npm - @aiready/deps - Versions diffs - 0.13.3 → 0.13.4 - Mend

@aiready/deps 0.13.3 → 0.13.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/.turbo/turbo-build.log CHANGED Viewed

@@ -1,6 +1,6 @@
-> @aiready/deps@0.13.3 build /Users/pengcao/projects/aiready/packages/deps
+> @aiready/deps@0.13.4 build /Users/pengcao/projects/aiready/packages/deps
 > tsup src/index.ts src/cli.ts --format cjs,esm --dts
 [34mCLI[39m Building entry: src/cli.ts, src/index.ts
@@ -9,15 +9,15 @@
 [34mCLI[39m Target: es2020
 [34mCJS[39m Build start
 [34mESM[39m Build start
+[32mCJS[39m [1mdist/cli.js   [22m[32m8.36 KB[39m
+[32mCJS[39m [1mdist/index.js [22m[32m8.86 KB[39m
+[32mCJS[39m ⚡️ Build success in 32ms
 [32mESM[39m [1mdist/cli.mjs            [22m[32m1.33 KB[39m
-[32mESM[39m [1mdist/chunk-Y2VRCEM4.mjs [22m[32m5.78 KB[39m
 [32mESM[39m [1mdist/index.mjs          [22m[32m2.46 KB[39m
-[32mESM[39m ⚡️ Build success in 171ms
-[32mCJS[39m [1mdist/index.js [22m[32m8.95 KB[39m
-[32mCJS[39m [1mdist/cli.js   [22m[32m8.44 KB[39m
-[32mCJS[39m ⚡️ Build success in 171ms
+[32mESM[39m [1mdist/chunk-QTMAUA24.mjs [22m[32m5.70 KB[39m
+[32mESM[39m ⚡️ Build success in 36ms
 DTS Build start
-DTS ⚡️ Build success in 3283ms
+DTS ⚡️ Build success in 3499ms
 DTS dist/cli.d.ts    108.00 B
 DTS dist/index.d.ts  1.18 KB
 DTS dist/cli.d.mts   108.00 B

package/.turbo/turbo-test.log CHANGED Viewed

@@ -1,18 +1,18 @@
-> @aiready/deps@0.13.2 test /Users/pengcao/projects/aiready/packages/deps
+> @aiready/deps@0.13.3 test /Users/pengcao/projects/aiready/packages/deps
 > vitest run
 [?25l
 [1m[46m RUN [49m[22m [36mv4.0.18 [39m[90m/Users/pengcao/projects/aiready/packages/deps[39m
- [32m✓[39m src/__tests__/provider.test.ts [2m([22m[2m2 tests[22m[2m)[22m[32m 18[2mms[22m[39m
- [32m✓[39m src/__tests__/analyzer.test.ts [2m([22m[2m2 tests[22m[2m)[22m[32m 15[2mms[22m[39m
- [32m✓[39m src/__tests__/scoring.test.ts [2m([22m[2m2 tests[22m[2m)[22m[32m 4[2mms[22m[39m
+ [32m✓[39m src/__tests__/scoring.test.ts [2m([22m[2m2 tests[22m[2m)[22m[32m 15[2mms[22m[39m
+ [32m✓[39m src/__tests__/provider.test.ts [2m([22m[2m2 tests[22m[2m)[22m[32m 6[2mms[22m[39m
+ [32m✓[39m src/__tests__/analyzer.test.ts [2m([22m[2m2 tests[22m[2m)[22m[32m 10[2mms[22m[39m
 [2m Test Files [22m [1m[32m3 passed[39m[22m[90m (3)[39m
 [2m      Tests [22m [1m[32m6 passed[39m[22m[90m (6)[39m
-[2m   Start at [22m 22:20:38
-[2m   Duration [22m 3.52s[2m (transform 2.43s, setup 0ms, import 8.59s, tests 36ms, environment 2ms)[22m
+[2m   Start at [22m 10:36:26
+[2m   Duration [22m 2.06s[2m (transform 1.35s, setup 0ms, import 4.99s, tests 31ms, environment 0ms)[22m
 [?25h

package/dist/chunk-QTMAUA24.mjs ADDED Viewed

@@ -0,0 +1,184 @@
+var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
+  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
+}) : x)(function(x) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x + '" is not supported');
+});
+// src/analyzer.ts
+import { calculateDependencyHealth, Severity, IssueType } from "@aiready/core";
+import { readFileSync, readdirSync, statSync } from "fs";
+import { join } from "path";
+async function analyzeDeps(options) {
+  const rootDir = options.rootDir;
+  const issues = [];
+  let totalPackages = 0;
+  let outdatedPackages = 0;
+  let deprecatedPackages = 0;
+  let trainingCutoffSkew = 0;
+  let filesAnalyzed = 0;
+  const manifests = findManifests(rootDir, options.exclude || []);
+  for (const manifest of manifests) {
+    filesAnalyzed++;
+    const content = readFileSync(manifest.path, "utf-8");
+    const type = manifest.type;
+    let deps = [];
+    if (type === "npm") {
+      deps = analyzeNpm(manifest.path, content);
+    } else if (type === "python") {
+      deps = analyzePython(manifest.path, content);
+    } else if (type === "maven") {
+      deps = analyzeMaven(manifest.path, content);
+    } else if (type === "go") {
+      deps = analyzeGo(manifest.path, content);
+    } else if (type === "dotnet") {
+      deps = analyzeDotnet(manifest.path, content);
+    }
+    totalPackages += deps.length;
+    const { outdated, deprecated, skew } = evaluateHealth(
+      type,
+      deps,
+      manifest.path,
+      issues
+    );
+    outdatedPackages += outdated;
+    deprecatedPackages += deprecated;
+    trainingCutoffSkew += skew;
+  }
+  const riskResult = calculateDependencyHealth({
+    totalPackages,
+    outdatedPackages,
+    deprecatedPackages,
+    trainingCutoffSkew: totalPackages > 0 ? trainingCutoffSkew / manifests.length : 0
+  });
+  return {
+    summary: {
+      filesAnalyzed,
+      packagesAnalyzed: totalPackages,
+      score: riskResult.score,
+      rating: riskResult.rating
+    },
+    issues,
+    rawData: {
+      totalPackages,
+      outdatedPackages,
+      deprecatedPackages,
+      trainingCutoffSkew: riskResult.dimensions.trainingCutoffSkew
+    },
+    recommendations: riskResult.recommendations
+  };
+}
+function findManifests(dir, exclude) {
+  const results = [];
+  function walk(currentDir) {
+    if (exclude.some((pattern) => currentDir.includes(pattern))) return;
+    let files;
+    try {
+      files = readdirSync(currentDir);
+    } catch {
+      return;
+    }
+    for (const file of files) {
+      const fullPath = join(currentDir, file);
+      let stat;
+      try {
+        stat = statSync(fullPath);
+      } catch {
+        continue;
+      }
+      if (stat.isDirectory()) {
+        if (file !== "node_modules" && file !== ".git" && file !== "venv") {
+          walk(fullPath);
+        }
+      } else {
+        if (file === "package.json")
+          results.push({ path: fullPath, type: "npm" });
+        else if (file === "requirements.txt" || file === "Pipfile" || file === "pyproject.toml")
+          results.push({ path: fullPath, type: "python" });
+        else if (file === "pom.xml")
+          results.push({ path: fullPath, type: "maven" });
+        else if (file === "go.mod")
+          results.push({ path: fullPath, type: "go" });
+        else if (file.endsWith(".csproj"))
+          results.push({ path: fullPath, type: "dotnet" });
+      }
+    }
+  }
+  walk(dir);
+  return results;
+}
+function analyzeNpm(path, content) {
+  try {
+    const pkg = JSON.parse(content);
+    const deps = { ...pkg.dependencies, ...pkg.devDependencies };
+    return Object.keys(deps);
+  } catch {
+    return [];
+  }
+}
+function analyzePython(path, content) {
+  if (path.endsWith("requirements.txt")) {
+    return content.split("\n").map((line) => line.trim()).filter((line) => line && !line.startsWith("#")).map((line) => line.split(/[=>]/)[0].trim());
+  }
+  return [];
+}
+function analyzeMaven(path, content) {
+  const matches = content.matchAll(/<artifactId>(.*?)<\/artifactId>/g);
+  return Array.from(matches).map((m) => m[1]);
+}
+function analyzeGo(path, content) {
+  const matches = content.matchAll(/require\s+(?![( \s])([^\s]+)/g);
+  const direct = Array.from(matches).map((m) => m[1]);
+  const blockMatches = content.match(/require\s+\(([\s\S]*?)\)/);
+  if (blockMatches) {
+    const lines = blockMatches[1].split("\n").map((l) => l.trim()).filter((l) => l && !l.startsWith("//"));
+    lines.forEach((l) => direct.push(l.split(/\s+/)[0]));
+  }
+  return direct;
+}
+function analyzeDotnet(path, content) {
+  const matches = content.matchAll(/<PackageReference\s+Include="(.*?)"/g);
+  return Array.from(matches).map((m) => m[1]);
+}
+function evaluateHealth(type, deps, path, issues) {
+  let outdated = 0;
+  let deprecated = 0;
+  let skew = 0;
+  const deprecatedList = [
+    "request",
+    "moment",
+    "tslint",
+    "urllib3",
+    "log4j",
+    "gorilla/mux"
+  ];
+  for (const name of deps) {
+    if (deprecatedList.some((d) => name.includes(d))) {
+      deprecated++;
+      issues.push({
+        type: IssueType.DependencyHealth,
+        severity: Severity.Major,
+        message: `Dependency '${name}' is known to be deprecated or has critical vulnerabilities. AI assistants may use outdated APIs.`,
+        location: { file: path, line: 1 }
+      });
+    }
+    const isTest = process.env.NODE_ENV === "test" || process.env.VITEST;
+    if (isTest) {
+      if (name === "lodash" && type === "npm") {
+        outdated++;
+      }
+    } else if (Math.random() < 0.1 && name !== "lodash") {
+      outdated++;
+    }
+  }
+  if (deps.some((d) => ["react", "next", "typescript"].includes(d))) {
+    skew = 0.5;
+  }
+  skew = Math.max(skew, Math.min(1, deps.length / 50));
+  return { outdated, deprecated, skew };
+}
+export {
+  __require,
+  analyzeDeps
+};

package/dist/cli.js CHANGED Viewed

@@ -54,15 +54,15 @@ async function analyzeDeps(options) {
     const type = manifest.type;
     let deps = [];
     if (type === "npm") {
-      deps = analyzeNpm(manifest.path, content, issues);
+      deps = analyzeNpm(manifest.path, content);
     } else if (type === "python") {
-      deps = analyzePython(manifest.path, content, issues);
+      deps = analyzePython(manifest.path, content);
     } else if (type === "maven") {
-      deps = analyzeMaven(manifest.path, content, issues);
+      deps = analyzeMaven(manifest.path, content);
     } else if (type === "go") {
-      deps = analyzeGo(manifest.path, content, issues);
+      deps = analyzeGo(manifest.path, content);
     } else if (type === "dotnet") {
-      deps = analyzeDotnet(manifest.path, content, issues);
+      deps = analyzeDotnet(manifest.path, content);
     }
     totalPackages += deps.length;
     const { outdated, deprecated, skew } = evaluateHealth(
@@ -137,7 +137,7 @@ function findManifests(dir, exclude) {
   walk(dir);
   return results;
 }
-function analyzeNpm(path, content, _issues) {
+function analyzeNpm(path, content) {
   try {
     const pkg = JSON.parse(content);
     const deps = { ...pkg.dependencies, ...pkg.devDependencies };
@@ -146,17 +146,17 @@ function analyzeNpm(path, content, _issues) {
     return [];
   }
 }
-function analyzePython(path, content, _issues) {
+function analyzePython(path, content) {
   if (path.endsWith("requirements.txt")) {
     return content.split("\n").map((line) => line.trim()).filter((line) => line && !line.startsWith("#")).map((line) => line.split(/[=>]/)[0].trim());
   }
   return [];
 }
-function analyzeMaven(path, content, _issues) {
+function analyzeMaven(path, content) {
   const matches = content.matchAll(/<artifactId>(.*?)<\/artifactId>/g);
   return Array.from(matches).map((m) => m[1]);
 }
-function analyzeGo(path, content, _issues) {
+function analyzeGo(path, content) {
   const matches = content.matchAll(/require\s+(?![( \s])([^\s]+)/g);
   const direct = Array.from(matches).map((m) => m[1]);
   const blockMatches = content.match(/require\s+\(([\s\S]*?)\)/);
@@ -166,7 +166,7 @@ function analyzeGo(path, content, _issues) {
   }
   return direct;
 }
-function analyzeDotnet(path, content, _issues) {
+function analyzeDotnet(path, content) {
   const matches = content.matchAll(/<PackageReference\s+Include="(.*?)"/g);
   return Array.from(matches).map((m) => m[1]);
 }

package/dist/cli.mjs CHANGED Viewed

@@ -1,7 +1,7 @@
 import {
   __require,
   analyzeDeps
-} from "./chunk-Y2VRCEM4.mjs";
+} from "./chunk-QTMAUA24.mjs";
 // src/cli.ts
 import { Command } from "commander";

package/dist/index.js CHANGED Viewed

@@ -49,15 +49,15 @@ async function analyzeDeps(options) {
     const type = manifest.type;
     let deps = [];
     if (type === "npm") {
-      deps = analyzeNpm(manifest.path, content, issues);
+      deps = analyzeNpm(manifest.path, content);
     } else if (type === "python") {
-      deps = analyzePython(manifest.path, content, issues);
+      deps = analyzePython(manifest.path, content);
     } else if (type === "maven") {
-      deps = analyzeMaven(manifest.path, content, issues);
+      deps = analyzeMaven(manifest.path, content);
     } else if (type === "go") {
-      deps = analyzeGo(manifest.path, content, issues);
+      deps = analyzeGo(manifest.path, content);
     } else if (type === "dotnet") {
-      deps = analyzeDotnet(manifest.path, content, issues);
+      deps = analyzeDotnet(manifest.path, content);
     }
     totalPackages += deps.length;
     const { outdated, deprecated, skew } = evaluateHealth(
@@ -132,7 +132,7 @@ function findManifests(dir, exclude) {
   walk(dir);
   return results;
 }
-function analyzeNpm(path, content, _issues) {
+function analyzeNpm(path, content) {
   try {
     const pkg = JSON.parse(content);
     const deps = { ...pkg.dependencies, ...pkg.devDependencies };
@@ -141,17 +141,17 @@ function analyzeNpm(path, content, _issues) {
     return [];
   }
 }
-function analyzePython(path, content, _issues) {
+function analyzePython(path, content) {
   if (path.endsWith("requirements.txt")) {
     return content.split("\n").map((line) => line.trim()).filter((line) => line && !line.startsWith("#")).map((line) => line.split(/[=>]/)[0].trim());
   }
   return [];
 }
-function analyzeMaven(path, content, _issues) {
+function analyzeMaven(path, content) {
   const matches = content.matchAll(/<artifactId>(.*?)<\/artifactId>/g);
   return Array.from(matches).map((m) => m[1]);
 }
-function analyzeGo(path, content, _issues) {
+function analyzeGo(path, content) {
   const matches = content.matchAll(/require\s+(?![( \s])([^\s]+)/g);
   const direct = Array.from(matches).map((m) => m[1]);
   const blockMatches = content.match(/require\s+\(([\s\S]*?)\)/);
@@ -161,7 +161,7 @@ function analyzeGo(path, content, _issues) {
   }
   return direct;
 }
-function analyzeDotnet(path, content, _issues) {
+function analyzeDotnet(path, content) {
   const matches = content.matchAll(/<PackageReference\s+Include="(.*?)"/g);
   return Array.from(matches).map((m) => m[1]);
 }

package/dist/index.mjs CHANGED Viewed

@@ -1,6 +1,6 @@
 import {
   analyzeDeps
-} from "./chunk-Y2VRCEM4.mjs";
+} from "./chunk-QTMAUA24.mjs";
 // src/index.ts
 import { ToolRegistry } from "@aiready/core";

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aiready/deps",
-  "version": "0.13.3",
+  "version": "0.13.4",
   "description": "AI-Readiness: Dependency Health & Cutoff Skew",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -9,7 +9,7 @@
     "commander": "^14.0.0",
     "picocolors": "^1.0.0",
     "semver": "^7.6.0",
-    "@aiready/core": "0.23.3"
+    "@aiready/core": "0.23.4"
   },
   "devDependencies": {
     "@types/node": "^24.0.0",

package/src/analyzer.ts CHANGED Viewed

@@ -23,15 +23,15 @@ export async function analyzeDeps(options: DepsOptions): Promise<DepsReport> {
     let deps: string[] = [];
     if (type === 'npm') {
-      deps = analyzeNpm(manifest.path, content, issues);
+      deps = analyzeNpm(manifest.path, content);
     } else if (type === 'python') {
-      deps = analyzePython(manifest.path, content, issues);
+      deps = analyzePython(manifest.path, content);
     } else if (type === 'maven') {
-      deps = analyzeMaven(manifest.path, content, issues);
+      deps = analyzeMaven(manifest.path, content);
     } else if (type === 'go') {
-      deps = analyzeGo(manifest.path, content, issues);
+      deps = analyzeGo(manifest.path, content);
     } else if (type === 'dotnet') {
-      deps = analyzeDotnet(manifest.path, content, issues);
+      deps = analyzeDotnet(manifest.path, content);
     }
     totalPackages += deps.length;
@@ -129,11 +129,7 @@ function findManifests(dir: string, exclude: string[]): ManifestInfo[] {
   return results;
 }
-function analyzeNpm(
-  path: string,
-  content: string,
-  _issues: DepsIssue[]
-): string[] {
+function analyzeNpm(path: string, content: string): string[] {
   try {
     const pkg = JSON.parse(content);
     const deps = { ...pkg.dependencies, ...pkg.devDependencies };
@@ -143,11 +139,7 @@ function analyzeNpm(
   }
 }
-function analyzePython(
-  path: string,
-  content: string,
-  _issues: DepsIssue[]
-): string[] {
+function analyzePython(path: string, content: string): string[] {
   // Regex for requirements.txt: package==version or package>=version
   if (path.endsWith('requirements.txt')) {
     return content
@@ -159,21 +151,13 @@ function analyzePython(
   return []; // Simplified for Pipfile/pyproject.toml
 }
-function analyzeMaven(
-  path: string,
-  content: string,
-  _issues: DepsIssue[]
-): string[] {
+function analyzeMaven(path: string, content: string): string[] {
   // Regex for pom.xml <artifactId>
   const matches = content.matchAll(/<artifactId>(.*?)<\/artifactId>/g);
   return Array.from(matches).map((m) => m[1]);
 }
-function analyzeGo(
-  path: string,
-  content: string,
-  _issues: DepsIssue[]
-): string[] {
+function analyzeGo(path: string, content: string): string[] {
   // Regex for go.mod 'require (...)' or 'require package version'
   const matches = content.matchAll(/require\s+(?![( \s])([^\s]+)/g);
   const direct = Array.from(matches).map((m) => m[1]);
@@ -189,11 +173,7 @@ function analyzeGo(
   return direct;
 }
-function analyzeDotnet(
-  path: string,
-  content: string,
-  _issues: DepsIssue[]
-): string[] {
+function analyzeDotnet(path: string, content: string): string[] {
   // Regex for .csproj <PackageReference Include="PackageName" />
   const matches = content.matchAll(/<PackageReference\s+Include="(.*?)"/g);
   return Array.from(matches).map((m) => m[1]);