@code-pushup/js-packages-plugin 0.65.3 → 0.66.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/package.json +3 -3
- package/src/lib/config.d.ts +5 -21
- package/src/lib/config.js +5 -7
- package/src/lib/config.js.map +1 -1
- package/src/lib/package-managers/npm/outdated-result.js +3 -5
- package/src/lib/package-managers/npm/outdated-result.js.map +1 -1
- package/src/lib/package-managers/npm/types.d.ts +1 -3
- package/src/lib/runner/index.js +9 -13
- package/src/lib/runner/index.js.map +1 -1
- package/src/lib/runner/utils.d.ts +1 -2
- package/src/lib/runner/utils.js +7 -20
- package/src/lib/runner/utils.js.map +1 -1
- package/src/lib/utils.d.ts +1 -3
package/README.md
CHANGED
|
@@ -113,7 +113,7 @@ The plugin accepts the following parameters:
|
|
|
113
113
|
- `packageManager`: The package manager you are using. Supported values: `npm`, `yarn-classic` (v1), `yarn-modern` (v2+), `pnpm`.
|
|
114
114
|
- (optional) `checks`: Array of checks to be run. Supported commands: `audit`, `outdated`. Both are configured by default.
|
|
115
115
|
- (optional) `dependencyGroups`: Array of dependency groups to be checked. `prod` and `dev` are configured by default. `optional` are opt-in.
|
|
116
|
-
- (optional) `
|
|
116
|
+
- (optional) `packageJsonPath`: File path to `package.json`. Root `package.json` at CWD is used by default.
|
|
117
117
|
- (optional) `auditLevelMapping`: If you wish to set a custom level of issue severity based on audit vulnerability level, you may do so here. Any omitted values will be filled in by defaults. Audit levels are: `critical`, `high`, `moderate`, `low` and `info`. Issue severities are: `error`, `warn` and `info`. By default the mapping is as follows: `critical` and `high` → `error`; `moderate` and `low` → `warning`; `info` → `info`.
|
|
118
118
|
|
|
119
119
|
### Audits and group
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@code-pushup/js-packages-plugin",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.66.1",
|
|
4
4
|
"description": "Code PushUp plugin for JavaScript packages 🛡️",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"homepage": "https://github.com/code-pushup/cli/tree/main/packages/plugin-js-packages#readme",
|
|
@@ -37,8 +37,8 @@
|
|
|
37
37
|
},
|
|
38
38
|
"type": "module",
|
|
39
39
|
"dependencies": {
|
|
40
|
-
"@code-pushup/models": "0.
|
|
41
|
-
"@code-pushup/utils": "0.
|
|
40
|
+
"@code-pushup/models": "0.66.1",
|
|
41
|
+
"@code-pushup/utils": "0.66.1",
|
|
42
42
|
"build-md": "^0.4.1",
|
|
43
43
|
"semver": "^7.6.0",
|
|
44
44
|
"yargs": "^17.7.2",
|
package/src/lib/config.d.ts
CHANGED
|
@@ -6,14 +6,8 @@ declare const packageCommandSchema: z.ZodEnum<["audit", "outdated"]>;
|
|
|
6
6
|
export type PackageCommand = z.infer<typeof packageCommandSchema>;
|
|
7
7
|
declare const packageManagerIdSchema: z.ZodEnum<["npm", "yarn-classic", "yarn-modern", "pnpm"]>;
|
|
8
8
|
export type PackageManagerId = z.infer<typeof packageManagerIdSchema>;
|
|
9
|
-
declare const packageJsonPathSchema: z.ZodDefault<z.
|
|
10
|
-
|
|
11
|
-
}, "strip", z.ZodTypeAny, {
|
|
12
|
-
autoSearch: true;
|
|
13
|
-
}, {
|
|
14
|
-
autoSearch: true;
|
|
15
|
-
}>]>>;
|
|
16
|
-
export type PackageJsonPaths = z.infer<typeof packageJsonPathSchema>;
|
|
9
|
+
declare const packageJsonPathSchema: z.ZodDefault<z.ZodString>;
|
|
10
|
+
export type PackageJsonPath = z.infer<typeof packageJsonPathSchema>;
|
|
17
11
|
export declare const packageAuditLevels: readonly ["critical", "high", "moderate", "low", "info"];
|
|
18
12
|
declare const packageAuditLevelSchema: z.ZodEnum<["critical", "high", "moderate", "low", "info"]>;
|
|
19
13
|
export type PackageAuditLevel = z.infer<typeof packageAuditLevelSchema>;
|
|
@@ -24,29 +18,19 @@ export declare const jsPackagesPluginConfigSchema: z.ZodObject<{
|
|
|
24
18
|
packageManager: z.ZodOptional<z.ZodEnum<["npm", "yarn-classic", "yarn-modern", "pnpm"]>>;
|
|
25
19
|
dependencyGroups: z.ZodDefault<z.ZodArray<z.ZodEnum<["prod", "dev", "optional"]>, "many">>;
|
|
26
20
|
auditLevelMapping: z.ZodEffects<z.ZodDefault<z.ZodRecord<z.ZodEnum<["critical", "high", "moderate", "low", "info"]>, z.ZodEnum<["info", "warning", "error"]>>>, AuditSeverity, Partial<Record<"critical" | "high" | "moderate" | "low" | "info", "info" | "warning" | "error">> | undefined>;
|
|
27
|
-
|
|
28
|
-
autoSearch: z.ZodLiteral<true>;
|
|
29
|
-
}, "strip", z.ZodTypeAny, {
|
|
30
|
-
autoSearch: true;
|
|
31
|
-
}, {
|
|
32
|
-
autoSearch: true;
|
|
33
|
-
}>]>>;
|
|
21
|
+
packageJsonPath: z.ZodDefault<z.ZodString>;
|
|
34
22
|
}, "strip", z.ZodTypeAny, {
|
|
35
23
|
checks: ("audit" | "outdated")[];
|
|
36
24
|
dependencyGroups: ("prod" | "dev" | "optional")[];
|
|
37
25
|
auditLevelMapping: AuditSeverity;
|
|
38
|
-
|
|
39
|
-
autoSearch: true;
|
|
40
|
-
};
|
|
26
|
+
packageJsonPath: string;
|
|
41
27
|
packageManager?: "npm" | "yarn-classic" | "yarn-modern" | "pnpm" | undefined;
|
|
42
28
|
}, {
|
|
43
29
|
checks?: ("audit" | "outdated")[] | undefined;
|
|
44
30
|
packageManager?: "npm" | "yarn-classic" | "yarn-modern" | "pnpm" | undefined;
|
|
45
31
|
dependencyGroups?: ("prod" | "dev" | "optional")[] | undefined;
|
|
46
32
|
auditLevelMapping?: Partial<Record<"critical" | "high" | "moderate" | "low" | "info", "info" | "warning" | "error">> | undefined;
|
|
47
|
-
|
|
48
|
-
autoSearch: true;
|
|
49
|
-
} | undefined;
|
|
33
|
+
packageJsonPath?: string | undefined;
|
|
50
34
|
}>;
|
|
51
35
|
export type JSPackagesPluginConfig = z.input<typeof jsPackagesPluginConfigSchema>;
|
|
52
36
|
export type FinalJSPackagesPluginConfig = Required<z.infer<typeof jsPackagesPluginConfigSchema>>;
|
package/src/lib/config.js
CHANGED
|
@@ -11,12 +11,10 @@ const packageManagerIdSchema = z.enum([
|
|
|
11
11
|
'pnpm',
|
|
12
12
|
]);
|
|
13
13
|
const packageJsonPathSchema = z
|
|
14
|
-
.
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
.describe('File paths to package.json. Looks only at root package.json by default')
|
|
19
|
-
.default(['package.json']);
|
|
14
|
+
.string()
|
|
15
|
+
.regex(/package\.json$/, 'File path must end with package.json')
|
|
16
|
+
.describe('File path to package.json, tries to use root package.json at CWD by default')
|
|
17
|
+
.default('package.json');
|
|
20
18
|
export const packageAuditLevels = [
|
|
21
19
|
'critical',
|
|
22
20
|
'high',
|
|
@@ -54,6 +52,6 @@ export const jsPackagesPluginConfigSchema = z.object({
|
|
|
54
52
|
})
|
|
55
53
|
.default(defaultAuditLevelMapping)
|
|
56
54
|
.transform(fillAuditLevelMapping),
|
|
57
|
-
|
|
55
|
+
packageJsonPath: packageJsonPathSchema,
|
|
58
56
|
});
|
|
59
57
|
//# sourceMappingURL=config.js.map
|
package/src/lib/config.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../../../packages/plugin-js-packages/src/lib/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAsB,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC9E,OAAO,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAE1D,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,UAAU,CAAU,CAAC;AACrE,MAAM,qBAAqB,GAAG,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;AAGvD,MAAM,oBAAoB,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC;AAG3D,MAAM,sBAAsB,GAAG,CAAC,CAAC,IAAI,CAAC;IACpC,KAAK;IACL,cAAc;IACd,aAAa;IACb,MAAM;CACP,CAAC,CAAC;AAGH,MAAM,qBAAqB,GAAG,CAAC;KAC5B,
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../../../packages/plugin-js-packages/src/lib/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAsB,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC9E,OAAO,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAE1D,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,UAAU,CAAU,CAAC;AACrE,MAAM,qBAAqB,GAAG,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;AAGvD,MAAM,oBAAoB,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC;AAG3D,MAAM,sBAAsB,GAAG,CAAC,CAAC,IAAI,CAAC;IACpC,KAAK;IACL,cAAc;IACd,aAAa;IACb,MAAM;CACP,CAAC,CAAC;AAGH,MAAM,qBAAqB,GAAG,CAAC;KAC5B,MAAM,EAAE;KACR,KAAK,CAAC,gBAAgB,EAAE,sCAAsC,CAAC;KAC/D,QAAQ,CACP,6EAA6E,CAC9E;KACA,OAAO,CAAC,cAAc,CAAC,CAAC;AAI3B,MAAM,CAAC,MAAM,kBAAkB,GAAG;IAChC,UAAU;IACV,MAAM;IACN,UAAU;IACV,KAAK;IACL,MAAM;CACE,CAAC;AACX,MAAM,uBAAuB,GAAG,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;AAK3D,MAAM,UAAU,qBAAqB,CACnC,OAA+B;IAE/B,OAAO;QACL,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,wBAAwB,CAAC,QAAQ;QAC/D,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,wBAAwB,CAAC,IAAI;QACnD,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,wBAAwB,CAAC,QAAQ;QAC/D,GAAG,EAAE,OAAO,CAAC,GAAG,IAAI,wBAAwB,CAAC,GAAG;QAChD,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,wBAAwB,CAAC,IAAI;KACpD,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAAC,CAAC,MAAM,CAAC;IACnD,MAAM,EAAE,CAAC;SACN,KAAK,CAAC,oBAAoB,EAAE;QAC3B,WAAW,EACT,0EAA0E;KAC7E,CAAC;SACD,GAAG,CAAC,CAAC,CAAC;SACN,OAAO,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IACjC,cAAc,EAAE,sBAAsB;SACnC,QAAQ,CAAC,6BAA6B,CAAC;SACvC,QAAQ,EAAE;IACb,gBAAgB,EAAE,CAAC;SAChB,KAAK,CAAC,qBAAqB,CAAC;SAC5B,GAAG,CAAC,CAAC,CAAC;SACN,OAAO,CAAC,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAC3B,iBAAiB,EAAE,CAAC;SACjB,MAAM,CAAC,uBAAuB,EAAE,mBAAmB,EAAE;QACpD,WAAW,EACT,iIAAiI;KACpI,CAAC;SACD,OAAO,CAAC,wBAAwB,CAAC;SACjC,SAAS,CAAC,qBAAqB,CAAC;IACnC,eAAe,EAAE,qBAAqB;CACvC,CAAC,CAAC"}
|
|
@@ -1,13 +1,11 @@
|
|
|
1
1
|
import { objectToEntries } from '@code-pushup/utils';
|
|
2
2
|
export function npmToOutdatedResult(output) {
|
|
3
3
|
const npmOutdated = JSON.parse(output);
|
|
4
|
-
// current might be missing in some cases
|
|
4
|
+
// "current" might be missing in some cases, usually it is missing if the dependency is not installed, fallback to "wanted" should avoid this problem
|
|
5
5
|
// https://stackoverflow.com/questions/42267101/npm-outdated-command-shows-missing-in-current-version
|
|
6
|
-
return objectToEntries(npmOutdated)
|
|
7
|
-
.filter((entry) => entry[1].current != null)
|
|
8
|
-
.map(([name, overview]) => ({
|
|
6
|
+
return objectToEntries(npmOutdated).map(([name, overview]) => ({
|
|
9
7
|
name,
|
|
10
|
-
current: overview.current,
|
|
8
|
+
current: overview.current || overview.wanted,
|
|
11
9
|
latest: overview.latest,
|
|
12
10
|
type: overview.type,
|
|
13
11
|
...(overview.homepage != null && { url: overview.homepage }),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"outdated-result.js","sourceRoot":"","sources":["../../../../../../../packages/plugin-js-packages/src/lib/package-managers/npm/outdated-result.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAIrD,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAA0B,CAAC;IAChE,
|
|
1
|
+
{"version":3,"file":"outdated-result.js","sourceRoot":"","sources":["../../../../../../../packages/plugin-js-packages/src/lib/package-managers/npm/outdated-result.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAIrD,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAA0B,CAAC;IAChE,qJAAqJ;IACrJ,qGAAqG;IACrG,OAAO,eAAe,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;QAC7D,IAAI;QACJ,OAAO,EAAE,QAAQ,CAAC,OAAO,IAAI,QAAQ,CAAC,MAAM;QAC5C,MAAM,EAAE,QAAQ,CAAC,MAAM;QACvB,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,GAAG,CAAC,QAAQ,CAAC,QAAQ,IAAI,IAAI,IAAI,EAAE,GAAG,EAAE,QAAQ,CAAC,QAAQ,EAAE,CAAC;KAC7D,CAAC,CAAC,CAAC;AACN,CAAC"}
|
|
@@ -28,11 +28,9 @@ export type NpmAuditResultJson = {
|
|
|
28
28
|
};
|
|
29
29
|
export type NpmVersionOverview = {
|
|
30
30
|
current?: string;
|
|
31
|
+
wanted: string;
|
|
31
32
|
latest: string;
|
|
32
33
|
type: DependencyGroupLong;
|
|
33
34
|
homepage?: string;
|
|
34
35
|
};
|
|
35
|
-
export type NpmNormalizedOverview = Omit<NpmVersionOverview, 'current'> & {
|
|
36
|
-
current: string;
|
|
37
|
-
};
|
|
38
36
|
export type NpmOutdatedResultJson = Record<string, NpmVersionOverview>;
|
package/src/lib/runner/index.js
CHANGED
|
@@ -6,7 +6,7 @@ import { dependencyGroupToLong } from '../constants.js';
|
|
|
6
6
|
import { packageManagers } from '../package-managers/package-managers.js';
|
|
7
7
|
import { auditResultToAuditOutput } from './audit/transform.js';
|
|
8
8
|
import { outdatedResultToAuditOutput } from './outdated/transform.js';
|
|
9
|
-
import {
|
|
9
|
+
import { getTotalDependencies } from './utils.js';
|
|
10
10
|
export async function createRunnerConfig(scriptPath, config) {
|
|
11
11
|
const { runnerConfigPath, runnerOutputPath } = await createRunnerFiles('js-packages', JSON.stringify(config));
|
|
12
12
|
return {
|
|
@@ -20,34 +20,30 @@ export async function createRunnerConfig(scriptPath, config) {
|
|
|
20
20
|
};
|
|
21
21
|
}
|
|
22
22
|
export async function executeRunner({ runnerConfigPath, runnerOutputPath, }) {
|
|
23
|
-
const { packageManager, checks, auditLevelMapping,
|
|
23
|
+
const { packageManager, checks, auditLevelMapping, packageJsonPath, dependencyGroups: depGroups, } = await readJsonFile(runnerConfigPath);
|
|
24
24
|
const auditResults = checks.includes('audit')
|
|
25
|
-
? await processAudit(packageManager, depGroups, auditLevelMapping)
|
|
25
|
+
? await processAudit(packageManager, depGroups, auditLevelMapping, packageJsonPath)
|
|
26
26
|
: [];
|
|
27
27
|
const outdatedResults = checks.includes('outdated')
|
|
28
|
-
? await processOutdated(packageManager, depGroups,
|
|
28
|
+
? await processOutdated(packageManager, depGroups, packageJsonPath)
|
|
29
29
|
: [];
|
|
30
30
|
const checkResults = [...auditResults, ...outdatedResults];
|
|
31
31
|
await ensureDirectoryExists(path.dirname(runnerOutputPath));
|
|
32
32
|
await writeFile(runnerOutputPath, JSON.stringify(checkResults));
|
|
33
33
|
}
|
|
34
|
-
async function processOutdated(id, depGroups,
|
|
34
|
+
async function processOutdated(id, depGroups, packageJsonPath) {
|
|
35
35
|
const pm = packageManagers[id];
|
|
36
36
|
const { stdout } = await executeProcess({
|
|
37
37
|
command: pm.command,
|
|
38
38
|
args: pm.outdated.commandArgs,
|
|
39
|
-
cwd: process.cwd(),
|
|
39
|
+
cwd: packageJsonPath ? path.dirname(packageJsonPath) : process.cwd(),
|
|
40
40
|
ignoreExitCode: true, // outdated returns exit code 1 when outdated dependencies are found
|
|
41
41
|
});
|
|
42
|
-
|
|
43
|
-
const finalPaths = Array.isArray(packageJsonPaths)
|
|
44
|
-
? packageJsonPaths
|
|
45
|
-
: await findAllPackageJson();
|
|
46
|
-
const depTotals = await getTotalDependencies(finalPaths);
|
|
42
|
+
const depTotals = await getTotalDependencies(packageJsonPath);
|
|
47
43
|
const normalizedResult = pm.outdated.unifyResult(stdout);
|
|
48
44
|
return depGroups.map(depGroup => outdatedResultToAuditOutput(normalizedResult, id, depGroup, depTotals[dependencyGroupToLong[depGroup]]));
|
|
49
45
|
}
|
|
50
|
-
async function processAudit(id, depGroups, auditLevelMapping) {
|
|
46
|
+
async function processAudit(id, depGroups, auditLevelMapping, packageJsonPath) {
|
|
51
47
|
const pm = packageManagers[id];
|
|
52
48
|
const supportedAuditDepGroups = pm.audit.supportedDepGroups ?? dependencyGroups;
|
|
53
49
|
const compatibleAuditDepGroups = depGroups.filter(group => supportedAuditDepGroups.includes(group));
|
|
@@ -55,7 +51,7 @@ async function processAudit(id, depGroups, auditLevelMapping) {
|
|
|
55
51
|
const { stdout } = await executeProcess({
|
|
56
52
|
command: pm.command,
|
|
57
53
|
args: pm.audit.getCommandArgs(depGroup),
|
|
58
|
-
cwd: process.cwd(),
|
|
54
|
+
cwd: packageJsonPath ? path.dirname(packageJsonPath) : process.cwd(),
|
|
59
55
|
ignoreExitCode: pm.audit.ignoreExitCode,
|
|
60
56
|
});
|
|
61
57
|
return [depGroup, pm.audit.unifyResult(stdout)];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/plugin-js-packages/src/lib/runner/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,cAAc,EACd,gBAAgB,EAChB,wBAAwB,EACxB,uBAAuB,EACvB,iBAAiB,EACjB,eAAe,EACf,YAAY,GACb,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAML,gBAAgB,GACjB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,yCAAyC,CAAC;AAC1E,OAAO,EAAE,wBAAwB,EAAE,MAAM,sBAAsB,CAAC;AAEhE,OAAO,EAAE,2BAA2B,EAAE,MAAM,yBAAyB,CAAC;AACtE,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/plugin-js-packages/src/lib/runner/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,cAAc,EACd,gBAAgB,EAChB,wBAAwB,EACxB,uBAAuB,EACvB,iBAAiB,EACjB,eAAe,EACf,YAAY,GACb,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAML,gBAAgB,GACjB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,yCAAyC,CAAC;AAC1E,OAAO,EAAE,wBAAwB,EAAE,MAAM,sBAAsB,CAAC;AAEhE,OAAO,EAAE,2BAA2B,EAAE,MAAM,yBAAyB,CAAC;AACtE,OAAO,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAElD,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,UAAkB,EAClB,MAAmC;IAEnC,MAAM,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,GAAG,MAAM,iBAAiB,CACpE,aAAa,EACb,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CACvB,CAAC;IAEF,OAAO;QACL,OAAO,EAAE,MAAM;QACf,IAAI,EAAE;YACJ,gBAAgB,CAAC,UAAU,CAAC;YAC5B,GAAG,eAAe,CAAC,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,CAAC;SAC3D;QACD,UAAU,EAAE,gBAAgB;QAC5B,UAAU,EAAE,gBAAgB;KAC7B,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,EAClC,gBAAgB,EAChB,gBAAgB,GACC;IACjB,MAAM,EACJ,cAAc,EACd,MAAM,EACN,iBAAiB,EACjB,eAAe,EACf,gBAAgB,EAAE,SAAS,GAC5B,GAAG,MAAM,YAAY,CAA8B,gBAAgB,CAAC,CAAC;IAEtE,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC3C,CAAC,CAAC,MAAM,YAAY,CAChB,cAAc,EACd,SAAS,EACT,iBAAiB,EACjB,eAAe,CAChB;QACH,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,eAAe,GAAG,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC;QACjD,CAAC,CAAC,MAAM,eAAe,CAAC,cAAc,EAAE,SAAS,EAAE,eAAe,CAAC;QACnE,CAAC,CAAC,EAAE,CAAC;IACP,MAAM,YAAY,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,eAAe,CAAC,CAAC;IAE3D,MAAM,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAC5D,MAAM,SAAS,CAAC,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC;AAClE,CAAC;AAED,KAAK,UAAU,eAAe,CAC5B,EAAoB,EACpB,SAA4B,EAC5B,eAAgC;IAEhC,MAAM,EAAE,GAAG,eAAe,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,cAAc,CAAC;QACtC,OAAO,EAAE,EAAE,CAAC,OAAO;QACnB,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,WAAW;QAC7B,GAAG,EAAE,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE;QACpE,cAAc,EAAE,IAAI,EAAE,oEAAoE;KAC3F,CAAC,CAAC;IAEH,MAAM,SAAS,GAAG,MAAM,oBAAoB,CAAC,eAAe,CAAC,CAAC;IAE9D,MAAM,gBAAgB,GAAG,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IACzD,OAAO,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAC9B,2BAA2B,CACzB,gBAAgB,EAChB,EAAE,EACF,QAAQ,EACR,SAAS,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC,CAC3C,CACF,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,EAAoB,EACpB,SAA4B,EAC5B,iBAAgC,EAChC,eAAgC;IAEhC,MAAM,EAAE,GAAG,eAAe,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,uBAAuB,GAC3B,EAAE,CAAC,KAAK,CAAC,kBAAkB,IAAI,gBAAgB,CAAC;IAClD,MAAM,wBAAwB,GAAG,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACxD,uBAAuB,CAAC,QAAQ,CAAC,KAAK,CAAC,CACxC,CAAC;IAEF,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,UAAU,CAC3C,wBAAwB,CAAC,GAAG,CAC1B,KAAK,EAAE,QAAQ,EAA2C,EAAE;QAC1D,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,cAAc,CAAC;YACtC,OAAO,EAAE,EAAE,CAAC,OAAO;YACnB,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,CAAC,QAAQ,CAAC;YACvC,GAAG,EAAE,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE;YACpE,cAAc,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc;SACxC,CAAC,CAAC;QACH,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC;IAClD,CAAC,CACF,CACF,CAAC;IAEF,MAAM,QAAQ,GAAG,YAAY,CAAC,MAAM,CAAC,uBAAuB,CAAC,CAAC;IAC9D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;YACxB,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC/B,CAAC,CAAC,CAAC;QAEH,MAAM,IAAI,KAAK,CAAC,+BAA+B,EAAE,CAAC,IAAI,gBAAgB,CAAC,CAAC;IAC1E,CAAC;IAED,MAAM,SAAS,GAAG,iBAAiB,CACjC,YAAY,CAAC,MAAM,CAAC,wBAAwB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAChE,CAAC;IAEF,MAAM,aAAa,GAAG,EAAE,CAAC,KAAK,CAAC,iBAAiB,EAAE,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC;IAE3E,OAAO,wBAAwB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAC7C,wBAAwB;IACtB,oEAAoE;IACpE,aAAa,CAAC,QAAQ,CAAE,EACxB,EAAE,EACF,QAAQ,EACR,iBAAiB,CAClB,CACF,CAAC;AACJ,CAAC"}
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import type { AuditResult, Vulnerability } from './audit/types.js';
|
|
2
2
|
import { type DependencyTotals } from './outdated/types.js';
|
|
3
3
|
export declare function filterAuditResult(result: AuditResult, key: keyof Vulnerability, referenceResult?: AuditResult): AuditResult;
|
|
4
|
-
export declare function
|
|
5
|
-
export declare function getTotalDependencies(packageJsonPaths: string[]): Promise<DependencyTotals>;
|
|
4
|
+
export declare function getTotalDependencies(packageJsonPath: string): Promise<DependencyTotals>;
|
package/src/lib/runner/utils.js
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
|
-
import
|
|
2
|
-
import { crawlFileSystem, objectFromEntries, objectToKeys, readJsonFile, } from '@code-pushup/utils';
|
|
1
|
+
import { objectFromEntries, objectToKeys, readJsonFile, } from '@code-pushup/utils';
|
|
3
2
|
import { dependencyGroupLong, } from './outdated/types.js';
|
|
4
3
|
export function filterAuditResult(result, key, referenceResult) {
|
|
5
4
|
if (result.vulnerabilities.length === 0) {
|
|
@@ -30,24 +29,12 @@ export function filterAuditResult(result, key, referenceResult) {
|
|
|
30
29
|
summary: uniqueResult.summary,
|
|
31
30
|
};
|
|
32
31
|
}
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
}))
|
|
39
|
-
!filePath.includes(`${path.sep}node_modules${path.sep}`) &&
|
|
40
|
-
!filePath.startsWith(`.nx${path.sep}`));
|
|
41
|
-
}
|
|
42
|
-
export async function getTotalDependencies(packageJsonPaths) {
|
|
43
|
-
const parsedDeps = await Promise.all(packageJsonPaths.map((readJsonFile)));
|
|
44
|
-
const mergedDeps = parsedDeps.reduce((acc, depMapper) => objectFromEntries(dependencyGroupLong.map(group => {
|
|
45
|
-
const deps = depMapper[group];
|
|
46
|
-
return [
|
|
47
|
-
group,
|
|
48
|
-
[...acc[group], ...(deps == null ? [] : objectToKeys(deps))],
|
|
49
|
-
];
|
|
50
|
-
})), { dependencies: [], devDependencies: [], optionalDependencies: [] });
|
|
32
|
+
export async function getTotalDependencies(packageJsonPath) {
|
|
33
|
+
const parsedDeps = await readJsonFile(packageJsonPath);
|
|
34
|
+
const mergedDeps = objectFromEntries(dependencyGroupLong.map(group => {
|
|
35
|
+
const deps = parsedDeps[group];
|
|
36
|
+
return [group, deps == null ? [] : objectToKeys(deps)];
|
|
37
|
+
}));
|
|
51
38
|
return objectFromEntries(objectToKeys(mergedDeps).map(deps => [
|
|
52
39
|
deps,
|
|
53
40
|
new Set(mergedDeps[deps]).size,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../../../../packages/plugin-js-packages/src/lib/runner/utils.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../../../../packages/plugin-js-packages/src/lib/runner/utils.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,iBAAiB,EACjB,YAAY,EACZ,YAAY,GACb,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EAGL,mBAAmB,GACpB,MAAM,qBAAqB,CAAC;AAE7B,MAAM,UAAU,iBAAiB,CAC/B,MAAmB,EACnB,GAAwB,EACxB,eAA6B;IAE7B,IAAI,MAAM,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,CAAC,eAAe,CAAC,MAAM,CAChD,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACX,MAAM,cAAc,GAAG,eAAe,IAAI,GAAG,CAAC;QAC9C,MAAM,OAAO,GAAG,cAAc,CAAC,eAAe;aAC3C,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;aACxC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QAEtB,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO;gBACL,eAAe,EAAE,GAAG,CAAC,eAAe;gBACpC,OAAO,EAAE;oBACP,GAAG,GAAG,CAAC,OAAO;oBACd,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC;oBAC7C,KAAK,EAAE,GAAG,CAAC,OAAO,CAAC,KAAK,GAAG,CAAC;iBAC7B;aACF,CAAC;QACJ,CAAC;QAED,OAAO;YACL,eAAe,EAAE,CAAC,GAAG,GAAG,CAAC,eAAe,EAAE,GAAG,CAAC;YAC9C,OAAO,EAAE,GAAG,CAAC,OAAO;SACrB,CAAC;IACJ,CAAC,EACD,EAAE,eAAe,EAAE,EAAE,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CACjD,CAAC;IAEF,OAAO;QACL,eAAe,EAAE,YAAY,CAAC,eAAe;QAC7C,OAAO,EAAE,YAAY,CAAC,OAAO;KAC9B,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,eAAuB;IAEvB,MAAM,UAAU,GAAG,MAAM,YAAY,CAAc,eAAe,CAAC,CAAC;IAEpE,MAAM,UAAU,GAAG,iBAAiB,CAClC,mBAAmB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;QAC9B,MAAM,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;QAC/B,OAAO,CAAC,KAAK,EAAE,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;IACzD,CAAC,CAAC,CACH,CAAC;IAEF,OAAO,iBAAiB,CACtB,YAAY,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,IAAI;QACJ,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI;KAC/B,CAAC,CACH,CAAC;AACJ,CAAC"}
|
package/src/lib/utils.d.ts
CHANGED
|
@@ -4,7 +4,5 @@ export declare function normalizeConfig(config?: JSPackagesPluginConfig): Promis
|
|
|
4
4
|
checks: ("audit" | "outdated")[];
|
|
5
5
|
depGroups: ("prod" | "dev" | "optional")[];
|
|
6
6
|
auditLevelMapping: import("./config.js").AuditSeverity;
|
|
7
|
-
|
|
8
|
-
autoSearch: true;
|
|
9
|
-
};
|
|
7
|
+
packageJsonPath: string;
|
|
10
8
|
}>;
|