Adopt the standard that DANGER_ADMIN must equal '1' exactly, so DANGER_ADMIN==='1' is the only wayt to use it.

client/App.svelte

@@ -7,7 +7,7 @@
 
 <Router {routes}/>
 
-{#if process.env.DANGER_ADMIN}
+{#if process.env.DANGER_ADMIN === "1"}
   <Reloader />
   <Bandolier shown={ false }/>
 {/if}

commands/api.js

@@ -94,7 +94,7 @@ const shutdown = async () => {
 export const main = async (opts) => {
   const auth = await import("../lib/auth.js");
 
-  if(opts.DANGER_ADMIN) {
+  if(opts.DANGER_ADMIN === "1") {
     const { media_servers } = await import("../lib/config.js");
     app.use(cors({origin: media_servers}));
 
@@ -150,13 +150,13 @@ export const main = async (opts) => {
       domain: auth.cookie_domain,
       httpOnly: false,
       sameSite: "strict",
-      secure: !opts.DANGER_ADMIN,
+      secure: opts.DANGER_ADMIN !== "1",
     },
     saveUninitialized: false,
     store: auth.sessionStore,
     resave: false,
     secret: auth.cookie_secret,
-    proxy: !opts.DANGER_ADMIN
+    proxy: opts.DANGER_ADMIN !== "1"
   }
 
   const session_handler = session(session_config);
@@ -218,7 +218,7 @@ export const main = async (opts) => {
   app.use(express.static('public'));
   app.use("/media", express.static('media'));
 
-  if(opts.DANGER_ADMIN) {
+  if(opts.DANGER_ADMIN === "1") {
     log.warn("!!!!!! Exposing client/bando/demos to the network because you set DANGER_ADMIN.");
     app.use("/bando/demos/", express.static("admin/bando/demos"));
   }
@@ -253,7 +253,7 @@ export const main = async (opts) => {
         login: func.login === true
       };
 
-      if(opts.DANGER_ADMIN) {
+      if(opts.DANGER_ADMIN === "1") {
         if(devtools.api[route_path] == undefined) {
           // new thing so set up its data initially
           devtools.api[route_path] = { name: route_path, functions: [func_info] };
@@ -291,7 +291,7 @@ export const main = async (opts) => {
 
     socket_routes[target_name] = func
 
-    if(opts.DANGER_ADMIN) {
+    if(opts.DANGER_ADMIN === "1") {
       devtools.sockets[target_name] = {
         route_path, target_name, file_name, code: func.toString()
       }

commands/build.js

@@ -119,7 +119,7 @@ const devMode = () => ({
     const options = build.initialOptions;
     options.define = options.define || {};
     // esbuild 0.16 requires this to be a string, but changes it to code so this will be an actual boolean type in the code
-    options.define['process.env.DANGER_ADMIN'] = options.minify ? "false" : "true";
+    options.define['process.env.DANGER_ADMIN'] = options.minify ? "0" : "1";
   }
 })
 

lib/email.js

@@ -35,7 +35,7 @@ let configuration = {};
   you'll have to hack `configure_transporter`.
  */
 const configure_transporter = async () => {
-  if(process.env.DANGER_ADMIN || process.env.DEBUG) {
+  if(process.env.DANGER_ADMIN === "1" || process.env.DEBUG) {
     configuration = {
       streamTransport: true,
       debug: true,

socket/reloader.js

@@ -1,5 +1,5 @@
 export const notify = async (io, socket) => {
-  if(process.env.DANGER_ADMIN) {
+  if(process.env.DANGER_ADMIN === "1") {
     io.emit("/reloader/update", {});
   } else {
     socket.disconnect();

tests/ui/demos.js

@@ -53,7 +53,7 @@ test('can load each component', async (t) => {
   const {p} = t.context;
 
   // we can really only run these tests if this is set
-  if(process.env.DANGER_ADMIN) {
+  if(process.env.DANGER_ADMIN === "1") {
     try {
       const user = await login(t, p);