Mercury implementation is divided into the @genexus/mercury-build and @genexus/mercury-cli packages. Additionally, the @genexus/vite-plugin-mercury package has been added to facilitate configuration in Vite-based environments
#646
Conversation
This will help us to avoid issues when the Mercury dependency is duplicated. Also, this help us to set this mapping inline in the HTML.
This plugin replaces the need for using the CLI in Vite environments.
Also, inline the base/base bundle by default and preload the base/icons bundle by default.
Also, fix default values for mercuryOptions
ncamera
added
feature
…li and vite-mercury-plugin packages Now, @genexus/mercury only contains the core of Mercury, and we have packages for bulding Mercury, using it through out a CLI, and a plugin to work with Vite. Breaking changes: - The default path for the fonts is now "/assets/fonts/" instead of "./assets/fonts/" - The default path for the icons is now "/assets/icons/" instead of "./assets/icons/"
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
packages/mercury-build/src/build/internal/transpile-bundle-and-create-mappings.ts
Fixed
Show fixed
Hide fixed
packages/mercury-build/src/build/internal/transpile-bundle-and-create-mappings.ts
Fixed
Show fixed
Hide fixed
We are no longer splitting the scss build with the assets copy, so we can centralize the Mercury build process
ncamera
changed the title
[mercury] Add the viteMercury plugin for Vite environments[mercury] The Mercury implementation is divided into the @genexus/mercury-build and @genexus/mercury-cli packages. Additionally, the @genexus/vite-plugin-mercury package has been added to facilitate configuration in Vite-based environments
…/mercury/" folder
| needs: check-version | ||
| if: needs.check-version.outputs.mercury-build-changed == 'true' | ||
| uses: ./.github/workflows/install-and-deploy.yml | ||
| with: | ||
| node-version: "22.x" | ||
| cache: false | ||
| common-tests: false | ||
| publish: true | ||
| package: "packages/mercury-build" | ||
| secrets: inherit | ||
|
|
||
| publish-mercury-cli: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 10 days ago
To address the issue, you should add a permissions block specifying the minimal required privileges for the workflow. The best practice is to add this block at the root of the workflow file, so that all jobs inherit it unless they explicitly override it. If your jobs only need to read source files and pull packages, contents: read is usually safe and minimal. If jobs need to publish to npm/GitHub Packages, consider adding packages: write. For workflows that only need to check versions and publish, the most conservative permissions would be contents: read, but if you know that publishing jobs require write access to packages or contents, you can increase the permission for just those jobs as needed.
In this case, adding the following at the top level (just below name: but above on:), is the best fix:
permissions:
contents: readIf you know that jobs which do publishing need to write to the packages, you may additionally grant packages: write – but since you can only change what you see, and the minimal fix is to add a contents: read block at the workflow level.
File/Region to change:
- Edit
.github/workflows/npmpublish.yml - Add the following after line 1 (
name: Node.js Package), beforeon:
| @@ -1,7 +1,8 @@ | ||
| name: Node.js Package | ||
| permissions: | ||
| contents: read | ||
|
|
||
| on: | ||
| push: | ||
| tags: | ||
| - "v*" # Push events to matching v*, i.e. v1.0, v20.15.10 | ||
|
|
| if: needs.check-version.outputs.vite-plugin-mercury-changed == 'true' | ||
| uses: ./.github/workflows/install-and-deploy.yml | ||
| with: | ||
| node-version: "22.x" | ||
| cache: false | ||
| common-tests: false | ||
| publish: true | ||
| package: "packages/mercury-plugins/vite-plugin-mercury" | ||
| secrets: inherit | ||
|
|
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 10 days ago
To fix this, add an explicit permissions: block at the top-level of the workflow file, setting sensible defaults such as contents: read. This restricts the default permissions for all jobs to read-only, unless a job or workflow requires more. If specific jobs need different permissions, a permissions: block can be added at the job level, overriding the global setting. Since the install-and-deploy workflow is called using uses:, we should ensure those jobs get enough permission (most npm publish workflows only require contents: read to read code, but if you are creating GitHub releases you might need packages: write, contents: write, etc.), but from the content provided, adding a top-level block for least privilege is sufficient.
Add the following block just below name: Node.js Package, e.g. before or after on:, but the official GH docs recommend after name and before on::
permissions:
contents: readIf, later, you determine that more permissions are needed per job, you can override at the job level, but for now this is minimal and sufficient.
| @@ -1,4 +1,6 @@ | ||
| name: Node.js Package | ||
| permissions: | ||
| contents: read | ||
|
|
||
| on: | ||
| push: |
Changes we propose in this PR
The CLI implementation for mercury has been moved to the
@genexus/mercury-clipackage (which uses the@genexus/mercury-buildunder the hood).The
@genexus/mercurypackage now only contains the core implementation for Mercury (CSS, fonts, icons, and some JavaScript).Now, when running the
mercurycommand of the CLI, the icons and fonts are generated under thenode_modules/.genexus/mercury/assets/folder. In other words, themercurycommand generated the following content:node_modules/.genexus/mercury/assets/css--> contains the CSS bundles to use in the dev server and dist build.node_modules/.genexus/mercury/assets/fonts--> contains the fonts to use in the dev server and dist build.node_modules/.genexus/mercury/assets/icons--> contains the icons to use in the dev server and dist build.Tip
This change helps monorepo user experience fewer conflicts when multiple packages use different versions of Mercury, because now the Mercury assets will always be in the same folder (
node_modules/.genexus/mercury/assets) and will be relative to the package that executes themercurybinary, regardless of the Mercury versions used in the monorepo.Added the
@genexus/vite-plugin-mercurypackage to facilitate configuration in Vite-based environments. This package contains a Vite plugin which:Removes the need to copy the Mercury assets for the dev server and dist build. You can safely delete all copy tasks for the Mercury assets.
// vite.config.ts import { defineConfig } from "vite"; import { mercury } from "@genexus/vite-plugin-mercury"; // https://vite.dev/config/ export default defineConfig({ plugins: [ - viteStaticCopy({ - targets: [ - { - src: "{{ CSS outDir path }}", - dest: "{{ CSS bundles final path }}" - }, - { - src: "<path to node_modules>/@genexus/mercury/dist/assets/fonts", - dest: "{{ Fonts final path }}" - }, - { - src: "<path to node_modules>/@genexus/mercury/dist/assets/icons", - dest: "{{ Icons final path }}" - } - ] - }) + mercury({ + // (Optional) + assetsPaths: { + // Path where the CSS files of Mercury are located in the distribution build. + cssPath: "{{ CSS bundles final path }}", // Defaults to "/assets/css/" + + // Path where the font files of Mercury are located in the distribution build. + fontsPath: "{{ Fonts final path }}", // Defaults to "/assets/fonts/" + + // Path where the icon files of Mercury are located in the distribution build. + iconsPath: "{{ Icons final path }}" // Defaults to "/assets/icons/" + }, + + // More options... + }) ] });The
base/base.cssbundle in now automatically inlined in the index.html, so you don't need to load it.The bundle hashes are now automatically applied in the index.html, so you can safely remove the following:
The installation guide for Angular, NextJS, React, and StencilJS has been simplified.
Now, the CLI is no longer included when installing
@genexus/mercury. You must install the@genexus/mercury-clipackage to use the Mercury CLI.The CLI's
outDirflag has been removed. Now, the generated CSS bundles will always be located in thenode_modules/.genexus/mercury/assets/cssfolder (thisnode_modulesis always generated in the same directory where themercurybinary is executed).Changed the following default paths when using the Mercury CLI:
"./assets/fonts/""/assets/fonts/""./assets/icons/""/assets/icons/"Removed the alternative way ("Using already generated CSS bundles") of using the CSS from the docs, as this unwanted feature limited the possibilities of the build process and the CLI.
The
bundle-to-hash-mappings.tsfile is now located in the./node_modules/.genexus/mercury/bundle-to-hash-mappings.tspath.