@aiready/deps 0.11.17 → 0.11.21

package/src/__tests__/analyzer.test.ts

@@ -8,48 +8,104 @@ describe('Deps Health Analyzer', () => {
   let tmpDir: string;
 
   beforeAll(() => {
-    tmpDir = join(tmpdir(), `deps-test-${Date.now()}`);
+    tmpDir = join(tmpdir(), `deps-test-complex-${Date.now()}`);
     mkdirSync(tmpDir, { recursive: true });
 
-    const packageJsonPath = join(tmpDir, 'package.json');
+    // NPM
     writeFileSync(
-      packageJsonPath,
+      join(tmpDir, 'package.json'),
       JSON.stringify({
-        dependencies: {
-          request: '^2.88.2',
-          moment: '~2.29.4',
-          lodash: '^0.4.0',
-          react: '^19.0.0',
-          next: '15.0.0-rc',
-        },
-        devDependencies: {
-          typescript: '5.6.3',
-        },
+        dependencies: { lodash: '^0.4.0', request: '^2.88.2' },
       })
     );
+
+    // Python requirements.txt
+    writeFileSync(
+      join(tmpDir, 'requirements.txt'),
+      'requests==2.31.0\nurllib3>=1.26.15\n# Comment\nflask'
+    );
+
+    // Maven pom.xml
+    writeFileSync(
+      join(tmpDir, 'pom.xml'),
+      `
+      <project>
+        <dependencies>
+          <dependency>
+            <artifactId>log4j</artifactId>
+          </dependency>
+          <dependency>
+            <artifactId>junit</artifactId>
+          </dependency>
+        </dependencies>
+      </project>
+      `
+    );
+
+    // Go go.mod
+    writeFileSync(
+      join(tmpDir, 'go.mod'),
+      `
+      module example.com/m
+      go 1.21
+      require github.com/gorilla/mux v1.8.1
+      require (
+        github.com/spf13/cobra v1.8.0
+        github.com/stretchr/testify v1.8.4
+      )
+      `
+    );
+
+    // .NET csproj
+    writeFileSync(
+      join(tmpDir, 'app.csproj'),
+      `
+      <Project Sdk="Microsoft.NET.Sdk">
+        <ItemGroup>
+          <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
+          <PackageReference Include="Microsoft.Extensions.Logging" Version="8.0.0" />
+        </ItemGroup>
+      </Project>
+      `
+    );
+
+    // Subdirectory with exclusions
+    const subDir = join(tmpDir, 'vendor');
+    mkdirSync(subDir);
+    writeFileSync(
+      join(subDir, 'package.json'),
+      JSON.stringify({ dependencies: { 'should-be-ignored': '1.0.0' } })
+    );
   });
 
   afterAll(() => {
     rmSync(tmpDir, { recursive: true, force: true });
   });
 
-  it('detects outdated, deprecated, and skew signals', async () => {
+  it('detects dependencies across multiple ecosystems', async () => {
     const report = await analyzeDeps({
       rootDir: tmpDir,
-      trainingCutoffYear: 2023,
+      exclude: ['vendor'],
     });
 
-    expect(report.summary.packagesAnalyzed).toBe(6);
+    // 2 (npm) + 3 (python) + 2 (maven) + 3 (go) + 2 (dotnet) = 12
+    expect(report.summary.packagesAnalyzed).toBe(12);
+    expect(report.summary.filesAnalyzed).toBe(5); // Ignored vendor/package.json
 
-    // request, moment are known deprecated
-    expect(report.rawData.deprecatedPackages).toBe(2);
+    // Check for deprecated ones we added
+    // request (npm), log4j (maven), gorilla/mux (go), urllib3 (python)
+    expect(report.rawData.deprecatedPackages).toBeGreaterThanOrEqual(4);
+  });
 
-    // lodash is 0.x (pre-v1) -> flagged as outdated in our mock
-    expect(report.rawData.outdatedPackages).toBe(1);
+  it('handles empty or malformed manifests gracefully', async () => {
+    const emptyDir = join(tmpdir(), `deps-test-empty-${Date.now()}`);
+    mkdirSync(emptyDir);
+    writeFileSync(join(emptyDir, 'package.json'), 'invalid json');
+    writeFileSync(join(emptyDir, 'requirements.txt'), '');
 
-    // next 15, react 19, ts 5.6 -> skew signals
-    expect(report.rawData.trainingCutoffSkew).toBeGreaterThan(0);
+    const report = await analyzeDeps({ rootDir: emptyDir });
+    expect(report.summary.packagesAnalyzed).toBe(0);
 
-    expect(report.issues.length).toBeGreaterThan(0);
+    rmSync(emptyDir, { recursive: true, force: true });
   });
 });

package/src/__tests__/provider.test.ts

@@ -0,0 +1,45 @@
+import { describe, it, expect, vi } from 'vitest';
+import { DepsProvider } from '../provider';
+import * as analyzer from '../analyzer';
+
+vi.mock('../analyzer', () => ({
+  analyzeDeps: vi.fn(),
+}));
+
+describe('Dependency Health Provider', () => {
+  it('should analyze and return SpokeOutput', async () => {
+    vi.mocked(analyzer.analyzeDeps).mockResolvedValue({
+      summary: {
+        filesAnalyzed: 1,
+        packagesAnalyzed: 10,
+        score: 95,
+        rating: 'excellent',
+      },
+      issues: [],
+      rawData: {
+        totalPackages: 10,
+        outdatedPackages: 0,
+        deprecatedPackages: 0,
+        trainingCutoffSkew: 0,
+      },
+      recommendations: [],
+    });
+
+    const output = await DepsProvider.analyze({ rootDir: '.' });
+
+    expect(output.summary.filesAnalyzed).toBe(1);
+    expect(output.metadata.toolName).toBe('dependency-health');
+  });
+
+  it('should score an output', () => {
+    const mockOutput = {
+      summary: { score: 85, recommendations: ['Update things'] } as any,
+      metadata: { rawData: {} },
+      results: [],
+    };
+
+    const scoring = DepsProvider.score(mockOutput as any, { rootDir: '.' });
+    expect(scoring.score).toBe(85);
+    expect(scoring.recommendations[0].action).toBe('Update things');
+  });
+});

package/src/__tests__/scoring.test.ts

@@ -0,0 +1,47 @@
+import { describe, it, expect } from 'vitest';
+import { calculateDepsScore } from '../scoring';
+import { DepsReport } from '../types';
+import { ToolName } from '@aiready/core';
+
+describe('Dependency Health Scoring', () => {
+  const mockReport: DepsReport = {
+    summary: {
+      filesAnalyzed: 2,
+      packagesAnalyzed: 20,
+      score: 85,
+      rating: 'excellent',
+    },
+    issues: [],
+    rawData: {
+      totalPackages: 100,
+      outdatedPackages: 10,
+      deprecatedPackages: 2,
+      trainingCutoffSkew: 0.1,
+    },
+    recommendations: ['Replace 2 deprecated packages.'],
+  };
+
+  it('should map report to ToolScoringOutput correctly', () => {
+    const scoring = calculateDepsScore(mockReport);
+
+    expect(scoring.toolName).toBe(ToolName.DependencyHealth);
+    expect(scoring.score).toBe(85);
+    expect(scoring.factors.length).toBeGreaterThan(0);
+    expect(scoring.recommendations[0].action).toBe(
+      'Replace 2 deprecated packages.'
+    );
+  });
+
+  it('should set high priority for low scores', () => {
+    const lowScoreReport: DepsReport = {
+      ...mockReport,
+      summary: {
+        ...mockReport.summary,
+        score: 30,
+      },
+    };
+
+    const scoring = calculateDepsScore(lowScoreReport);
+    expect(scoring.recommendations[0].priority).toBe('high');
+  });
+});

package/src/index.ts

@@ -6,4 +6,5 @@ ToolRegistry.register(DepsProvider);
 
 export * from './types';
 export * from './analyzer';
+export * from './scoring';
 export { DepsProvider };

package/src/scoring.ts

@@ -0,0 +1,64 @@
+import { calculateDependencyHealth, ToolName } from '@aiready/core';
+import type { ToolScoringOutput } from '@aiready/core';
+import type { DepsReport } from './types';
+
+/**
+ * Convert dependency health report into a ToolScoringOutput.
+ */
+export function calculateDepsScore(report: DepsReport): ToolScoringOutput {
+  const { rawData, summary } = report;
+
+  // Recalculate using core math to get risk contribution breakdown
+  const riskResult = calculateDependencyHealth({
+    totalPackages: rawData.totalPackages,
+    outdatedPackages: rawData.outdatedPackages,
+    deprecatedPackages: rawData.deprecatedPackages,
+    trainingCutoffSkew: rawData.trainingCutoffSkew,
+  });
+
+  const factors: ToolScoringOutput['factors'] = [
+    {
+      name: 'Outdated Packages',
+      impact: -Math.min(
+        30,
+        (rawData.outdatedPackages / Math.max(1, rawData.totalPackages)) *
+          100 *
+          0.3
+      ),
+      description: `${rawData.outdatedPackages} outdated packages`,
+    },
+    {
+      name: 'Deprecated Packages',
+      impact: -Math.min(
+        40,
+        (rawData.deprecatedPackages / Math.max(1, rawData.totalPackages)) *
+          100 *
+          0.4
+      ),
+      description: `${rawData.deprecatedPackages} deprecated packages`,
+    },
+    {
+      name: 'Training Cutoff Skew',
+      impact: -Math.min(30, rawData.trainingCutoffSkew * 100 * 0.3),
+      description: `Training cutoff skew of ${rawData.trainingCutoffSkew.toFixed(1)} years`,
+    },
+  ];
+
+  const recommendations: ToolScoringOutput['recommendations'] =
+    riskResult.recommendations.map((rec) => ({
+      action: rec,
+      estimatedImpact: 6,
+      priority: summary.score < 50 ? 'high' : 'medium',
+    }));
+
+  return {
+    toolName: ToolName.DependencyHealth,
+    score: summary.score,
+    rawMetrics: {
+      ...rawData,
+      rating: summary.rating,
+    },
+    factors,
+    recommendations,
+  };
+}