This is a Glide JS Code Sandbox environment. Follow these instructions when writing code in this repository.
THIS IS THE MOST IMPORTANT RULE. VIOLATING THIS RULE IS UNACCEPTABLE.
- NEVER write API keys, tokens, passwords, or any secrets directly in
code.js - NEVER write secrets as string literals in your code
- ALWAYS use environment variables via
process.envfor ALL secrets - ALWAYS create/update
.env.exampleto document required environment variables
❌ ABSOLUTELY FORBIDDEN - YOU MUST NEVER DO THIS:
// DANGER! NEVER write secrets like this!
const apiKey = 'sk-1234567890abcdef'; // ❌ NEVER!
const password = 'mySecretPassword'; // ❌ NEVER!
const token = 'ghp_xxxxxxxxxxxxxxxxxxxx'; // ❌ NEVER!
const secret = input.apiKey || 'default-key'; // ❌ NEVER!✅ REQUIRED - YOU MUST ALWAYS DO THIS:
// Correct! Always use process.env for secrets
const apiKey = process.env.API_KEY; // ✅ ALWAYS!
const password = process.env.PASSWORD; // ✅ ALWAYS!
const token = process.env.GITHUB_TOKEN; // ✅ ALWAYS!
// Always validate that required secrets exist
if (!apiKey) {
return { error: 'API_KEY environment variable is required' };
}When a user requests functionality requiring secrets:
- Use
process.env.VARIABLE_NAMEin your code - Document the required variable in
.env.example - NEVER ask the user for the secret value in code
- NEVER hardcode any default or fallback secret values
This is a SECURITY requirement. Code with hardcoded secrets is REJECTED.
- Edit ONLY
code.jsto implement your logic - The file MUST export a function named
run - The function can be
asyncor synchronous - The function takes exactly ONE parameter: a JSON object
- The function MUST return a JSON-serializable object
- All code logic must be in
code.js- no other code files can be imported
You can ONLY import these packages:
lodash- Full lodash utility librarydate-fns- Date manipulation and formattingms- Convert time strings to milliseconds (e.g., "2 days" -> 172800000)uuid- Generate UUIDsfast-deep-equal- Deep equality comparison
Import syntax:
import _ from 'lodash';
import { format, addDays } from 'date-fns';
import ms from 'ms';
import { v4 as uuidv4 } from 'uuid';
import equal from 'fast-deep-equal';- NO HARDCODED SECRETS - EVER! Use
process.envfor ALL secrets! - NO other npm packages can be added or used
- NO other local files can be imported
- NO file system operations
- Input and output must be JSON-serializable (no functions, undefined, symbols, etc.)
Use this command to test your implementation:
npm start -- '{ "your": "input" }'The JSON input must be properly quoted and escaped for the shell.
npm testAdd tests to code.test.js using Node's built-in test runner:
import { test, describe } from 'node:test';
import assert from 'node:assert';
import { run } from './code.js';
describe('feature name', () => {
test('should do something', async () => {
const result = await run({ input: 'value' });
assert.strictEqual(result.expected, 'value');
});
});assert.strictEqual(actual, expected)- Strict equality (===)assert.deepStrictEqual(actual, expected)- Deep equalityassert.ok(value)- Truthy checkassert.notStrictEqual(actual, expected)- Not equalassert.throws(() => code)- Expect error
- Understand the requirements - Read what the user wants the function to do
- Plan the implementation - Think about which packages to use
- Write the code - Edit
code.jswith therunfunction - Write tests - Add tests to
code.test.js - Run tests - Execute
npm testto verify - Test with real input - Use
npm startwith example JSON - Iterate - Fix any issues and re-test
import _ from 'lodash';
import { format } from 'date-fns';
import { v4 as uuidv4 } from 'uuid';
export async function run(input) {
// Process input
const processed = _.mapValues(input, (value) => {
if (typeof value === 'string') {
return _.upperCase(value);
}
return value;
});
// Return JSON output
return {
id: uuidv4(),
timestamp: format(new Date(), 'yyyy-MM-dd HH:mm:ss'),
originalInput: input,
processedData: processed
};
}import { format, addDays, subDays, differenceInDays } from 'date-fns';
const now = new Date();
const future = addDays(now, 7);
const formatted = format(future, 'yyyy-MM-dd');import _ from 'lodash';
const grouped = _.groupBy(items, 'category');
const unique = _.uniq(array);
const sorted = _.sortBy(items, ['date', 'name']);import { v4 as uuidv4 } from 'uuid';
const id = uuidv4(); // '9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d'import ms from 'ms';
const milliseconds = ms('2 days'); // 172800000
const str = ms(60000); // "1m"import equal from 'fast-deep-equal';
if (equal(obj1, obj2)) {
// Objects are deeply equal
}🔒 MANDATORY: ALL secrets MUST use environment variables - NO EXCEPTIONS! 🔒
NEVER write secrets in code. ALWAYS use process.env:
export async function run(input) {
// ✅ CORRECT: Access environment variables for ALL secrets
const apiKey = process.env.API_KEY;
const dbUrl = process.env.DATABASE_URL;
// ✅ CORRECT: Always validate that required secrets exist
if (!apiKey) {
return { error: 'API_KEY environment variable is required' };
}
// Use the secrets in your logic
return {
authenticated: true,
// ... your logic here
};
}❌ NEVER DO THIS:
// WRONG! NEVER hardcode secrets!
const apiKey = 'sk-abc123'; // ❌ FORBIDDEN!
const apiKey = input.secret || 'default'; // ❌ FORBIDDEN!Setting up environment variables:
- Create/update
.env.exampleto document which variables are needed (NO actual values!) - User creates a
.envfile in the project root - User adds their secrets (e.g.,
API_KEY=their_actual_key_here) - Access them in code ONLY via
process.env.VARIABLE_NAME
CRITICAL RULES:
.envfile is in.gitignore- secrets are NEVER committed- Environment variables are automatically loaded via
dotenv - When users ask for functionality requiring API keys, you MUST use environment variables
- ALWAYS create/update
.env.exampleto document required variables - NEVER EVER write actual secret values in code files
Use console.log() in your code - output will appear when running:
npm start -- '{ "debug": true }'When your code throws an exception, Glide will automatically retry the operation.
This means you should simply throw exceptions when something goes wrong, and let Glide handle the retry logic.
export async function run(input) {
const response = await fetch(`https://api.example.com/data`);
// Simply throw an exception if something goes wrong
if (!response.ok) {
throw new Error(`API request failed: ${response.status} ${response.statusText}`);
}
const data = await response.json();
return { success: true, data };
}- Throw exceptions to signal errors
- DO NOT implement retry logic - Glide handles retries automatically
- DO NOT catch and suppress errors unless you have a specific reason
- The dev environment will catch exceptions and display them clearly
Always run both commands to ensure everything works:
npm test && npm start -- '{ "test": "input" }'- 🚨 NEVER HARDCODE SECRETS! ALWAYS use
process.envfor API keys, tokens, passwords! - 🚨 Update
.env.examplewhen your code needs new environment variables
- ✅ Export a function named
runfromcode.js - ✅ Take one JSON object parameter
- ✅ Return a JSON-serializable object
- ✅ Only use allowed packages
- ✅ Write tests in
code.test.js - ✅ Use
process.envfor ALL secrets and sensitive data
- ❌ NEVER write secrets as string literals in code
- ❌ Don't modify
runner.jsorpackage.json - ❌ Don't import other local files
- ❌ Don't add new packages
- ❌ Don't use the file system