@antongolub/lockfile 0.0.0-snapshot.37 → 0.0.0-snapshot.39
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -1
- package/package.json +4 -3
- package/target/esm/cli.mjs +21 -990
- package/target/cjs/cli.cjs +0 -1116
package/README.md
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# @antongolub/lockfile
|
|
2
2
|
> Read and write lockfiles with reasonable losses
|
|
3
3
|
|
|
4
|
-
|
|
4
|
+
<p><img alt="@antongolub/lockfile" src="./pics/pic.png" align="right" width="300">
|
|
5
5
|
Each package manager brings its own philosophy of how to describe, store and control project dependencies.
|
|
6
6
|
It _seems_ acceptable for developers, but literally becomes a ~~pain in *** ***~~ headache for isec, devops and release engineers.
|
|
7
7
|
This lib is a naive attempt to build a pm-independent, generic, extensible and reliable deps representation.
|
|
@@ -9,6 +9,7 @@ This lib is a naive attempt to build a pm-independent, generic, extensible and r
|
|
|
9
9
|
The `package.json` manifest contains its own deps requirements, the `lockfile` holds the deps resolution snapshot<sup>*</sup>,
|
|
10
10
|
so both of them are required to build a dependency graph. We can try to convert this data into a normalized representation for further analysis and processing (for example, to fix vulnerabilities).
|
|
11
11
|
And then, if necessary, try convert it back to the original/another format.
|
|
12
|
+
</p>
|
|
12
13
|
|
|
13
14
|
## Status
|
|
14
15
|
Proof of concept. The API may change significantly ⚠️
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@antongolub/lockfile",
|
|
3
|
-
"version": "0.0.0-snapshot.
|
|
3
|
+
"version": "0.0.0-snapshot.39",
|
|
4
4
|
"publishConfig": {
|
|
5
5
|
"access": "public"
|
|
6
6
|
},
|
|
@@ -49,8 +49,9 @@
|
|
|
49
49
|
},
|
|
50
50
|
"scripts": {
|
|
51
51
|
"build": "concurrently 'npm:build:*'",
|
|
52
|
-
"build:
|
|
53
|
-
"build:
|
|
52
|
+
"build:bin": "node ./src/scripts/build.mjs --entry='./src/main/ts/cli.ts' --no-bundle",
|
|
53
|
+
"build:esm": "node ./src/scripts/build.mjs --entry='./src/main/ts/index.ts'",
|
|
54
|
+
"build:cjs": "yarn run build:esm -- --cjs",
|
|
54
55
|
"build:dts": "tsc --emitDeclarationOnly --skipLibCheck --outDir target/dts",
|
|
55
56
|
"test": "yarn test:unit",
|
|
56
57
|
"test:unit": "DEBUG=true c8 -r lcov -r text -o target/coverage -x src/scripts -x src/test uvu -r tsm -i helpers 'src/test/ts/'",
|