@oddessentials/repo-standards 1.1.0 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/README.md +52 -2
  2. package/dist/config/standards.csharp-dotnet.azure-devops.json +58 -2
  3. package/dist/config/standards.csharp-dotnet.github-actions.json +58 -2
  4. package/dist/config/standards.csharp-dotnet.json +66 -2
  5. package/dist/config/standards.go.azure-devops.json +51 -2
  6. package/dist/config/standards.go.github-actions.json +51 -2
  7. package/dist/config/standards.go.json +59 -2
  8. package/dist/config/standards.json +217 -2
  9. package/dist/config/standards.python.azure-devops.json +59 -2
  10. package/dist/config/standards.python.github-actions.json +59 -2
  11. package/dist/config/standards.python.json +67 -2
  12. package/dist/config/standards.rust.azure-devops.json +55 -2
  13. package/dist/config/standards.rust.github-actions.json +55 -2
  14. package/dist/config/standards.rust.json +63 -2
  15. package/dist/config/standards.typescript-js.azure-devops.json +64 -2
  16. package/dist/config/standards.typescript-js.github-actions.json +64 -2
  17. package/dist/config/standards.typescript-js.json +72 -2
  18. package/package.json +1 -1
package/dist/config/standards.rust.json CHANGED
@@ -433,6 +433,66 @@
433
433
  }
434
434
  ],
435
435
  "recommended": [
436
+ {
437
+ "ciHints": {
438
+ "azure-devops": {
439
+ "notes": "CI hints are suggested mappings; adjust to your pipeline topology.",
440
+ "stage": "quality"
441
+ },
442
+ "github-actions": {
443
+ "job": "ci",
444
+ "notes": "CI hints are suggested mappings; adjust to your workflow structure."
445
+ }
446
+ },
447
+ "description": "Automate dependency updates using Renovate or Dependabot to keep dependencies current and reduce security exposure window.",
448
+ "id": "dependency-update-automation",
449
+ "label": "Dependency Update Automation",
450
+ "stack": {
451
+ "anyOfFiles": [
452
+ "renovate.json",
453
+ ".renovaterc.json",
454
+ ".github/dependabot.yml"
455
+ ],
456
+ "exampleConfigFiles": [
457
+ "renovate.json",
458
+ ".github/dependabot.yml"
459
+ ],
460
+ "exampleTools": [
461
+ "renovate",
462
+ "dependabot"
463
+ ],
464
+ "notes": "Both support Cargo.toml/Cargo.lock. Works with cargo workspaces. Security scanning is covered by dependency-security (cargo-audit/cargo-deny).",
465
+ "verification": "Check for renovate.json OR .github/dependabot.yml. Verify Cargo dependency PRs."
466
+ }
467
+ },
468
+ {
469
+ "ciHints": {
470
+ "azure-devops": {
471
+ "notes": "CI hints are suggested mappings; adjust to your pipeline topology.",
472
+ "stage": "quality"
473
+ },
474
+ "github-actions": {
475
+ "job": "ci",
476
+ "notes": "CI hints are suggested mappings; adjust to your workflow structure."
477
+ }
478
+ },
479
+ "description": "Enforce module boundaries and import constraints to prevent architectural drift and unwanted coupling.",
480
+ "id": "dependency-architecture-rules",
481
+ "label": "Dependency Architecture Rules",
482
+ "stack": {
483
+ "exampleConfigFiles": [
484
+ "deny.toml"
485
+ ],
486
+ "exampleTools": [
487
+ "cargo-deny"
488
+ ],
489
+ "notes": "cargo-deny's [bans] section enforces dependency graph rules (deny specific crates, wildcards). Extend existing config if using for security scanning.",
490
+ "optionalFiles": [
491
+ "deny.toml"
492
+ ],
493
+ "verification": "Run 'cargo deny check bans' to verify dependency constraints."
494
+ }
495
+ },
436
496
  {
437
497
  "ciHints": {
438
498
  "azure-devops": {
@@ -568,7 +628,8 @@
568
628
  "type-checking",
569
629
  "unit-test-runner",
570
630
  "unit-test-reporter",
571
- "dependency-security"
631
+ "dependency-security",
632
+ "dependency-update-automation"
572
633
  ],
573
634
  "notes": "Pin tool and runtime versions in CI and containers to avoid flaky differences across environments.",
574
635
  "step": 3,
@@ -596,5 +657,5 @@
596
657
  },
597
658
  "stack": "rust",
598
659
  "stackLabel": "Rust",
599
- "version": 1
660
+ "version": 2
600
661
  }
package/dist/config/standards.typescript-js.azure-devops.json CHANGED
@@ -397,6 +397,67 @@
397
397
  }
398
398
  ],
399
399
  "recommended": [
400
+ {
401
+ "ciHints": {
402
+ "azure-devops": {
403
+ "notes": "CI hints are suggested mappings; adjust to your pipeline topology.",
404
+ "stage": "quality"
405
+ }
406
+ },
407
+ "description": "Automate dependency updates using Renovate or Dependabot to keep dependencies current and reduce security exposure window.",
408
+ "id": "dependency-update-automation",
409
+ "label": "Dependency Update Automation",
410
+ "stack": {
411
+ "anyOfFiles": [
412
+ "renovate.json",
413
+ ".renovaterc.json",
414
+ "renovate.json5",
415
+ ".renovaterc.json5",
416
+ ".github/dependabot.yml"
417
+ ],
418
+ "exampleConfigFiles": [
419
+ "renovate.json",
420
+ ".github/dependabot.yml"
421
+ ],
422
+ "exampleTools": [
423
+ "renovate",
424
+ "dependabot"
425
+ ],
426
+ "notes": "Renovate supports GHA + AzDO (self-hosted or Mend Renovate App). Dependabot is GitHub-native only. For AzDO: use Renovate via self-hosted runner, Docker container job, or Mend's hosted service.",
427
+ "pinningNotes": "Pin Renovate Docker image version in AzDO pipelines for determinism.",
428
+ "verification": "Check for renovate.json (or .renovaterc.json) OR .github/dependabot.yml. Verify dependency update PRs are being created."
429
+ }
430
+ },
431
+ {
432
+ "ciHints": {
433
+ "azure-devops": {
434
+ "notes": "CI hints are suggested mappings; adjust to your pipeline topology.",
435
+ "stage": "quality"
436
+ }
437
+ },
438
+ "description": "Enforce module boundaries and import constraints to prevent architectural drift and unwanted coupling.",
439
+ "id": "dependency-architecture-rules",
440
+ "label": "Dependency Architecture Rules",
441
+ "stack": {
442
+ "anyOfFiles": [
443
+ ".dependency-cruiser.cjs",
444
+ ".dependency-cruiser.js",
445
+ "dependency-cruiser.config.cjs",
446
+ ".dependency-cruiser.mjs"
447
+ ],
448
+ "exampleConfigFiles": [
449
+ ".dependency-cruiser.cjs",
450
+ ".dependency-cruiser.js",
451
+ "dependency-cruiser.config.cjs"
452
+ ],
453
+ "exampleTools": [
454
+ "dependency-cruiser"
455
+ ],
456
+ "notes": "Define forbidden imports, layer rules, and circular dependency bans. Run in CI as blocking check.",
457
+ "pinningNotes": "Pin dependency-cruiser version in package.json devDependencies.",
458
+ "verification": "Run 'npx depcruise --validate' or equivalent. Verify architectural rules are documented and enforced."
459
+ }
460
+ },
400
461
  {
401
462
  "ciHints": {
402
463
  "azure-devops": {
@@ -523,7 +584,8 @@
523
584
  "type-checking",
524
585
  "unit-test-runner",
525
586
  "unit-test-reporter",
526
- "dependency-security"
587
+ "dependency-security",
588
+ "dependency-update-automation"
527
589
  ],
528
590
  "notes": "Pin tool and runtime versions in CI and containers to avoid flaky differences across environments.",
529
591
  "step": 3,
@@ -551,5 +613,5 @@
551
613
  },
552
614
  "stack": "typescript-js",
553
615
  "stackLabel": "TypeScript / JavaScript",
554
- "version": 1
616
+ "version": 2
555
617
  }
package/dist/config/standards.typescript-js.github-actions.json CHANGED
@@ -397,6 +397,67 @@
397
397
  }
398
398
  ],
399
399
  "recommended": [
400
+ {
401
+ "ciHints": {
402
+ "github-actions": {
403
+ "job": "ci",
404
+ "notes": "CI hints are suggested mappings; adjust to your workflow structure."
405
+ }
406
+ },
407
+ "description": "Automate dependency updates using Renovate or Dependabot to keep dependencies current and reduce security exposure window.",
408
+ "id": "dependency-update-automation",
409
+ "label": "Dependency Update Automation",
410
+ "stack": {
411
+ "anyOfFiles": [
412
+ "renovate.json",
413
+ ".renovaterc.json",
414
+ "renovate.json5",
415
+ ".renovaterc.json5",
416
+ ".github/dependabot.yml"
417
+ ],
418
+ "exampleConfigFiles": [
419
+ "renovate.json",
420
+ ".github/dependabot.yml"
421
+ ],
422
+ "exampleTools": [
423
+ "renovate",
424
+ "dependabot"
425
+ ],
426
+ "notes": "Renovate supports GHA + AzDO (self-hosted or Mend Renovate App). Dependabot is GitHub-native only. For AzDO: use Renovate via self-hosted runner, Docker container job, or Mend's hosted service.",
427
+ "pinningNotes": "Pin Renovate Docker image version in AzDO pipelines for determinism.",
428
+ "verification": "Check for renovate.json (or .renovaterc.json) OR .github/dependabot.yml. Verify dependency update PRs are being created."
429
+ }
430
+ },
431
+ {
432
+ "ciHints": {
433
+ "github-actions": {
434
+ "job": "ci",
435
+ "notes": "CI hints are suggested mappings; adjust to your workflow structure."
436
+ }
437
+ },
438
+ "description": "Enforce module boundaries and import constraints to prevent architectural drift and unwanted coupling.",
439
+ "id": "dependency-architecture-rules",
440
+ "label": "Dependency Architecture Rules",
441
+ "stack": {
442
+ "anyOfFiles": [
443
+ ".dependency-cruiser.cjs",
444
+ ".dependency-cruiser.js",
445
+ "dependency-cruiser.config.cjs",
446
+ ".dependency-cruiser.mjs"
447
+ ],
448
+ "exampleConfigFiles": [
449
+ ".dependency-cruiser.cjs",
450
+ ".dependency-cruiser.js",
451
+ "dependency-cruiser.config.cjs"
452
+ ],
453
+ "exampleTools": [
454
+ "dependency-cruiser"
455
+ ],
456
+ "notes": "Define forbidden imports, layer rules, and circular dependency bans. Run in CI as blocking check.",
457
+ "pinningNotes": "Pin dependency-cruiser version in package.json devDependencies.",
458
+ "verification": "Run 'npx depcruise --validate' or equivalent. Verify architectural rules are documented and enforced."
459
+ }
460
+ },
400
461
  {
401
462
  "ciHints": {
402
463
  "github-actions": {
@@ -523,7 +584,8 @@
523
584
  "type-checking",
524
585
  "unit-test-runner",
525
586
  "unit-test-reporter",
526
- "dependency-security"
587
+ "dependency-security",
588
+ "dependency-update-automation"
527
589
  ],
528
590
  "notes": "Pin tool and runtime versions in CI and containers to avoid flaky differences across environments.",
529
591
  "step": 3,
@@ -551,5 +613,5 @@
551
613
  },
552
614
  "stack": "typescript-js",
553
615
  "stackLabel": "TypeScript / JavaScript",
554
- "version": 1
616
+ "version": 2
555
617
  }
package/dist/config/standards.typescript-js.json CHANGED
@@ -445,6 +445,75 @@
445
445
  }
446
446
  ],
447
447
  "recommended": [
448
+ {
449
+ "ciHints": {
450
+ "azure-devops": {
451
+ "notes": "CI hints are suggested mappings; adjust to your pipeline topology.",
452
+ "stage": "quality"
453
+ },
454
+ "github-actions": {
455
+ "job": "ci",
456
+ "notes": "CI hints are suggested mappings; adjust to your workflow structure."
457
+ }
458
+ },
459
+ "description": "Automate dependency updates using Renovate or Dependabot to keep dependencies current and reduce security exposure window.",
460
+ "id": "dependency-update-automation",
461
+ "label": "Dependency Update Automation",
462
+ "stack": {
463
+ "anyOfFiles": [
464
+ "renovate.json",
465
+ ".renovaterc.json",
466
+ "renovate.json5",
467
+ ".renovaterc.json5",
468
+ ".github/dependabot.yml"
469
+ ],
470
+ "exampleConfigFiles": [
471
+ "renovate.json",
472
+ ".github/dependabot.yml"
473
+ ],
474
+ "exampleTools": [
475
+ "renovate",
476
+ "dependabot"
477
+ ],
478
+ "notes": "Renovate supports GHA + AzDO (self-hosted or Mend Renovate App). Dependabot is GitHub-native only. For AzDO: use Renovate via self-hosted runner, Docker container job, or Mend's hosted service.",
479
+ "pinningNotes": "Pin Renovate Docker image version in AzDO pipelines for determinism.",
480
+ "verification": "Check for renovate.json (or .renovaterc.json) OR .github/dependabot.yml. Verify dependency update PRs are being created."
481
+ }
482
+ },
483
+ {
484
+ "ciHints": {
485
+ "azure-devops": {
486
+ "notes": "CI hints are suggested mappings; adjust to your pipeline topology.",
487
+ "stage": "quality"
488
+ },
489
+ "github-actions": {
490
+ "job": "ci",
491
+ "notes": "CI hints are suggested mappings; adjust to your workflow structure."
492
+ }
493
+ },
494
+ "description": "Enforce module boundaries and import constraints to prevent architectural drift and unwanted coupling.",
495
+ "id": "dependency-architecture-rules",
496
+ "label": "Dependency Architecture Rules",
497
+ "stack": {
498
+ "anyOfFiles": [
499
+ ".dependency-cruiser.cjs",
500
+ ".dependency-cruiser.js",
501
+ "dependency-cruiser.config.cjs",
502
+ ".dependency-cruiser.mjs"
503
+ ],
504
+ "exampleConfigFiles": [
505
+ ".dependency-cruiser.cjs",
506
+ ".dependency-cruiser.js",
507
+ "dependency-cruiser.config.cjs"
508
+ ],
509
+ "exampleTools": [
510
+ "dependency-cruiser"
511
+ ],
512
+ "notes": "Define forbidden imports, layer rules, and circular dependency bans. Run in CI as blocking check.",
513
+ "pinningNotes": "Pin dependency-cruiser version in package.json devDependencies.",
514
+ "verification": "Run 'npx depcruise --validate' or equivalent. Verify architectural rules are documented and enforced."
515
+ }
516
+ },
448
517
  {
449
518
  "ciHints": {
450
519
  "azure-devops": {
@@ -584,7 +653,8 @@
584
653
  "type-checking",
585
654
  "unit-test-runner",
586
655
  "unit-test-reporter",
587
- "dependency-security"
656
+ "dependency-security",
657
+ "dependency-update-automation"
588
658
  ],
589
659
  "notes": "Pin tool and runtime versions in CI and containers to avoid flaky differences across environments.",
590
660
  "step": 3,
@@ -612,5 +682,5 @@
612
682
  },
613
683
  "stack": "typescript-js",
614
684
  "stackLabel": "TypeScript / JavaScript",
615
- "version": 1
685
+ "version": 2
616
686
  }
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@oddessentials/repo-standards",
3
3
  "private": false,
4
- "version": "1.1.0",
4
+ "version": "1.2.1",
5
5
  "description": "Standards and CI filtering utilities for multi-stack repository governance.",
6
6
  "type": "module",
7
7
  "scripts": {