fix(docs): Remove environmental configuration and add user configuration prompts

[chenxi-20]

PR

PR Checklist

Please check if your PR fulfills the following requirements:

• The commit message follows our Commit Message Guidelines
• Tests for the changes have been added (for bug fixes / features)
• Docs have been added / updated (for bug fixes / features)

PR Type

What kind of change does this PR introduce?

• Bugfix
• Feature
• Code style update (formatting, local variables)
• Refactoring (no functional changes, no api changes)
• Build related changes
• CI related changes
• Documentation content changes
• Other... Please describe:

What is the current behavior?

Issue Number: N/A

What is the new behavior?

Does this PR introduce a breaking change?

• Yes
• No

Other information

Summary by CodeRabbit

• New Features

  • Introduced a warning modal that alerts users when configuration settings may be outdated, including a countdown-enabled confirmation button and an option to dismiss future alerts.

• Refactor

  • Streamlined the configuration by removing legacy environment variable definitions for a simpler setup.

• Style

  • Enhanced styling within the modal to better highlight key information.

[coderabbitai]

Walkthrough

The changes involve the removal of the define property from the Vite configuration in multiple documentation files, which previously injected process.env into the configuration. This simplifies the configuration by retaining only the Vue plugin. Additionally, a modification to the tiny-modal component in the documentation introduces a countdown feature and updates the button text for clarity.

Changes

File(s)	Change Summary
examples/sites/demos/.../develop-demo-en.md examples/sites/demos/.../develop-demo.md examples/sites/demos/.../installation-en.md examples/sites/demos/.../installation.md	Removed the define property from the Vite configuration, eliminating the injection of environment variables while retaining the Vue plugin.
examples/sites/.../docs/docs.vue	Introduced a new tiny-modal component with a countdown feature, updated button text for clarity, and added styling for the modal.

Possibly related PRs

• docs: 删除smb配置以及相关依赖 #2332: The changes in both this PR and the main PR involve the removal of the define property related to environment variables in the vite.config.js file, indicating a direct connection at the code level.
• feat(site): optimize the performance of the official website, use lazy loading for document examples #2713: Both this PR and the main PR involve modifications to the vite.config.js file, specifically the removal of the define property related to process.env, indicating a direct connection at the code level.
• docs(sites): update official website documentation and readme #2895: The changes in this PR and the main PR both involve modifications to the vite.config.js file regarding the handling of the process.env variable, indicating a direct relationship at the code level.

Suggested labels

documentation

Suggested reviewers

• zzcr

Poem

I'm a coding rabbit on a merry roam,
Hopping through config files to make them feel like home.
I trimmed away the clutter with a clever, swift hop,
Added a modal song—now the warnings won't stop!
With a countdown beat and a playful hop,
I celebrate clean code, never willing to stop. 🐇

Warning

There were issues while running some tools. Please review the errors and either fix the tool’s configuration or disable the tool if it’s a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

 ERR_PNPM_OPTIONAL_DEPS_REQUIRE_PROD_DEPS  Optional dependencies cannot be installed without production dependencies

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b75041e and 8773867.

📒 Files selected for processing (1)

• examples/sites/src/views/docs/docs.vue (3 hunks)

🔇 Additional comments (4)

examples/sites/src/views/docs/docs.vue (4)

3-21: Informative modal content – looks good!

These changes effectively guide users away from bundling environment variables, preventing potential security risks. The warning and countdown mechanism are clear, providing sufficient time for users to read before confirmation.

---

42-52: Revisit missing timer cleanup to prevent memory leaks.

Currently, there is no cleanup (e.g., in onBeforeUnmount) for the interval timer if the component is unmounted before the countdown completes. This could cause memory leaks or errors later.

Below is the same fix suggested in a past review; please verify if it needs to be reintroduced:

+import { ref, nextTick, watch, onMounted, onBeforeUnmount, shallowRef } from 'vue'

if (showModal.value) {
  timer = setInterval(() => {
    ...
  }, 1000)
}

+onBeforeUnmount(() => {
+  if (timer) {
+    clearInterval(timer)
+    timer = null
+  }
+})

---

55-55: Avoid storing sensitive data in localStorage.

This line stores user preferences in localStorage. Ensure that only non-sensitive information is stored into localStorage to mitigate security concerns around potential exposure.

---

99-101: LGTM for highlighting keywords.

Styling keywords in a distinct color draws attention effectively. This addition meets readability needs without introducing any conflicts.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[petercat-assistant]

Walkthrough

This pull request updates the documentation by removing the environmental configuration from vite.config.js and adding user configuration prompts. It introduces a modal in the documentation to inform users about the changes and potential security risks of the previous configuration.

Changes

Files	Summary
examples/sites/demos/pc/webdoc/develop-demo-en.md, examples/sites/demos/pc/webdoc/develop-demo.md	Removed the define: { 'process.env': { ...process.env } } configuration from vite.config.js.
examples/sites/src/views/docs/docs.vue	Added a modal to inform users about the removal of the process.env configuration and its security implications.

[github-actions]

[e2e-test-warn]
The component to be tested is missing.

The title of the Pull request should look like "fix(vue-renderless): [action-menu, alert] fix xxx bug".

Please make sure you've read our contributing guide

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between cd774f0 and 41cd177.

📒 Files selected for processing (3)

• examples/sites/demos/pc/webdoc/develop-demo-en.md (1 hunks)
• examples/sites/demos/pc/webdoc/develop-demo.md (1 hunks)
• examples/sites/src/views/docs/docs.vue (3 hunks)

🔇 Additional comments (5)

examples/sites/demos/pc/webdoc/develop-demo.md (1)

51-52: Security improvement in Vite configuration

The removal of the define: { 'process.env': { ...process.env } } configuration is a positive security change. This prevents environment variables from being exposed in client-side code, which could potentially leak sensitive information.

examples/sites/demos/pc/webdoc/develop-demo-en.md (1)

51-52: Security improvement in Vite configuration

The removal of the environment variables configuration from the English documentation matches the change in the Chinese version, ensuring consistency across documentation while enhancing security.

examples/sites/src/views/docs/docs.vue (3)

3-21: Well-implemented user notification modal

The modal clearly explains the security risks of the old configuration and provides actionable solutions (upgrading to version 3.13.0+ or modifying the configuration). The UI is user-friendly with appropriate controls.

---

33-33: Appropriate component imports

The imports for TinyModal and TinyButton components are correctly added from the @opentiny/vue library.

---

95-97: Appropriate styling for modal keywords

The styling for keywords in the modal enhances readability and helps users identify important information.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

examples/sites/src/views/docs/docs.vue (2)

3-21: Consider internationalization for modal content.

The modal content is currently only in Chinese, which may not be accessible to all users of the library. Since this is providing important security information, consider supporting internationalization.

You could use your existing translation mechanism to support multiple languages:

<tiny-modal v-model="showModal" title="请注意" show-footer>
  <div class="modal-body">
-    TinyVue 从 <span class="modal-body-keyword">3.13.0</span> 开始不需要在
-    <span class="modal-body-keyword">vite.config.js</span> 文件中配置
-    <span class="modal-body-keyword">define: { 'process.env': { ...process.env } }</span>
-    这段代码，这段代码会导致环境变量被打包到构建产物中，引起信息安全风险，请业务尽快升级到
-    <span class="modal-body-keyword">3.13.0</span> 或以上版本！如果不升级版本可以改成：<span
-      class="modal-body-keyword"
-      >define: { 'process.env': { }}</span
-    >
-    同样也可以解决此问题！感谢您对 TinyVue 支持！
+    {{ $t('securityNotice.message', {
+      version: '3.13.0',
+      configFile: 'vite.config.js',
+      configCode: 'define: { \'process.env\': { ...process.env } }',
+      alternativeCode: 'define: { \'process.env\': { } }'
+    }) }}
  </div>
  <template #footer>
    <tiny-button type="primary" :disabled="disabled" @click="handleConfirm">{{
-      disabled ? `${time}S后可关闭此提示` : '确认将不再弹出此提示'
+      disabled ? $t('securityNotice.countdown', { time }) : $t('securityNotice.confirm')
    }}</tiny-button>
-    <tiny-button @click="handleCancel">取消</tiny-button>
+    <tiny-button @click="handleCancel">{{ $t('securityNotice.cancel') }}</tiny-button>
  </template>
</tiny-modal>

---

38-38: Add error handling for localStorage operations.

The code assumes localStorage is always available and accessible, but there are scenarios where it might be disabled or throw exceptions (private browsing mode, storage quotas, etc.).

Consider adding try/catch blocks:

-const tipFlag = localStorage.getItem('tiny-vue-env-tip')
+let tipFlag = null;
+try {
+  tipFlag = localStorage.getItem('tiny-vue-env-tip')
+} catch (e) {
+  console.warn('Unable to access localStorage:', e)
+}

// Later in handleConfirm
const handleConfirm = () => {
  showModal.value = false
-  localStorage.setItem('tiny-vue-env-tip', 'never')
+  try {
+    localStorage.setItem('tiny-vue-env-tip', 'never')
+  } catch (e) {
+    console.warn('Unable to save preference to localStorage:', e)
+  }
}

Also applies to: 55-55

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 41cd177 and d340d94.

📒 Files selected for processing (3)

• examples/sites/demos/pc/webdoc/develop-demo-en.md (1 hunks)
• examples/sites/demos/pc/webdoc/develop-demo.md (1 hunks)
• examples/sites/src/views/docs/docs.vue (3 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• examples/sites/demos/pc/webdoc/develop-demo.md
• examples/sites/demos/pc/webdoc/develop-demo-en.md

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: PR Unit Test

🔇 Additional comments (1)

examples/sites/src/views/docs/docs.vue (1)

42-52: Timer needs cleanup to prevent memory leaks.

The timer is initialized when showModal is true, but there's no cleanup mechanism if the component is unmounted before the timer completes, which could lead to memory leaks.

Consider using onBeforeUnmount to clean up the timer:

 import { ref, nextTick, watch, onMounted, shallowRef } from 'vue'
+import { ref, nextTick, watch, onMounted, onBeforeUnmount, shallowRef } from 'vue'

 const tipFlag = localStorage.getItem('tiny-vue-env-tip')
 const showModal = ref(tipFlag !== 'never')
 const disabled = ref(true)
 let time = ref(5)
+let timer = null
 if (showModal.value) {
-  let timer = setInterval(() => {
+  timer = setInterval(() => {
     if (time.value > 0) {
       time.value = time.value - 1
     } else {
       disabled.value = false
       clearInterval(timer)
       timer = null
     }
   }, 1000)
 }
+
+onBeforeUnmount(() => {
+  if (timer) {
+    clearInterval(timer)
+    timer = null
+  }
+})

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (1)

examples/sites/src/views/docs/docs.vue (1)

43-52: 🛠️ Refactor suggestion

Missing timer cleanup on component unmount

The timer is created when showModal is true, but there's no cleanup mechanism if the component is unmounted before the timer completes, which could lead to memory leaks.

Consider adding cleanup in an onBeforeUnmount hook:

-import { ref, nextTick, watch, onMounted, shallowRef } from 'vue'
+import { ref, nextTick, watch, onMounted, onBeforeUnmount, shallowRef } from 'vue'

 const tipFlag = localStorage.getItem('tiny-vue-env-tip')
 const showModal = ref(tipFlag !== 'never')
 const disabled = ref(true)
 let time = ref(5)
+let timer = null
 if (showModal.value) {
-  let timer = setInterval(() => {
+  timer = setInterval(() => {
     if (time.value > 0) {
       time.value = time.value - 1
     } else {
       disabled.value = false
       clearInterval(timer)
       timer = null
     }
   }, 1000)
 }
+
+onBeforeUnmount(() => {
+  if (timer) {
+    clearInterval(timer)
+    timer = null
+  }
+})

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d340d94 and 71955bb.

📒 Files selected for processing (5)

• examples/sites/demos/pc/webdoc/develop-demo-en.md (1 hunks)
• examples/sites/demos/pc/webdoc/develop-demo.md (1 hunks)
• examples/sites/demos/pc/webdoc/installation-en.md (1 hunks)
• examples/sites/demos/pc/webdoc/installation.md (1 hunks)
• examples/sites/src/views/docs/docs.vue (3 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• examples/sites/demos/pc/webdoc/develop-demo-en.md
• examples/sites/demos/pc/webdoc/develop-demo.md

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: PR Unit Test

🔇 Additional comments (3)

examples/sites/src/views/docs/docs.vue (3)

3-21: Modal implementation looks good

The modal effectively warns users about the security risks of including environment variables in their builds and provides clear instructions on how to update their configuration.

---

38-56: Storing user preferences in localStorage

Storing user preferences in localStorage can be a security risk if sensitive information is stored. Ensure that the information stored is not sensitive and consider using more secure storage methods if necessary.

---

99-101: CSS styling for keywords looks good

The styling for the modal keywords effectively highlights important information.

[coderabbitai]

⚠️ Potential issue

The Vite configuration has been simplified, but without updating the documentation

The code example has been simplified to remove the define property, but the tip in line 50 still references configuring TINY_MODE in process.env, which is no longer shown in the example. This creates a disconnect between the instructions and the provided code example.

Consider updating the tip to explain how to set environment variables with the new simplified configuration or add the proper configuration example:

  plugins: [vue()]
+ // If you need to set environment variables:
+ define: {
+   'process.env': {
+     TINY_MODE: 'pc'
+   }
+ }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	plugins: [vue()]
	plugins: [vue()]
	// If you need to set environment variables:
	define: {
	'process.env': {
	TINY_MODE: 'pc'
	}
	}