@code-pushup/js-packages-plugin 0.45.0 → 0.45.1

package/README.md

@@ -113,7 +113,7 @@ The plugin accepts the following parameters:
 - `packageManager`: The package manager you are using. Supported values: `npm`, `yarn-classic` (v1), `yarn-modern` (v2+), `pnpm`.
 - (optional) `checks`: Array of checks to be run. Supported commands: `audit`, `outdated`. Both are configured by default.
 - (optional) `dependencyGroups`: Array of dependency groups to be checked. `prod` and `dev` are configured by default. `optional` are opt-in.
-- (optional) `packageJsonPath`: File path to `package.json`. Defaults to current folder. Multiple `package.json` files are currently not supported.
+- (optional) `packageJsonPaths`: File path(s) to `package.json`. Root `package.json` is used by default. Multiple `package.json` paths may be passed. If `{ autoSearch: true }` is provided, all `package.json` files in the repository are searched.
 - (optional) `auditLevelMapping`: If you wish to set a custom level of issue severity based on audit vulnerability level, you may do so here. Any omitted values will be filled in by defaults. Audit levels are: `critical`, `high`, `moderate`, `low` and `info`. Issue severities are: `error`, `warn` and `info`. By default the mapping is as follows: `critical` and `high` → `error`; `moderate` and `low` → `warning`; `info` → `info`.
 
 ### Audits and group

package/bin.js

@@ -2,300 +2,6 @@
 import { writeFile } from "node:fs/promises";
 import { dirname } from "node:path";
 
-// packages/utils/src/lib/text-formats/constants.ts
-var NEW_LINE = "\n";
-var TAB = "  ";
-
-// packages/utils/src/lib/text-formats/html/details.ts
-function details(title, content, cfg = { open: false }) {
-  return `<details${cfg.open ? " open" : ""}>${NEW_LINE}<summary>${title}</summary>${NEW_LINE}${// ⚠️ The blank line is needed to ensure Markdown in content is rendered correctly.
-  NEW_LINE}${content}${NEW_LINE}${// @TODO in the future we could consider adding it only if the content ends with a code block
-  // ⚠️ The blank line ensure Markdown in content is rendered correctly.
-  NEW_LINE}</details>${// ⚠️ The blank line is needed to ensure Markdown after details is rendered correctly.
-  NEW_LINE}`;
-}
-
-// packages/utils/src/lib/text-formats/html/font-style.ts
-var boldElement = "b";
-function bold(text) {
-  return `<${boldElement}>${text}</${boldElement}>`;
-}
-var italicElement = "i";
-function italic(text) {
-  return `<${italicElement}>${text}</${italicElement}>`;
-}
-var codeElement = "code";
-function code(text) {
-  return `<${codeElement}>${text}</${codeElement}>`;
-}
-
-// packages/utils/src/lib/text-formats/html/link.ts
-function link(href, text) {
-  return `<a href="${href}">${text || href}"</a>`;
-}
-
-// packages/utils/src/lib/transform.ts
-import { platform } from "node:os";
-function objectToKeys(obj) {
-  return Object.keys(obj);
-}
-function objectToEntries(obj) {
-  return Object.entries(obj);
-}
-function objectFromEntries(entries) {
-  return Object.fromEntries(entries);
-}
-function toUnixNewlines(text) {
-  return platform() === "win32" ? text.replace(/\r\n/g, "\n") : text;
-}
-function fromJsonLines(jsonLines) {
-  const unifiedNewLines = toUnixNewlines(jsonLines).trim();
-  return JSON.parse(`[${unifiedNewLines.split("\n").join(",")}]`);
-}
-function capitalize(text) {
-  return `${text.charAt(0).toLocaleUpperCase()}${text.slice(
-    1
-  )}`;
-}
-function apostrophize(text, upperCase) {
-  const lastCharMatch = text.match(/(\w)\W*$/);
-  const lastChar = lastCharMatch?.[1] ?? "";
-  return `${text}'${lastChar.toLocaleLowerCase() === "s" ? "" : upperCase ? "S" : "s"}`;
-}
-
-// packages/utils/src/lib/table.ts
-function rowToStringArray({ rows, columns = [] }) {
-  if (Array.isArray(rows.at(0)) && typeof columns.at(0) === "object") {
-    throw new TypeError(
-      "Column can`t be object when rows are primitive values"
-    );
-  }
-  return rows.map((row) => {
-    if (Array.isArray(row)) {
-      return row.map(String);
-    }
-    const objectRow = row;
-    if (columns.length === 0 || typeof columns.at(0) === "string") {
-      return Object.values(objectRow).map(String);
-    }
-    return columns.map(
-      ({ key }) => String(objectRow[key])
-    );
-  });
-}
-function columnsToStringArray({ rows, columns = [] }) {
-  const firstRow = rows.at(0);
-  const primitiveRows = Array.isArray(firstRow);
-  if (typeof columns.at(0) === "string" && !primitiveRows) {
-    throw new Error("invalid union type. Caught by model parsing.");
-  }
-  if (columns.length === 0) {
-    if (Array.isArray(firstRow)) {
-      return firstRow.map((_, idx) => String(idx));
-    }
-    return Object.keys(firstRow);
-  }
-  if (typeof columns.at(0) === "string") {
-    return columns.map(String);
-  }
-  const cols = columns;
-  return cols.map(({ label, key }) => label ?? capitalize(key));
-}
-function getColumnAlignmentForKeyAndIndex(targetKey, targetIdx, columns = []) {
-  const column = columns.at(targetIdx) ?? columns.find((col) => col.key === targetKey);
-  if (typeof column === "string") {
-    return column;
-  } else if (typeof column === "object") {
-    return column.align ?? "center";
-  } else {
-    return "center";
-  }
-}
-function getColumnAlignmentForIndex(targetIdx, columns = []) {
-  const column = columns.at(targetIdx);
-  if (column == null) {
-    return "center";
-  } else if (typeof column === "string") {
-    return column;
-  } else if (typeof column === "object") {
-    return column.align ?? "center";
-  } else {
-    return "center";
-  }
-}
-function getColumnAlignments({
-  rows,
-  columns = []
-}) {
-  if (rows.at(0) == null) {
-    throw new Error("first row can`t be undefined.");
-  }
-  if (Array.isArray(rows.at(0))) {
-    const firstPrimitiveRow = rows.at(0);
-    return Array.from({ length: firstPrimitiveRow.length }).map(
-      (_, idx) => getColumnAlignmentForIndex(idx, columns)
-    );
-  }
-  const firstObject = rows.at(0);
-  return Object.keys(firstObject).map(
-    (key, idx) => getColumnAlignmentForKeyAndIndex(key, idx, columns)
-  );
-}
-
-// packages/utils/src/lib/text-formats/html/table.ts
-function wrap(elem, content) {
-  return `<${elem}>${content}</${elem}>${NEW_LINE}`;
-}
-function wrapRow(content) {
-  const elem = "tr";
-  return `<${elem}>${NEW_LINE}${content}</${elem}>${NEW_LINE}`;
-}
-function table(tableData) {
-  if (tableData.rows.length === 0) {
-    throw new Error("Data can't be empty");
-  }
-  const tableHeaderCols = columnsToStringArray(tableData).map((s) => wrap("th", s)).join("");
-  const tableHeaderRow = wrapRow(tableHeaderCols);
-  const tableBody = rowToStringArray(tableData).map((arr) => {
-    const columns = arr.map((s) => wrap("td", s)).join("");
-    return wrapRow(columns);
-  }).join("");
-  return wrap("table", `${NEW_LINE}${tableHeaderRow}${tableBody}`);
-}
-
-// packages/utils/src/lib/text-formats/md/font-style.ts
-var boldWrap = "**";
-function bold2(text) {
-  return `${boldWrap}${text}${boldWrap}`;
-}
-var italicWrap = "_";
-function italic2(text) {
-  return `${italicWrap}${text}${italicWrap}`;
-}
-var strikeThroughWrap = "~";
-function strikeThrough(text) {
-  return `${strikeThroughWrap}${text}${strikeThroughWrap}`;
-}
-var codeWrap = "`";
-function code2(text) {
-  return `${codeWrap}${text}${codeWrap}`;
-}
-
-// packages/utils/src/lib/text-formats/md/headline.ts
-function headline(text, hierarchy = 1) {
-  return `${"#".repeat(hierarchy)} ${text}${NEW_LINE}`;
-}
-function h(text, hierarchy = 1) {
-  return headline(text, hierarchy);
-}
-function h1(text) {
-  return headline(text, 1);
-}
-function h2(text) {
-  return headline(text, 2);
-}
-function h3(text) {
-  return headline(text, 3);
-}
-function h4(text) {
-  return headline(text, 4);
-}
-function h5(text) {
-  return headline(text, 5);
-}
-function h6(text) {
-  return headline(text, 6);
-}
-
-// packages/utils/src/lib/text-formats/md/image.ts
-function image(src, alt) {
-  return `![${alt}](${src})`;
-}
-
-// packages/utils/src/lib/text-formats/md/link.ts
-function link2(href, text) {
-  return `[${text || href}](${href})`;
-}
-
-// packages/utils/src/lib/text-formats/md/list.ts
-function li(text, order = "unordered") {
-  const style = order === "unordered" ? "-" : "- [ ]";
-  return `${style} ${text}`;
-}
-function indentation(text, level = 1) {
-  return `${TAB.repeat(level)}${text}`;
-}
-
-// packages/utils/src/lib/text-formats/md/paragraphs.ts
-function paragraphs(...sections) {
-  return sections.filter(Boolean).join(`${NEW_LINE}${NEW_LINE}`);
-}
-
-// packages/utils/src/lib/text-formats/md/section.ts
-function section(...contents) {
-  return `${lines(...contents)}${NEW_LINE}`;
-}
-function lines(...contents) {
-  return `${contents.filter(Boolean).join(NEW_LINE)}`;
-}
-
-// packages/utils/src/lib/text-formats/md/table.ts
-var alignString = /* @__PURE__ */ new Map([
-  ["left", ":--"],
-  ["center", ":--:"],
-  ["right", "--:"]
-]);
-function tableRow(rows) {
-  return `|${rows.join("|")}|`;
-}
-function table2(data) {
-  if (data.rows.length === 0) {
-    throw new Error("Data can't be empty");
-  }
-  const alignmentRow = getColumnAlignments(data).map(
-    (s) => alignString.get(s) ?? String(alignString.get("center"))
-  );
-  return section(
-    `${lines(
-      tableRow(columnsToStringArray(data)),
-      tableRow(alignmentRow),
-      ...rowToStringArray(data).map(tableRow)
-    )}`
-  );
-}
-
-// packages/utils/src/lib/text-formats/index.ts
-var md = {
-  bold: bold2,
-  italic: italic2,
-  strikeThrough,
-  code: code2,
-  link: link2,
-  image,
-  headline,
-  h,
-  h1,
-  h2,
-  h3,
-  h4,
-  h5,
-  h6,
-  indentation,
-  lines,
-  li,
-  section,
-  paragraphs,
-  table: table2
-};
-var html = {
-  bold,
-  italic,
-  code,
-  link,
-  details,
-  table
-};
-
 // packages/models/src/lib/implementation/schemas.ts
 import { MATERIAL_ICONS } from "vscode-material-icons";
 import { z } from "zod";
@@ -405,6 +111,7 @@ var fileNameSchema = z.string().trim().regex(filenameRegex, {
 }).min(1, { message: "file name is invalid" });
 var positiveIntSchema = z.number().int().positive();
 var nonnegativeIntSchema = z.number().int().nonnegative();
+var nonnegativeNumberSchema = z.number().nonnegative();
 function packageVersionSchema(options) {
   const { versionDescription = "NPM version of the package", required } = options ?? {};
   const packageSchema = z.string({ description: "NPM package name" });
@@ -417,7 +124,7 @@ function packageVersionSchema(options) {
     { description: "NPM package name and version of a published package" }
   );
 }
-var weightSchema = nonnegativeIntSchema.describe(
+var weightSchema = nonnegativeNumberSchema.describe(
   "Coefficient for the given score (use weight 0 if only for display)"
 );
 function weightedRefSchema(description, slugDescription) {
@@ -559,7 +266,7 @@ var tableObjectSchema = tableSharedSchema.merge(
 var tableSchema = (description = "Table information") => z4.union([tablePrimitiveSchema, tableObjectSchema], { description });
 
 // packages/models/src/lib/audit-output.ts
-var auditValueSchema = nonnegativeIntSchema.describe("Raw numeric value");
+var auditValueSchema = nonnegativeNumberSchema.describe("Raw numeric value");
 var auditDisplayValueSchema = z5.string({ description: "Formatted value (e.g. '0.9 s', '2.1 MB')" }).optional();
 var auditDetailsSchema = z5.object(
   {
@@ -1004,79 +711,394 @@ function pluralize(text, amount) {
   if (amount != null && Math.abs(amount) === 1) {
     return text;
   }
-  if (text.endsWith("y")) {
-    return `${text.slice(0, -1)}ies`;
+  if (text.endsWith("y")) {
+    return `${text.slice(0, -1)}ies`;
+  }
+  if (text.endsWith("s")) {
+    return `${text}es`;
+  }
+  return `${text}s`;
+}
+
+// packages/utils/src/lib/guards.ts
+function isPromiseFulfilledResult(result) {
+  return result.status === "fulfilled";
+}
+function isPromiseRejectedResult(result) {
+  return result.status === "rejected";
+}
+
+// packages/utils/src/lib/logging.ts
+import isaacs_cliui from "@isaacs/cliui";
+import { cliui } from "@poppinss/cliui";
+import chalk from "chalk";
+
+// packages/utils/src/lib/reports/constants.ts
+var TERMINAL_WIDTH = 80;
+
+// packages/utils/src/lib/logging.ts
+var singletonUiInstance;
+function ui() {
+  if (singletonUiInstance === void 0) {
+    singletonUiInstance = cliui();
+  }
+  return {
+    ...singletonUiInstance,
+    row: (args) => {
+      logListItem(args);
+    }
+  };
+}
+var singletonisaacUi;
+function logListItem(args) {
+  if (singletonisaacUi === void 0) {
+    singletonisaacUi = isaacs_cliui({ width: TERMINAL_WIDTH });
+  }
+  singletonisaacUi.div(...args);
+  const content = singletonisaacUi.toString();
+  singletonisaacUi.rows = [];
+  singletonUiInstance?.logger.log(content);
+}
+
+// packages/utils/src/lib/file-system.ts
+async function readTextFile(path) {
+  const buffer = await readFile(path);
+  return buffer.toString();
+}
+async function readJsonFile(path) {
+  const text = await readTextFile(path);
+  return JSON.parse(text);
+}
+async function ensureDirectoryExists(baseDir) {
+  try {
+    await mkdir(baseDir, { recursive: true });
+    return;
+  } catch (error) {
+    ui().logger.info(error.message);
+    if (error.code !== "EEXIST") {
+      throw error;
+    }
+  }
+}
+function pluginWorkDir(slug) {
+  return join("node_modules", ".code-pushup", slug);
+}
+async function crawlFileSystem(options) {
+  const {
+    directory,
+    pattern,
+    fileTransform = (filePath) => filePath
+  } = options;
+  const files = await readdir(directory);
+  const promises = files.map(async (file) => {
+    const filePath = join(directory, file);
+    const stats = await stat(filePath);
+    if (stats.isDirectory()) {
+      return crawlFileSystem({ directory: filePath, pattern, fileTransform });
+    }
+    if (stats.isFile() && (!pattern || new RegExp(pattern).test(file))) {
+      return fileTransform(filePath);
+    }
+    return [];
+  });
+  const resultsNestedArray = await Promise.all(promises);
+  return resultsNestedArray.flat();
+}
+
+// packages/utils/src/lib/text-formats/constants.ts
+var NEW_LINE = "\n";
+var TAB = "  ";
+
+// packages/utils/src/lib/text-formats/html/details.ts
+function details(title, content, cfg = { open: false }) {
+  return `<details${cfg.open ? " open" : ""}>${NEW_LINE}<summary>${title}</summary>${NEW_LINE}${// ⚠️ The blank line is needed to ensure Markdown in content is rendered correctly.
+  NEW_LINE}${content}${NEW_LINE}${// @TODO in the future we could consider adding it only if the content ends with a code block
+  // ⚠️ The blank line ensure Markdown in content is rendered correctly.
+  NEW_LINE}</details>${// ⚠️ The blank line is needed to ensure Markdown after details is rendered correctly.
+  NEW_LINE}`;
+}
+
+// packages/utils/src/lib/text-formats/html/font-style.ts
+var boldElement = "b";
+function bold(text) {
+  return `<${boldElement}>${text}</${boldElement}>`;
+}
+var italicElement = "i";
+function italic(text) {
+  return `<${italicElement}>${text}</${italicElement}>`;
+}
+var codeElement = "code";
+function code(text) {
+  return `<${codeElement}>${text}</${codeElement}>`;
+}
+
+// packages/utils/src/lib/text-formats/html/link.ts
+function link(href, text) {
+  return `<a href="${href}">${text || href}"</a>`;
+}
+
+// packages/utils/src/lib/transform.ts
+import { platform } from "node:os";
+function objectToKeys(obj) {
+  return Object.keys(obj);
+}
+function objectToEntries(obj) {
+  return Object.entries(obj);
+}
+function objectFromEntries(entries) {
+  return Object.fromEntries(entries);
+}
+function toUnixNewlines(text) {
+  return platform() === "win32" ? text.replace(/\r\n/g, "\n") : text;
+}
+function fromJsonLines(jsonLines) {
+  const unifiedNewLines = toUnixNewlines(jsonLines).trim();
+  return JSON.parse(`[${unifiedNewLines.split("\n").join(",")}]`);
+}
+function capitalize(text) {
+  return `${text.charAt(0).toLocaleUpperCase()}${text.slice(
+    1
+  )}`;
+}
+function apostrophize(text, upperCase) {
+  const lastCharMatch = text.match(/(\w)\W*$/);
+  const lastChar = lastCharMatch?.[1] ?? "";
+  return `${text}'${lastChar.toLocaleLowerCase() === "s" ? "" : upperCase ? "S" : "s"}`;
+}
+
+// packages/utils/src/lib/table.ts
+function rowToStringArray({ rows, columns = [] }) {
+  if (Array.isArray(rows.at(0)) && typeof columns.at(0) === "object") {
+    throw new TypeError(
+      "Column can`t be object when rows are primitive values"
+    );
+  }
+  return rows.map((row) => {
+    if (Array.isArray(row)) {
+      return row.map(String);
+    }
+    const objectRow = row;
+    if (columns.length === 0 || typeof columns.at(0) === "string") {
+      return Object.values(objectRow).map(String);
+    }
+    return columns.map(
+      ({ key }) => String(objectRow[key])
+    );
+  });
+}
+function columnsToStringArray({ rows, columns = [] }) {
+  const firstRow = rows.at(0);
+  const primitiveRows = Array.isArray(firstRow);
+  if (typeof columns.at(0) === "string" && !primitiveRows) {
+    throw new Error("invalid union type. Caught by model parsing.");
+  }
+  if (columns.length === 0) {
+    if (Array.isArray(firstRow)) {
+      return firstRow.map((_, idx) => String(idx));
+    }
+    return Object.keys(firstRow);
+  }
+  if (typeof columns.at(0) === "string") {
+    return columns.map(String);
   }
-  if (text.endsWith("s")) {
-    return `${text}es`;
+  const cols = columns;
+  return cols.map(({ label, key }) => label ?? capitalize(key));
+}
+function getColumnAlignmentForKeyAndIndex(targetKey, targetIdx, columns = []) {
+  const column = columns.at(targetIdx) ?? columns.find((col) => col.key === targetKey);
+  if (typeof column === "string") {
+    return column;
+  } else if (typeof column === "object") {
+    return column.align ?? "center";
+  } else {
+    return "center";
   }
-  return `${text}s`;
+}
+function getColumnAlignmentForIndex(targetIdx, columns = []) {
+  const column = columns.at(targetIdx);
+  if (column == null) {
+    return "center";
+  } else if (typeof column === "string") {
+    return column;
+  } else if (typeof column === "object") {
+    return column.align ?? "center";
+  } else {
+    return "center";
+  }
+}
+function getColumnAlignments({
+  rows,
+  columns = []
+}) {
+  if (rows.at(0) == null) {
+    throw new Error("first row can`t be undefined.");
+  }
+  if (Array.isArray(rows.at(0))) {
+    const firstPrimitiveRow = rows.at(0);
+    return Array.from({ length: firstPrimitiveRow.length }).map(
+      (_, idx) => getColumnAlignmentForIndex(idx, columns)
+    );
+  }
+  const firstObject = rows.at(0);
+  return Object.keys(firstObject).map(
+    (key, idx) => getColumnAlignmentForKeyAndIndex(key, idx, columns)
+  );
 }
 
-// packages/utils/src/lib/guards.ts
-function isPromiseFulfilledResult(result) {
-  return result.status === "fulfilled";
+// packages/utils/src/lib/text-formats/html/table.ts
+function wrap(elem, content) {
+  return `<${elem}>${content}</${elem}>${NEW_LINE}`;
 }
-function isPromiseRejectedResult(result) {
-  return result.status === "rejected";
+function wrapRow(content) {
+  const elem = "tr";
+  return `<${elem}>${NEW_LINE}${content}</${elem}>${NEW_LINE}`;
+}
+function table(tableData) {
+  if (tableData.rows.length === 0) {
+    throw new Error("Data can't be empty");
+  }
+  const tableHeaderCols = columnsToStringArray(tableData).map((s) => wrap("th", s)).join("");
+  const tableHeaderRow = wrapRow(tableHeaderCols);
+  const tableBody = rowToStringArray(tableData).map((arr) => {
+    const columns = arr.map((s) => wrap("td", s)).join("");
+    return wrapRow(columns);
+  }).join("");
+  return wrap("table", `${NEW_LINE}${tableHeaderRow}${tableBody}`);
 }
 
-// packages/utils/src/lib/logging.ts
-import isaacs_cliui from "@isaacs/cliui";
-import { cliui } from "@poppinss/cliui";
-import chalk from "chalk";
+// packages/utils/src/lib/text-formats/md/font-style.ts
+var boldWrap = "**";
+function bold2(text) {
+  return `${boldWrap}${text}${boldWrap}`;
+}
+var italicWrap = "_";
+function italic2(text) {
+  return `${italicWrap}${text}${italicWrap}`;
+}
+var strikeThroughWrap = "~";
+function strikeThrough(text) {
+  return `${strikeThroughWrap}${text}${strikeThroughWrap}`;
+}
+var codeWrap = "`";
+function code2(text) {
+  return `${codeWrap}${text}${codeWrap}`;
+}
 
-// packages/utils/src/lib/reports/constants.ts
-var TERMINAL_WIDTH = 80;
+// packages/utils/src/lib/text-formats/md/headline.ts
+function headline(text, hierarchy = 1) {
+  return `${"#".repeat(hierarchy)} ${text}${NEW_LINE}`;
+}
+function h(text, hierarchy = 1) {
+  return headline(text, hierarchy);
+}
+function h1(text) {
+  return headline(text, 1);
+}
+function h2(text) {
+  return headline(text, 2);
+}
+function h3(text) {
+  return headline(text, 3);
+}
+function h4(text) {
+  return headline(text, 4);
+}
+function h5(text) {
+  return headline(text, 5);
+}
+function h6(text) {
+  return headline(text, 6);
+}
 
-// packages/utils/src/lib/logging.ts
-var singletonUiInstance;
-function ui() {
-  if (singletonUiInstance === void 0) {
-    singletonUiInstance = cliui();
-  }
-  return {
-    ...singletonUiInstance,
-    row: (args) => {
-      logListItem(args);
-    }
-  };
+// packages/utils/src/lib/text-formats/md/image.ts
+function image(src, alt) {
+  return `![${alt}](${src})`;
 }
-var singletonisaacUi;
-function logListItem(args) {
-  if (singletonisaacUi === void 0) {
-    singletonisaacUi = isaacs_cliui({ width: TERMINAL_WIDTH });
-  }
-  singletonisaacUi.div(...args);
-  const content = singletonisaacUi.toString();
-  singletonisaacUi.rows = [];
-  singletonUiInstance?.logger.log(content);
+
+// packages/utils/src/lib/text-formats/md/link.ts
+function link2(href, text) {
+  return `[${text || href}](${href})`;
 }
 
-// packages/utils/src/lib/file-system.ts
-async function readTextFile(path) {
-  const buffer = await readFile(path);
-  return buffer.toString();
+// packages/utils/src/lib/text-formats/md/list.ts
+function li(text, order = "unordered") {
+  const style = order === "unordered" ? "-" : "- [ ]";
+  return `${style} ${text}`;
 }
-async function readJsonFile(path) {
-  const text = await readTextFile(path);
-  return JSON.parse(text);
+function indentation(text, level = 1) {
+  return `${TAB.repeat(level)}${text}`;
 }
-async function ensureDirectoryExists(baseDir) {
-  try {
-    await mkdir(baseDir, { recursive: true });
-    return;
-  } catch (error) {
-    ui().logger.info(error.message);
-    if (error.code !== "EEXIST") {
-      throw error;
-    }
-  }
+
+// packages/utils/src/lib/text-formats/md/paragraphs.ts
+function paragraphs(...sections) {
+  return sections.filter(Boolean).join(`${NEW_LINE}${NEW_LINE}`);
 }
-function pluginWorkDir(slug) {
-  return join("node_modules", ".code-pushup", slug);
+
+// packages/utils/src/lib/text-formats/md/section.ts
+function section(...contents) {
+  return `${lines(...contents)}${NEW_LINE}`;
+}
+function lines(...contents) {
+  return `${contents.filter(Boolean).join(NEW_LINE)}`;
+}
+
+// packages/utils/src/lib/text-formats/md/table.ts
+var alignString = /* @__PURE__ */ new Map([
+  ["left", ":--"],
+  ["center", ":--:"],
+  ["right", "--:"]
+]);
+function tableRow(rows) {
+  return `|${rows.join("|")}|`;
+}
+function table2(data) {
+  if (data.rows.length === 0) {
+    throw new Error("Data can't be empty");
+  }
+  const alignmentRow = getColumnAlignments(data).map(
+    (s) => alignString.get(s) ?? String(alignString.get("center"))
+  );
+  return section(
+    `${lines(
+      tableRow(columnsToStringArray(data)),
+      tableRow(alignmentRow),
+      ...rowToStringArray(data).map(tableRow)
+    )}`
+  );
 }
 
+// packages/utils/src/lib/text-formats/index.ts
+var md = {
+  bold: bold2,
+  italic: italic2,
+  strikeThrough,
+  code: code2,
+  link: link2,
+  image,
+  headline,
+  h,
+  h1,
+  h2,
+  h3,
+  h4,
+  h5,
+  h6,
+  indentation,
+  lines,
+  li,
+  section,
+  paragraphs,
+  table: table2
+};
+var html = {
+  bold,
+  italic,
+  code,
+  link,
+  details,
+  table
+};
+
 // packages/utils/src/lib/reports/utils.ts
 var { image: image2, bold: boldMd } = md;
 function calcDuration(start, stop) {
@@ -1194,6 +1216,12 @@ var packageManagerIdSchema = z16.enum([
   "yarn-modern",
   "pnpm"
 ]);
+var packageJsonPathSchema = z16.union([
+  z16.array(z16.string()).min(1),
+  z16.object({ autoSearch: z16.literal(true) })
+]).describe(
+  "File paths to package.json. Looks only at root package.json by default"
+).default(["package.json"]);
 var packageAuditLevels = [
   "critical",
   "high",
@@ -1222,9 +1250,19 @@ var jsPackagesPluginConfigSchema = z16.object({
   auditLevelMapping: z16.record(packageAuditLevelSchema, issueSeveritySchema, {
     description: "Mapping of audit levels to issue severity. Custom mapping or overrides may be entered manually, otherwise has a default preset."
   }).default(defaultAuditLevelMapping).transform(fillAuditLevelMapping),
-  packageJsonPath: z16.string().describe("File path to package.json. Defaults to current folder.").default("package.json")
+  packageJsonPaths: packageJsonPathSchema
 });
 
+// packages/plugin-js-packages/src/lib/runner/utils.ts
+import { sep } from "node:path";
+
+// packages/plugin-js-packages/src/lib/runner/outdated/types.ts
+var dependencyGroupLong = [
+  "dependencies",
+  "devDependencies",
+  "optionalDependencies"
+];
+
 // packages/plugin-js-packages/src/lib/runner/utils.ts
 function filterAuditResult(result, key, referenceResult) {
   if (result.vulnerabilities.length === 0) {
@@ -1256,13 +1294,35 @@ function filterAuditResult(result, key, referenceResult) {
     summary: uniqueResult.summary
   };
 }
-async function getTotalDependencies(packageJsonPath) {
-  const packageJson = await readJsonFile(packageJsonPath);
+async function findAllPackageJson() {
+  return (await crawlFileSystem({
+    directory: ".",
+    pattern: /(^|[\\/])package\.json$/
+  })).filter(
+    (path) => !path.startsWith(`node_modules${sep}`) && !path.includes(`${sep}node_modules${sep}`) && !path.startsWith(`.nx${sep}`)
+  );
+}
+async function getTotalDependencies(packageJsonPaths) {
+  const parsedDeps = await Promise.all(
+    packageJsonPaths.map(readJsonFile)
+  );
+  const mergedDeps = parsedDeps.reduce(
+    (acc, depMapper) => objectFromEntries(
+      dependencyGroupLong.map((group) => {
+        const deps = depMapper[group];
+        return [
+          group,
+          [...acc[group], ...deps == null ? [] : objectToKeys(deps)]
+        ];
+      })
+    ),
+    { dependencies: [], devDependencies: [], optionalDependencies: [] }
+  );
   return objectFromEntries(
-    dependencyGroups.map((depGroup) => {
-      const deps = packageJson[dependencyGroupToLong[depGroup]];
-      return [depGroup, deps == null ? 0 : objectToKeys(deps).length];
-    })
+    objectToKeys(mergedDeps).map((deps) => [
+      deps,
+      new Set(mergedDeps[deps]).size
+    ])
   );
 }
 
@@ -1872,32 +1932,36 @@ async function executeRunner() {
     packageManager,
     checks,
     auditLevelMapping,
-    packageJsonPath,
+    packageJsonPaths,
     dependencyGroups: depGroups
   } = await readJsonFile(PLUGIN_CONFIG_PATH);
   const auditResults = checks.includes("audit") ? await processAudit(packageManager, depGroups, auditLevelMapping) : [];
-  const outdatedResults = checks.includes("outdated") ? await processOutdated(packageManager, depGroups, packageJsonPath) : [];
+  const outdatedResults = checks.includes("outdated") ? await processOutdated(packageManager, depGroups, packageJsonPaths) : [];
   const checkResults = [...auditResults, ...outdatedResults];
   await ensureDirectoryExists(dirname(RUNNER_OUTPUT_PATH));
   await writeFile(RUNNER_OUTPUT_PATH, JSON.stringify(checkResults));
 }
-async function processOutdated(id, depGroups, packageJsonPath) {
+async function processOutdated(id, depGroups, packageJsonPaths) {
   const pm = packageManagers[id];
-  const { stdout } = await executeProcess({
+  const { stdout, stderr } = await executeProcess({
     command: pm.command,
     args: pm.outdated.commandArgs,
     cwd: process.cwd(),
     ignoreExitCode: true
     // outdated returns exit code 1 when outdated dependencies are found
   });
-  const depTotals = await getTotalDependencies(packageJsonPath);
+  if (stderr) {
+    throw new Error(`JS packages plugin: outdated error: ${stderr}`);
+  }
+  const finalPaths = Array.isArray(packageJsonPaths) ? packageJsonPaths : await findAllPackageJson();
+  const depTotals = await getTotalDependencies(finalPaths);
   const normalizedResult = pm.outdated.unifyResult(stdout);
   return depGroups.map(
     (depGroup) => outdatedResultToAuditOutput(
       normalizedResult,
       id,
       depGroup,
-      depTotals[depGroup]
+      depTotals[dependencyGroupToLong[depGroup]]
     )
   );
 }
@@ -1910,12 +1974,15 @@ async function processAudit(id, depGroups, auditLevelMapping) {
   const auditResults = await Promise.allSettled(
     compatibleAuditDepGroups.map(
       async (depGroup) => {
-        const { stdout } = await executeProcess({
+        const { stdout, stderr } = await executeProcess({
           command: pm.command,
           args: pm.audit.getCommandArgs(depGroup),
           cwd: process.cwd(),
           ignoreExitCode: pm.audit.ignoreExitCode
         });
+        if (stderr) {
+          throw new Error(`JS packages plugin: audit error: ${stderr}`);
+        }
         return [depGroup, pm.audit.unifyResult(stdout)];
       }
     )

package/index.js

@@ -4,7 +4,7 @@ import { fileURLToPath } from "node:url";
 
 // packages/plugin-js-packages/package.json
 var name = "@code-pushup/js-packages-plugin";
-var version = "0.45.0";
+var version = "0.45.1";
 
 // packages/plugin-js-packages/src/lib/config.ts
 import { z as z16 } from "zod";
@@ -118,6 +118,7 @@ var fileNameSchema = z.string().trim().regex(filenameRegex, {
 }).min(1, { message: "file name is invalid" });
 var positiveIntSchema = z.number().int().positive();
 var nonnegativeIntSchema = z.number().int().nonnegative();
+var nonnegativeNumberSchema = z.number().nonnegative();
 function packageVersionSchema(options) {
   const { versionDescription = "NPM version of the package", required } = options ?? {};
   const packageSchema = z.string({ description: "NPM package name" });
@@ -130,7 +131,7 @@ function packageVersionSchema(options) {
     { description: "NPM package name and version of a published package" }
   );
 }
-var weightSchema = nonnegativeIntSchema.describe(
+var weightSchema = nonnegativeNumberSchema.describe(
   "Coefficient for the given score (use weight 0 if only for display)"
 );
 function weightedRefSchema(description, slugDescription) {
@@ -272,7 +273,7 @@ var tableObjectSchema = tableSharedSchema.merge(
 var tableSchema = (description = "Table information") => z4.union([tablePrimitiveSchema, tableObjectSchema], { description });
 
 // packages/models/src/lib/audit-output.ts
-var auditValueSchema = nonnegativeIntSchema.describe("Raw numeric value");
+var auditValueSchema = nonnegativeNumberSchema.describe("Raw numeric value");
 var auditDisplayValueSchema = z5.string({ description: "Formatted value (e.g. '0.9 s', '2.1 MB')" }).optional();
 var auditDetailsSchema = z5.object(
   {
@@ -737,6 +738,12 @@ var packageManagerIdSchema = z16.enum([
   "yarn-modern",
   "pnpm"
 ]);
+var packageJsonPathSchema = z16.union([
+  z16.array(z16.string()).min(1),
+  z16.object({ autoSearch: z16.literal(true) })
+]).describe(
+  "File paths to package.json. Looks only at root package.json by default"
+).default(["package.json"]);
 var packageAuditLevels = [
   "critical",
   "high",
@@ -765,9 +772,66 @@ var jsPackagesPluginConfigSchema = z16.object({
   auditLevelMapping: z16.record(packageAuditLevelSchema, issueSeveritySchema, {
     description: "Mapping of audit levels to issue severity. Custom mapping or overrides may be entered manually, otherwise has a default preset."
   }).default(defaultAuditLevelMapping).transform(fillAuditLevelMapping),
-  packageJsonPath: z16.string().describe("File path to package.json. Defaults to current folder.").default("package.json")
+  packageJsonPaths: packageJsonPathSchema
 });
 
+// packages/utils/src/lib/file-system.ts
+import { bundleRequire } from "bundle-require";
+import chalk2 from "chalk";
+import { mkdir, readFile, readdir, rm, stat } from "node:fs/promises";
+import { join } from "node:path";
+
+// packages/utils/src/lib/logging.ts
+import isaacs_cliui from "@isaacs/cliui";
+import { cliui } from "@poppinss/cliui";
+import chalk from "chalk";
+
+// packages/utils/src/lib/reports/constants.ts
+var TERMINAL_WIDTH = 80;
+
+// packages/utils/src/lib/logging.ts
+var singletonUiInstance;
+function ui() {
+  if (singletonUiInstance === void 0) {
+    singletonUiInstance = cliui();
+  }
+  return {
+    ...singletonUiInstance,
+    row: (args) => {
+      logListItem(args);
+    }
+  };
+}
+var singletonisaacUi;
+function logListItem(args) {
+  if (singletonisaacUi === void 0) {
+    singletonisaacUi = isaacs_cliui({ width: TERMINAL_WIDTH });
+  }
+  singletonisaacUi.div(...args);
+  const content = singletonisaacUi.toString();
+  singletonisaacUi.rows = [];
+  singletonUiInstance?.logger.log(content);
+}
+
+// packages/utils/src/lib/file-system.ts
+async function ensureDirectoryExists(baseDir) {
+  try {
+    await mkdir(baseDir, { recursive: true });
+    return;
+  } catch (error) {
+    ui().logger.info(error.message);
+    if (error.code !== "EEXIST") {
+      throw error;
+    }
+  }
+}
+function pluginWorkDir(slug) {
+  return join("node_modules", ".code-pushup", slug);
+}
+function filePathToCliArg(path) {
+  return `"${path}"`;
+}
+
 // packages/utils/src/lib/text-formats/constants.ts
 var NEW_LINE = "\n";
 var TAB = "  ";
@@ -1057,60 +1121,6 @@ var html = {
   table
 };
 
-// packages/utils/src/lib/file-system.ts
-import { bundleRequire } from "bundle-require";
-import chalk2 from "chalk";
-import { mkdir, readFile, readdir, rm, stat } from "node:fs/promises";
-import { join } from "node:path";
-
-// packages/utils/src/lib/logging.ts
-import isaacs_cliui from "@isaacs/cliui";
-import { cliui } from "@poppinss/cliui";
-import chalk from "chalk";
-
-// packages/utils/src/lib/reports/constants.ts
-var TERMINAL_WIDTH = 80;
-
-// packages/utils/src/lib/logging.ts
-var singletonUiInstance;
-function ui() {
-  if (singletonUiInstance === void 0) {
-    singletonUiInstance = cliui();
-  }
-  return {
-    ...singletonUiInstance,
-    row: (args) => {
-      logListItem(args);
-    }
-  };
-}
-var singletonisaacUi;
-function logListItem(args) {
-  if (singletonisaacUi === void 0) {
-    singletonisaacUi = isaacs_cliui({ width: TERMINAL_WIDTH });
-  }
-  singletonisaacUi.div(...args);
-  const content = singletonisaacUi.toString();
-  singletonisaacUi.rows = [];
-  singletonUiInstance?.logger.log(content);
-}
-
-// packages/utils/src/lib/file-system.ts
-async function ensureDirectoryExists(baseDir) {
-  try {
-    await mkdir(baseDir, { recursive: true });
-    return;
-  } catch (error) {
-    ui().logger.info(error.message);
-    if (error.code !== "EEXIST") {
-      throw error;
-    }
-  }
-}
-function pluginWorkDir(slug) {
-  return join("node_modules", ".code-pushup", slug);
-}
-
 // packages/utils/src/lib/reports/utils.ts
 var { image: image2, bold: boldMd } = md;
 
@@ -1668,7 +1678,7 @@ async function createRunnerConfig(scriptPath, config) {
   await writeFile(PLUGIN_CONFIG_PATH, JSON.stringify(config));
   return {
     command: "node",
-    args: [scriptPath],
+    args: [filePathToCliArg(scriptPath)],
     outputFile: RUNNER_OUTPUT_PATH
   };
 }

package/package.json

@@ -1,9 +1,9 @@
 {
   "name": "@code-pushup/js-packages-plugin",
-  "version": "0.45.0",
+  "version": "0.45.1",
   "dependencies": {
-    "@code-pushup/models": "0.45.0",
-    "@code-pushup/utils": "0.45.0",
+    "@code-pushup/models": "0.45.1",
+    "@code-pushup/utils": "0.45.1",
     "semver": "^7.6.0",
     "zod": "^3.22.4"
   },

package/src/lib/config.d.ts

@@ -6,6 +6,14 @@ declare const packageCommandSchema: z.ZodEnum<["audit", "outdated"]>;
 export type PackageCommand = z.infer<typeof packageCommandSchema>;
 declare const packageManagerIdSchema: z.ZodEnum<["npm", "yarn-classic", "yarn-modern", "pnpm"]>;
 export type PackageManagerId = z.infer<typeof packageManagerIdSchema>;
+declare const packageJsonPathSchema: z.ZodDefault<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodObject<{
+    autoSearch: z.ZodLiteral<true>;
+}, "strip", z.ZodTypeAny, {
+    autoSearch: true;
+}, {
+    autoSearch: true;
+}>]>>;
+export type PackageJsonPaths = z.infer<typeof packageJsonPathSchema>;
 export declare const packageAuditLevels: readonly ["critical", "high", "moderate", "low", "info"];
 declare const packageAuditLevelSchema: z.ZodEnum<["critical", "high", "moderate", "low", "info"]>;
 export type PackageAuditLevel = z.infer<typeof packageAuditLevelSchema>;
@@ -16,19 +24,31 @@ export declare const jsPackagesPluginConfigSchema: z.ZodObject<{
     packageManager: z.ZodEnum<["npm", "yarn-classic", "yarn-modern", "pnpm"]>;
     dependencyGroups: z.ZodDefault<z.ZodArray<z.ZodEnum<["prod", "dev", "optional"]>, "many">>;
     auditLevelMapping: z.ZodEffects<z.ZodDefault<z.ZodRecord<z.ZodEnum<["critical", "high", "moderate", "low", "info"]>, z.ZodEnum<["info", "warning", "error"]>>>, AuditSeverity, Partial<Record<"info" | "critical" | "high" | "moderate" | "low", "error" | "info" | "warning">> | undefined>;
-    packageJsonPath: z.ZodDefault<z.ZodString>;
+    packageJsonPaths: z.ZodDefault<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodObject<{
+        autoSearch: z.ZodLiteral<true>;
+    }, "strip", z.ZodTypeAny, {
+        autoSearch: true;
+    }, {
+        autoSearch: true;
+    }>]>>;
 }, "strip", z.ZodTypeAny, {
     checks: ("audit" | "outdated")[];
     packageManager: "npm" | "pnpm" | "yarn-classic" | "yarn-modern";
     dependencyGroups: ("prod" | "dev" | "optional")[];
     auditLevelMapping: AuditSeverity;
-    packageJsonPath: string;
+    packageJsonPaths: (string[] | {
+        autoSearch: true;
+    }) & (string[] | {
+        autoSearch: true;
+    } | undefined);
 }, {
     packageManager: "npm" | "pnpm" | "yarn-classic" | "yarn-modern";
     checks?: ("audit" | "outdated")[] | undefined;
     dependencyGroups?: ("prod" | "dev" | "optional")[] | undefined;
     auditLevelMapping?: Partial<Record<"info" | "critical" | "high" | "moderate" | "low", "error" | "info" | "warning">> | undefined;
-    packageJsonPath?: string | undefined;
+    packageJsonPaths?: string[] | {
+        autoSearch: true;
+    } | undefined;
 }>;
 export type JSPackagesPluginConfig = z.input<typeof jsPackagesPluginConfigSchema>;
 export type FinalJSPackagesPluginConfig = z.infer<typeof jsPackagesPluginConfigSchema>;

package/src/lib/runner/outdated/types.d.ts

@@ -4,6 +4,7 @@ export declare const dependencyGroupLong: readonly ["dependencies", "devDependen
 export type DependencyGroupLong = (typeof dependencyGroupLong)[number];
 type PackageJsonDependencies = Record<string, string>;
 export type PackageJson = Partial<Record<DependencyGroupLong, PackageJsonDependencies>>;
+export type DependencyTotals = Record<DependencyGroupLong, number>;
 export type OutdatedDependency = {
     name: string;
     current: string;

package/src/lib/runner/utils.d.ts

@@ -1,3 +1,5 @@
 import { AuditResult, Vulnerability } from './audit/types';
+import { DependencyTotals } from './outdated/types';
 export declare function filterAuditResult(result: AuditResult, key: keyof Vulnerability, referenceResult?: AuditResult): AuditResult;
-export declare function getTotalDependencies(packageJsonPath: string): Promise<Record<"prod" | "dev" | "optional", number>>;
+export declare function findAllPackageJson(): Promise<string[]>;
+export declare function getTotalDependencies(packageJsonPaths: string[]): Promise<DependencyTotals>;