@bobfrankston/npmglobalize 1.0.139 → 1.0.140

package/lib/types.d.ts

@@ -6,16 +6,8 @@ import { type SpawnSyncOptions, type SpawnSyncReturns } from 'child_process';
 /** Wrapper for spawnSync that avoids DEP0190 (args + shell: true).
  *  When shell is true, joins cmd+args into a single command string. */
 export declare function spawnSafe(cmd: string, args: string[], options?: SpawnSyncOptions): SpawnSyncReturns<string>;
-/** Color/style helpers using Node.js styleText (Node 24+) */
-export declare const colors: {
-    red: (text: string) => string;
-    yellow: (text: string) => string;
-    green: (text: string) => string;
-    italic: (text: string) => string;
-    blue: (text: string) => string;
-    cyan: (text: string) => string;
-    dim: (text: string) => string;
-};
+/** Semantic color functions — adapts to terminal light/dark theme */
+export declare const colors: import("@bobfrankston/themecolors").SemanticColors;
 /** Get npm command for current platform (npm.cmd on Windows, npm elsewhere) */
 export declare function getNpmCommand(): string;
 /** Options for the globalize operation */

package/lib/types.js

@@ -3,7 +3,7 @@
  * Leaf module — no internal dependencies.
  */
 import { spawnSync } from 'child_process';
-import { styleText } from 'util';
+import { themeColors } from '@bobfrankston/themecolors';
 import readline from 'readline';
 /** Wrapper for spawnSync that avoids DEP0190 (args + shell: true).
  *  When shell is true, joins cmd+args into a single command string. */
@@ -16,16 +16,8 @@ export function spawnSafe(cmd, args, options = {}) {
     }
     return spawnSync(cmd, args, opts);
 }
-/** Color/style helpers using Node.js styleText (Node 24+) */
-export const colors = {
-    red: (text) => styleText('red', text),
-    yellow: (text) => styleText('yellow', text),
-    green: (text) => styleText('green', text),
-    italic: (text) => styleText('italic', text),
-    blue: (text) => styleText('blue', text),
-    cyan: (text) => styleText('cyan', text),
-    dim: (text) => styleText('dim', text),
-};
+/** Semantic color functions — adapts to terminal light/dark theme */
+export const colors = themeColors();
 /** Get npm command for current platform (npm.cmd on Windows, npm elsewhere) */
 export function getNpmCommand() {
     return process.platform === 'win32' ? 'npm.cmd' : 'npm';

package/lib.js

@@ -137,6 +137,10 @@ function getNpmCommand() {
     return process.platform === 'win32' ? 'npm.cmd' : 'npm';
 }
 const DEP_KEYS = ['dependencies', 'devDependencies', 'peerDependencies', 'optionalDependencies'];
+/** Format current time as HH:MM:SS for progress timestamps */
+function timestamp() {
+    return colors.dim(new Date().toLocaleTimeString('en-US', { hour12: false }));
+}
 /** Read and parse package.json from a directory */
 export function readPackageJson(dir) {
     const pkgPath = path.join(dir, 'package.json');
@@ -1003,7 +1007,7 @@ export function fixVersionTagMismatch(cwd, pkg, verbose = false) {
 function waitForNpmVersion(pkgName, version, maxWaitMs = 90000) {
     const interval = 3000;
     const maxAttempts = Math.ceil(maxWaitMs / interval);
-    process.stdout.write(`Waiting for ${pkgName}@${version} on npm registry`);
+    process.stdout.write(`${timestamp()} Waiting for ${pkgName}@${version} on npm registry`);
     for (let i = 0; i < maxAttempts; i++) {
         const result = spawnSafe('npm', ['view', `${pkgName}@${version}`, 'version'], {
             shell: process.platform === 'win32',
@@ -2637,7 +2641,7 @@ export async function globalize(cwd, options = {}, configOptions = {}) {
     const pkg = readPackageJson(cwd);
     // Run build step if package.json has a build script (skip if CLI already built)
     if (pkg.scripts?.build && !options._fromCli) {
-        console.log('Running build...');
+        console.log(`${timestamp()} Running build...`);
         if (!dryRun) {
             const buildResult = runCommand('npm', ['run', 'build'], { cwd, silent: !verbose });
             if (!buildResult.success) {
@@ -2648,7 +2652,7 @@ export async function globalize(cwd, options = {}, configOptions = {}) {
                 console.log(colors.yellow('Continuing with --force despite build failure...'));
             }
             else {
-                console.log(colors.green('✓ Build succeeded'));
+                console.log(`${timestamp()} ${colors.green('✓ Build succeeded')}`);
             }
         }
         else {
@@ -3392,7 +3396,7 @@ export async function globalize(cwd, options = {}, configOptions = {}) {
     // Git operations
     if (currentGitStatus.hasUncommitted) {
         const commitMsg = message || 'Pre-release commit';
-        console.log(`Committing changes: ${commitMsg}`);
+        console.log(`${timestamp()} Committing changes: ${commitMsg}`);
         if (!dryRun) {
             // Remove 'nul' files that break git on Windows
             const nulCount = removeNulFiles(cwd);
@@ -3490,7 +3494,7 @@ export async function globalize(cwd, options = {}, configOptions = {}) {
         console.log(`Skipping version bump — ${pkg.version} already set locally.`);
     }
     else {
-        console.log(`Bumping version (${bump})...`);
+        console.log(`${timestamp()} Bumping version (${bump})...`);
     }
     if (!dryRun && !skipVersionBump) {
         // Temporarily disable postversion hook to prevent double-publishing or push
@@ -3734,38 +3738,51 @@ export async function globalize(cwd, options = {}, configOptions = {}) {
     else if (!skipVersionBump) {
         console.log(`  [dry-run] Would run: npm version ${bump}`);
     }
-    // Check for public package depending on private dependencies
+    // Check for public package depending on private/unpublished scoped dependencies
+    // Only scoped deps can be private — unscoped are always public on npm.
+    // Use a single fast `npm view` per dep instead of the full checkNpmAccess.
     const publishAccess = effectiveNpmVisibility || currentAccess || (isScoped ? 'restricted' : 'public');
     if (publishAccess === 'public') {
-        const privateDeps = [];
+        const scopedDeps = [];
         for (const depKey of ['dependencies', 'peerDependencies']) {
             const deps = pkg[depKey];
             if (!deps)
                 continue;
             for (const depName of Object.keys(deps)) {
-                const depAccess = checkNpmAccess(depName);
-                if (depAccess === 'restricted') {
-                    privateDeps.push(depName);
-                }
-                else if (depAccess === null && depName.startsWith('@')) {
-                    // Scoped package not on npm — will be private by default
-                    privateDeps.push(`${depName} (not yet published)`);
-                }
+                if (depName.startsWith('@'))
+                    scopedDeps.push(depName);
             }
         }
-        if (privateDeps.length > 0) {
-            console.log('');
-            console.error(colors.red('WARNING: Public package depends on PRIVATE dependencies:'));
-            for (const d of privateDeps) {
-                console.error(colors.red(`  ${d}`));
+        if (scopedDeps.length > 0) {
+            const privateDeps = [];
+            for (const depName of scopedDeps) {
+                const viewResult = spawnSafe('npm', ['view', depName, 'name'], {
+                    encoding: 'utf-8', stdio: 'pipe', shell: true
+                });
+                if (viewResult.status !== 0) {
+                    const stderr = viewResult.stderr || '';
+                    if (stderr.includes('404') || stderr.includes('not found')) {
+                        privateDeps.push(`${depName} (not on npm)`);
+                    }
+                    else {
+                        privateDeps.push(`${depName} (restricted)`);
+                    }
+                }
+            }
+            if (privateDeps.length > 0) {
+                console.log('');
+                console.error(colors.red('WARNING: Public package depends on PRIVATE/missing dependencies:'));
+                for (const d of privateDeps) {
+                    console.error(colors.red(`  ${d}`));
+                }
+                console.error(colors.yellow('Consumers will get E404 when installing this package.'));
+                console.error(colors.yellow('Fix: publish those deps as public, or make this package private.'));
+                console.log('');
             }
-            console.error(colors.yellow('Consumers will get E404 when installing this package.'));
-            console.error(colors.yellow('Fix: publish those deps as public, or make this package private.'));
-            console.log('');
         }
     }
     // Publish
-    console.log('Publishing to npm...');
+    console.log(`${timestamp()} Publishing to npm...`);
     if (!dryRun) {
         // Check npm authentication right before publishing
         const authStatus = checkNpmAuth();
@@ -3929,7 +3946,7 @@ export async function globalize(cwd, options = {}, configOptions = {}) {
         // Determine what was published
         const finalAccess = effectiveNpmVisibility || currentAccess || (isScoped ? 'restricted' : 'public');
         const accessLabel = (finalAccess === 'restricted' || finalAccess === 'private') ? 'PRIVATE' : 'PUBLIC';
-        console.log(colors.green(`✓ Published to npm as ${accessLabel}`));
+        console.log(`${timestamp()} ${colors.green(`✓ Published to npm as ${accessLabel}`)}`);
     }
     else {
         console.log(`  [dry-run] Would run: npm publish ${quiet ? '--quiet' : ''}`);
@@ -3937,7 +3954,7 @@ export async function globalize(cwd, options = {}, configOptions = {}) {
     // Push to git (with push-protection detection and auto-bypass)
     if (currentGitStatus.hasRemote) {
         if (verbose) {
-            console.log('Pushing to git...');
+            console.log(`${timestamp()} Pushing to git...`);
         }
         if (!dryRun) {
             if (pushWithProtection(cwd, verbose)) {
@@ -4001,7 +4018,7 @@ export async function globalize(cwd, options = {}, configOptions = {}) {
                 }
             }
             else {
-                console.log(`Installing globally from registry: ${pkgName}@${pkgVersion}...`);
+                console.log(`${timestamp()} Installing globally from registry: ${pkgName}@${pkgVersion}...`);
                 if (!dryRun) {
                     waitForNpmVersion(pkgName, pkgVersion);
                     const installResult = installGlobalWithRetry(`${pkgName}@${pkgVersion}`, cwd);
@@ -4072,7 +4089,7 @@ export async function globalize(cwd, options = {}, configOptions = {}) {
     else if (!files) {
         console.log('Keeping npm versions (--nofiles mode).');
     }
-    console.log('Done!');
+    console.log(`${timestamp()} Done!`);
     // Run final audit report if not already run
     const auditAlreadyRun = (fix || updateDeps) && (transformResult.transformed || alreadyTransformed || updateDeps);
     if (!auditAlreadyRun && (fix || updateDeps || transformResult.transformed) && !dryRun) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bobfrankston/npmglobalize",
-  "version": "1.0.139",
+  "version": "1.0.140",
   "description": "Transform file: dependencies to npm versions for publishing",
   "main": "index.js",
   "type": "module",
@@ -33,7 +33,7 @@
   "dependencies": {
     "@bobfrankston/freezepak": "^0.1.6",
     "@bobfrankston/importgen": "^0.1.32",
-    "@bobfrankston/themecolors": "^0.1.2",
+    "@bobfrankston/themecolors": "^0.1.4",
     "@bobfrankston/userconfig": "^1.0.6",
     "@npmcli/package-json": "^7.0.4",
     "json5": "^2.2.3",