@code-pushup/js-packages-plugin 0.44.4 → 0.45.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/README.md +1 -0
  2. package/bin.js +25 -11
  3. package/index.js +3 -2
  4. package/package.json +3 -3
  5. package/src/lib/config.d.ts +3 -0
  6. package/src/lib/runner/outdated/transform.d.ts +1 -1
  7. package/src/lib/runner/outdated/types.d.ts +5 -1
  8. package/src/lib/runner/utils.d.ts +1 -0
package/README.md CHANGED
@@ -113,6 +113,7 @@ The plugin accepts the following parameters:
113
113
  - `packageManager`: The package manager you are using. Supported values: `npm`, `yarn-classic` (v1), `yarn-modern` (v2+), `pnpm`.
114
114
  - (optional) `checks`: Array of checks to be run. Supported commands: `audit`, `outdated`. Both are configured by default.
115
115
  - (optional) `dependencyGroups`: Array of dependency groups to be checked. `prod` and `dev` are configured by default. `optional` are opt-in.
116
+ - (optional) `packageJsonPath`: File path to `package.json`. Defaults to current folder. Multiple `package.json` files are currently not supported.
116
117
  - (optional) `auditLevelMapping`: If you wish to set a custom level of issue severity based on audit vulnerability level, you may do so here. Any omitted values will be filled in by defaults. Audit levels are: `critical`, `high`, `moderate`, `low` and `info`. Issue severities are: `error`, `warn` and `info`. By default the mapping is as follows: `critical` and `high` → `error`; `moderate` and `low` → `warning`; `info` → `info`.
117
118
 
118
119
  ### Audits and group
package/bin.js CHANGED
@@ -1221,7 +1221,8 @@ var jsPackagesPluginConfigSchema = z16.object({
1221
1221
  dependencyGroups: z16.array(dependencyGroupSchema).min(1).default(["prod", "dev"]),
1222
1222
  auditLevelMapping: z16.record(packageAuditLevelSchema, issueSeveritySchema, {
1223
1223
  description: "Mapping of audit levels to issue severity. Custom mapping or overrides may be entered manually, otherwise has a default preset."
1224
- }).default(defaultAuditLevelMapping).transform(fillAuditLevelMapping)
1224
+ }).default(defaultAuditLevelMapping).transform(fillAuditLevelMapping),
1225
+ packageJsonPath: z16.string().describe("File path to package.json. Defaults to current folder.").default("package.json")
1225
1226
  });
1226
1227
 
1227
1228
  // packages/plugin-js-packages/src/lib/runner/utils.ts
@@ -1255,6 +1256,15 @@ function filterAuditResult(result, key, referenceResult) {
1255
1256
  summary: uniqueResult.summary
1256
1257
  };
1257
1258
  }
1259
+ async function getTotalDependencies(packageJsonPath) {
1260
+ const packageJson = await readJsonFile(packageJsonPath);
1261
+ return objectFromEntries(
1262
+ dependencyGroups.map((depGroup) => {
1263
+ const deps = packageJson[dependencyGroupToLong[depGroup]];
1264
+ return [depGroup, deps == null ? 0 : objectToKeys(deps).length];
1265
+ })
1266
+ );
1267
+ }
1258
1268
 
1259
1269
  // packages/plugin-js-packages/src/lib/package-managers/constants.ts
1260
1270
  var COMMON_AUDIT_ARGS = ["audit", "--json"];
@@ -1793,7 +1803,7 @@ var outdatedSeverity = {
1793
1803
  var RELEASE_TYPES = objectToKeys(outdatedSeverity);
1794
1804
 
1795
1805
  // packages/plugin-js-packages/src/lib/runner/outdated/transform.ts
1796
- function outdatedResultToAuditOutput(result, packageManager, depGroup) {
1806
+ function outdatedResultToAuditOutput(result, packageManager, depGroup, totalDeps) {
1797
1807
  const relevantDependencies = result.filter(
1798
1808
  (dep) => dep.type === dependencyGroupToLong[depGroup]
1799
1809
  );
@@ -1817,10 +1827,7 @@ function outdatedResultToAuditOutput(result, packageManager, depGroup) {
1817
1827
  const issues = outdatedDependencies.length === 0 ? [] : outdatedToIssues(outdatedDependencies);
1818
1828
  return {
1819
1829
  slug: `${packageManager}-outdated-${depGroup}`,
1820
- score: calculateOutdatedScore(
1821
- outdatedStats.major,
1822
- relevantDependencies.length
1823
- ),
1830
+ score: calculateOutdatedScore(outdatedStats.major, totalDeps),
1824
1831
  value: outdatedDependencies.length,
1825
1832
  displayValue: outdatedToDisplayValue(outdatedStats),
1826
1833
  details: { issues }
@@ -1865,15 +1872,16 @@ async function executeRunner() {
1865
1872
  packageManager,
1866
1873
  checks,
1867
1874
  auditLevelMapping,
1875
+ packageJsonPath,
1868
1876
  dependencyGroups: depGroups
1869
1877
  } = await readJsonFile(PLUGIN_CONFIG_PATH);
1870
- const auditResults = checks.includes("audit") ? await processAudit(packageManager, auditLevelMapping, depGroups) : [];
1871
- const outdatedResults = checks.includes("outdated") ? await processOutdated(packageManager, depGroups) : [];
1878
+ const auditResults = checks.includes("audit") ? await processAudit(packageManager, depGroups, auditLevelMapping) : [];
1879
+ const outdatedResults = checks.includes("outdated") ? await processOutdated(packageManager, depGroups, packageJsonPath) : [];
1872
1880
  const checkResults = [...auditResults, ...outdatedResults];
1873
1881
  await ensureDirectoryExists(dirname(RUNNER_OUTPUT_PATH));
1874
1882
  await writeFile(RUNNER_OUTPUT_PATH, JSON.stringify(checkResults));
1875
1883
  }
1876
- async function processOutdated(id, depGroups) {
1884
+ async function processOutdated(id, depGroups, packageJsonPath) {
1877
1885
  const pm = packageManagers[id];
1878
1886
  const { stdout } = await executeProcess({
1879
1887
  command: pm.command,
@@ -1882,12 +1890,18 @@ async function processOutdated(id, depGroups) {
1882
1890
  ignoreExitCode: true
1883
1891
  // outdated returns exit code 1 when outdated dependencies are found
1884
1892
  });
1893
+ const depTotals = await getTotalDependencies(packageJsonPath);
1885
1894
  const normalizedResult = pm.outdated.unifyResult(stdout);
1886
1895
  return depGroups.map(
1887
- (depGroup) => outdatedResultToAuditOutput(normalizedResult, id, depGroup)
1896
+ (depGroup) => outdatedResultToAuditOutput(
1897
+ normalizedResult,
1898
+ id,
1899
+ depGroup,
1900
+ depTotals[depGroup]
1901
+ )
1888
1902
  );
1889
1903
  }
1890
- async function processAudit(id, auditLevelMapping, depGroups) {
1904
+ async function processAudit(id, depGroups, auditLevelMapping) {
1891
1905
  const pm = packageManagers[id];
1892
1906
  const supportedAuditDepGroups = pm.audit.supportedDepGroups ?? dependencyGroups;
1893
1907
  const compatibleAuditDepGroups = depGroups.filter(
package/index.js CHANGED
@@ -4,7 +4,7 @@ import { fileURLToPath } from "node:url";
4
4
 
5
5
  // packages/plugin-js-packages/package.json
6
6
  var name = "@code-pushup/js-packages-plugin";
7
- var version = "0.44.4";
7
+ var version = "0.45.0";
8
8
 
9
9
  // packages/plugin-js-packages/src/lib/config.ts
10
10
  import { z as z16 } from "zod";
@@ -764,7 +764,8 @@ var jsPackagesPluginConfigSchema = z16.object({
764
764
  dependencyGroups: z16.array(dependencyGroupSchema).min(1).default(["prod", "dev"]),
765
765
  auditLevelMapping: z16.record(packageAuditLevelSchema, issueSeveritySchema, {
766
766
  description: "Mapping of audit levels to issue severity. Custom mapping or overrides may be entered manually, otherwise has a default preset."
767
- }).default(defaultAuditLevelMapping).transform(fillAuditLevelMapping)
767
+ }).default(defaultAuditLevelMapping).transform(fillAuditLevelMapping),
768
+ packageJsonPath: z16.string().describe("File path to package.json. Defaults to current folder.").default("package.json")
768
769
  });
769
770
 
770
771
  // packages/utils/src/lib/text-formats/constants.ts
package/package.json CHANGED
@@ -1,9 +1,9 @@
1
1
  {
2
2
  "name": "@code-pushup/js-packages-plugin",
3
- "version": "0.44.4",
3
+ "version": "0.45.0",
4
4
  "dependencies": {
5
- "@code-pushup/models": "0.44.4",
6
- "@code-pushup/utils": "0.44.4",
5
+ "@code-pushup/models": "0.45.0",
6
+ "@code-pushup/utils": "0.45.0",
7
7
  "semver": "^7.6.0",
8
8
  "zod": "^3.22.4"
9
9
  },
package/src/lib/config.d.ts CHANGED
@@ -16,16 +16,19 @@ export declare const jsPackagesPluginConfigSchema: z.ZodObject<{
16
16
  packageManager: z.ZodEnum<["npm", "yarn-classic", "yarn-modern", "pnpm"]>;
17
17
  dependencyGroups: z.ZodDefault<z.ZodArray<z.ZodEnum<["prod", "dev", "optional"]>, "many">>;
18
18
  auditLevelMapping: z.ZodEffects<z.ZodDefault<z.ZodRecord<z.ZodEnum<["critical", "high", "moderate", "low", "info"]>, z.ZodEnum<["info", "warning", "error"]>>>, AuditSeverity, Partial<Record<"info" | "critical" | "high" | "moderate" | "low", "error" | "info" | "warning">> | undefined>;
19
+ packageJsonPath: z.ZodDefault<z.ZodString>;
19
20
  }, "strip", z.ZodTypeAny, {
20
21
  checks: ("audit" | "outdated")[];
21
22
  packageManager: "npm" | "pnpm" | "yarn-classic" | "yarn-modern";
22
23
  dependencyGroups: ("prod" | "dev" | "optional")[];
23
24
  auditLevelMapping: AuditSeverity;
25
+ packageJsonPath: string;
24
26
  }, {
25
27
  packageManager: "npm" | "pnpm" | "yarn-classic" | "yarn-modern";
26
28
  checks?: ("audit" | "outdated")[] | undefined;
27
29
  dependencyGroups?: ("prod" | "dev" | "optional")[] | undefined;
28
30
  auditLevelMapping?: Partial<Record<"info" | "critical" | "high" | "moderate" | "low", "error" | "info" | "warning">> | undefined;
31
+ packageJsonPath?: string | undefined;
29
32
  }>;
30
33
  export type JSPackagesPluginConfig = z.input<typeof jsPackagesPluginConfigSchema>;
31
34
  export type FinalJSPackagesPluginConfig = z.infer<typeof jsPackagesPluginConfigSchema>;
package/src/lib/runner/outdated/transform.d.ts CHANGED
@@ -2,7 +2,7 @@ import { ReleaseType } from 'semver';
2
2
  import type { AuditOutput, Issue } from '@code-pushup/models';
3
3
  import { DependencyGroup, PackageManagerId } from '../../config';
4
4
  import { OutdatedResult } from './types';
5
- export declare function outdatedResultToAuditOutput(result: OutdatedResult, packageManager: PackageManagerId, depGroup: DependencyGroup): AuditOutput;
5
+ export declare function outdatedResultToAuditOutput(result: OutdatedResult, packageManager: PackageManagerId, depGroup: DependencyGroup, totalDeps: number): AuditOutput;
6
6
  export declare function calculateOutdatedScore(majorOutdated: number, totalDeps: number): number;
7
7
  export declare function outdatedToDisplayValue(stats: Record<ReleaseType, number>): string;
8
8
  export declare function outdatedToIssues(dependencies: OutdatedResult): Issue[];
package/src/lib/runner/outdated/types.d.ts CHANGED
@@ -1,6 +1,9 @@
1
1
  import type { ReleaseType } from 'semver';
2
2
  export type PackageVersion = Record<ReleaseType, number>;
3
- export type DependencyGroupLong = 'dependencies' | 'devDependencies' | 'optionalDependencies';
3
+ export declare const dependencyGroupLong: readonly ["dependencies", "devDependencies", "optionalDependencies"];
4
+ export type DependencyGroupLong = (typeof dependencyGroupLong)[number];
5
+ type PackageJsonDependencies = Record<string, string>;
6
+ export type PackageJson = Partial<Record<DependencyGroupLong, PackageJsonDependencies>>;
4
7
  export type OutdatedDependency = {
5
8
  name: string;
6
9
  current: string;
@@ -9,3 +12,4 @@ export type OutdatedDependency = {
9
12
  url?: string;
10
13
  };
11
14
  export type OutdatedResult = OutdatedDependency[];
15
+ export {};
package/src/lib/runner/utils.d.ts CHANGED
@@ -1,2 +1,3 @@
1
1
  import { AuditResult, Vulnerability } from './audit/types';
2
2
  export declare function filterAuditResult(result: AuditResult, key: keyof Vulnerability, referenceResult?: AuditResult): AuditResult;
3
+ export declare function getTotalDependencies(packageJsonPath: string): Promise<Record<"prod" | "dev" | "optional", number>>;