npm - @datapos/datapos-shared - Versions diffs - 0.3.275 → 0.3.282 - Mend

@datapos/datapos-shared 0.3.275 → 0.3.282

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -1,5 +1,6 @@
 # Data Positioning Shared Library
+<span><!-- OWASP_BADGES_START -->[![OWASP](https://img.shields.io/badge/OWASP-passed-4CAF50)](https://data-positioning.github.io/datapos-shared/dependency-check-reports/dependency-check-report.html)<!-- OWASP_BADGES_END --></span>
 [![npm version](https://img.shields.io/npm/v/@datapos/datapos-shared.svg)](https://www.npmjs.com/package/@datapos/datapos-shared)
 [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](./LICENSE)
@@ -40,11 +41,11 @@ The Data Positioning solution consists of the following modules. All modules, ex
 | Type      | Dynamic | Notes                                                           |
 | --------- | :-----: | --------------------------------------------------------------- |
 | App       |         | Implements the data positioning web application.                |
-| Engine    |   ✔    | Implements the data positioning engine.                         |
-| Connector |   ✔    | Implements a connector which handles one or more connections.   |
-| Context   |   ✔    | Implements a context which defines one or more models.          |
-| Presenter |   ✔    | Implements a presenter which renders one or more presentations. |
-| Tool      |   ✔    | Implements...                                                   |
+| Engine    |    ✔    | Implements the data positioning engine.                         |
+| Connector |    ✔    | Implements a connector which handles one or more connections.   |
+| Context   |    ✔    | Implements a context which defines one or more models.          |
+| Presenter |    ✔    | Implements a presenter which renders one or more presentations. |
+| Tool      |    ✔    | Implements...                                                   |
 ### Components
@@ -111,6 +112,36 @@ let connectorConfig: ConnectorConfig;
 getComponentStatus('alpha');
 ```
+## Reports & Compliance
+### Dependency Check Report
+The OWASP Dependency Check Report identifies known vulnerabilities in project dependencies. It is generated automatically on each release using the npm package `owasp-dependency-check`. We also rely on GitHub Dependabot to continuously check for vulnerabilities across all dependencies.
+[View the OWASP Dependency Check Report](https://data-positioning.github.io/datapos-shared/dependency-check-reports/dependency-check-report.html)
+### Dependency Licenses
+The following table lists top-level production and peer dependencies. All these dependencies (including transitive ones) have been recursively verified to use Apache-2.0, CC0-1.0, or MIT—commercially friendly licenses with minimal restrictions. Developers cloning this repository should independently verify dev and optional dependencies; users of the uploaded library are covered by these checks.
+<!-- DEPENDENCY_LICENSES_START -->
+| Name                          |  Type   | Installed | Latest | Latest Modified          |
+| :---------------------------- | :-----: | :-------: | :----: | :----------------------- |
+| @speed-highlight/core         | CC0-1.0 |  1.2.12   | 1.2.12 | 2025-11-03T17:41:39.642Z |
+| micromark                     |   MIT   |   4.0.2   | 4.0.2  | 2025-02-27T14:04:03.783Z |
+| micromark-extension-gfm-table |   MIT   |   2.1.1   | 2.1.1  | 2025-01-20T12:24:29.697Z |
+<!-- DEPENDENCY_LICENSES_END -->
+**Installed dependencies are kept up-to-date with latest releases.**
+### Bundle Analysis Report
+The Bundle Analysis Report provides a detailed breakdown of the bundle's composition and module sizes, helping to identify which modules contribute most to the final build. It is generated automatically on each release using the npm package `rollup-plugin-visualizer`.
+[View the Bundle Analysis Report](https://data-positioning.github.io/datapos-shared/stats/index.html)
 ## Repository Common Management Commands
 The table below lists the repository management commands available in this project.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@datapos/datapos-shared",
-    "version": "0.3.275",
+    "version": "0.3.282",
     "description": "A library containing common declarations and utilities used across all other Data Positioning projects.",
     "license": "MIT",
     "private": false,
@@ -21,14 +21,13 @@
             "types": "./dist/types/index.d.ts"
         },
         "./schemas": {
-            "import": "./schemas/index.js",
-            "types": "./schemas/index.d.ts"
+            "import": "./dist/schemas.js",
+            "types": "./dist/types/schemas.d.ts"
         }
     },
     "sideEffects": false,
     "files": [
-        "dist",
-        "schemas"
+        "dist"
     ],
     "peerDependencies": {
         "csv-parse": "^6.1.0",
@@ -37,7 +36,7 @@
         "zod": "^4.1.13"
     },
     "devDependencies": {
-        "@datapos/datapos-development": "^0.3.263",
+        "@datapos/datapos-development": "^0.3.266",
         "@types/node": "^24.10.1",
         "@types/prismjs": "^1.26.5",
         "@typescript-eslint/eslint-plugin": "^8.48.1",
@@ -56,27 +55,36 @@
         "vite-plugin-dts": "^4.5.4"
     },
     "scripts": {
-        "audit": "npm audit",
-        "build": "vite build",
-        "bump:version": "node -e \"import('@datapos/datapos-development').then(m => m.bumpVersion())\"",
-        "check": "npm outdated; npm-check-updates -i && retire",
-        "document": "npm run _document:licenceReport && npm run _document:licenceCheck",
-        "format": "prettier --write src/",
-        "lint": "eslint .",
-        "publish:toNPM": "npm publish --access public",
+        "audit": "node -e \"import('@datapos/datapos-development').then(m => m.auditDependencies())\"",
+        "build": "node -e \"import('@datapos/datapos-development').then(m => m.buildProject())\"",
+        "check": "node -e \"import('@datapos/datapos-development').then(m => m.checkDependencies())\"",
+        "document": "node -e \"import('@datapos/datapos-development').then(m => m.documentDependencies(['MIT']))\"",
+        "format": "node -e \"import('@datapos/datapos-development').then(m => m.formatCode())\"",
+        "lint": "node -e \"import('@datapos/datapos-development').then(m => m.lintCode())\"",
+        "release": "node -e \"import('@datapos/datapos-development').then(m => m.releaseProject())\"",
+        "sync": "node -e \"import('@datapos/datapos-development').then(m => m.syncProjectWithGitHub())\"",
+        "test": "node -e \"import('@datapos/datapos-development').then(m => m.testProject())\"",
+        "update": "node -e \"import('@datapos/datapos-development').then(m => m.updateDataPosDependencies(['development']))\"",
+        "audit1": "npm audit",
+        "build1": "vite build",
+        "bump:version1": "node -e \"import('@datapos/datapos-development').then(m => m.bumpVersion())\"",
+        "check1": "npm outdated; npm-check-updates -i && retire",
+        "document1": "npm run _document:licenceReport && npm run _document:licenceCheck",
+        "format1": "prettier --write src/",
+        "lint1": "eslint .",
+        "publish:toNPM1": "npm publish --access public",
         "release1": "npm run bump:version && npm run build && npm run _sync:withGitHub && npm run publish:toNPM",
-        "release": " npm run build && npm run _sync:withGitHub && npm run publish:toNPM",
-        "sync": "npm run bump:version && npm run _sync:withGitHub",
-        "test": "node -e \"import('@datapos/datapos-development').then(m => m.echoScriptNotImplemented('Test'))\"",
-        "update:dataPosDeps": "npm run _update:developDep",
-        "_document:licenceReport": "license-report --only=prod,peer > LICENSES.json",
-        "_document:licenceCheck": "license-report-check --source ./LICENSES.json --allowed 'MIT' --allowed 'n/a' --allowed 'Apache-2.0' --output=table",
-        "_sync:withGitHub": "node -e \"import('@datapos/datapos-development').then(m => m.syncWithGitHub())\"",
-        "_update:developDep": "npm install --save-dev @datapos/datapos-development@latest",
+        "sync1": "npm run bump:version && npm run _sync:withGitHub",
+        "test1": "node -e \"import('@datapos/datapos-development').then(m => m.echoScriptNotImplemented('Test'))\"",
+        "update:dataPosDep1s": "npm run _update:developDep",
+        "_document:licenceReport1": "license-report --only=prod,peer > LICENSES.json",
+        "_document:licenceCheck1": "license-report-check --source ./LICENSES.json --allowed 'MIT' --allowed 'n/a' --allowed 'Apache-2.0' --output=table",
+        "_sync:withGitHub1": "node -e \"import('@datapos/datapos-development').then(m => m.syncWithGitHub())\"",
+        "_update:developDep1": "npm install --save-dev @datapos/datapos-development@latest",
         "___ts-to-zod": "npx ts-to-zod src/schemaTypes.ts src/schemaZOD.ts"
     },
     "engines": {
         "node": ">=22.0.0",
         "npm": ">=11.0.0"
     }
-}
+}

package/schemas/index.d.ts DELETED Viewed

	@@ -1 +0,0 @@
1	- export * from '../dist/types/schemas';

package/schemas/index.js DELETED Viewed

	@@ -1 +0,0 @@
1	- export * from '../dist/schemas.js';