npm - @oss-ma/tpl - Versions diffs - 1.0.34 → 1.0.36 - Mend

@oss-ma/tpl 1.0.34 → 1.0.36

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/dist/commands/check.js CHANGED Viewed

@@ -15,15 +15,30 @@ async function hashFile(filePath) {
     const content = await fs.readFile(filePath);
     return crypto.createHash("sha256").update(content).digest("hex");
 }
-async function collectFiles(dir) {
+const EXCLUDED_DIRS = new Set([
+    "node_modules",
+    ".git",
+    ".next",
+    "dist",
+    "build",
+    "coverage",
+    ".turbo",
+    ".cache",
+]);
+async function collectFiles(dir, root) {
+    const baseDir = root ?? dir;
     const entries = await fs.readdir(dir, { withFileTypes: true });
     const results = [];
     for (const entry of entries) {
+        if (EXCLUDED_DIRS.has(entry.name))
+            continue;
         const full = path.join(dir, entry.name);
-        if (entry.isDirectory())
-            results.push(...(await collectFiles(full)));
-        else if (entry.isFile())
+        if (entry.isDirectory()) {
+            results.push(...(await collectFiles(full, baseDir)));
+        }
+        else if (entry.isFile()) {
             results.push(full);
+        }
     }
     return results.sort();
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@oss-ma/tpl",
-  "version": "1.0.34",
+  "version": "1.0.36",
   "description": "Generate, enforce and maintain clean project architectures",
   "type": "module",
   "repository": {

package/resources/templates/react-next/files/.github/dependabot.yml ADDED Viewed

@@ -0,0 +1,14 @@
+version: 2
+updates:
+  - package-ecosystem: npm
+    directory: "/"
+    schedule:
+      interval: weekly
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major"]
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: weekly

package/resources/templates/react-next/files/.github/workflows/ci.yml ADDED Viewed

@@ -0,0 +1,46 @@
+name: ci
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+permissions: {}
+jobs:
+  test:
+    name: Build & Test
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        with:
+          persist-credentials: false
+      - name: Setup Node.js
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e
+        with:
+          node-version: 20
+          cache: npm
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+      - name: Audit
+        run: npm audit --audit-level=high
+      - name: Lint
+        run: npm run lint
+      - name: Type check
+        run: npm run typecheck
+      - name: Test
+        run: npm test
+      - name: Build
+        run: npm run build

package/resources/templates/react-next/files/.github/workflows/codeql.yml ADDED Viewed

@@ -0,0 +1,37 @@
+name: codeql
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+  schedule:
+    - cron: "0 8 * * 1"
+permissions: {}
+jobs:
+  analyze:
+    name: Analyze (javascript-typescript)
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      actions: read
+      security-events: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        with:
+          persist-credentials: false
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v4
+        with:
+          languages: javascript-typescript
+          queries: security-extended
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v4
+        with:
+          category: "/language:javascript-typescript"

package/resources/templates/react-next/files/.husky/commit-msg ADDED Viewed

	@@ -0,0 +1 @@
1	+ npx --no -- commitlint --edit "$1"

package/resources/templates/react-next/files/.husky/pre-commit ADDED Viewed

	@@ -0,0 +1 @@
1	+ npx lint-staged

package/resources/templates/react-next/files/README.md ADDED Viewed

@@ -0,0 +1,40 @@
+# {{appName}}
+Next.js 15 · App Router · TypeScript
+## Getting Started
+```bash
+npm run dev
+# Open http://localhost:3000
+```
+## Scripts
+- `npm run dev` — Start development server
+- `npm run build` — Build for production
+- `npm start` — Start production server
+- `npm test` — Run tests
+- `npm run lint` — Lint code
+- `npm run format` — Format code with Prettier
+- `npm run typecheck` — Type check with TypeScript
+## Project Structure
+```
+src/
+├── app/           # Next.js App Router pages
+├── features/      # Feature modules
+├── shared/        # Shared components and utilities
+└── lib/           # Library code (providers, etc.)
+```
+## Standards
+This project follows the [@oss-ma/tpl](https://www.npmjs.com/package/@oss-ma/tpl) standard.
+Run `npx @oss-ma/tpl check` to validate compliance.
+## Security
+See [SECURITY.md](SECURITY.md) for reporting vulnerabilities.

package/resources/templates/react-next/files/SECURITY.md ADDED Viewed

@@ -0,0 +1,24 @@
+# Security Policy
+## Supported Versions
+| Version | Supported |
+|---------|-----------|
+| latest  | ✅        |
+## Reporting a Vulnerability
+If you discover a security vulnerability, please report it privately:
+1. **Do not** open a public GitHub issue
+2. Contact the maintainer directly via email or private channel
+3. Include details: description, steps to reproduce, potential impact
+We will respond within 48 hours and provide updates as we investigate.
+## Security Measures
+- Dependabot enabled for automated dependency updates
+- CodeQL SAST scans on every push
+- npm audit in CI pipeline
+- GitHub Actions pinned by SHA

package/resources/templates/react-next/files/commitlint.config.cjs ADDED Viewed

@@ -0,0 +1,3 @@
+module.exports = {
+  extends: ["@commitlint/config-conventional"],
+};

package/resources/templates/react-next/files/docs/adr/0001-context.md ADDED Viewed

@@ -0,0 +1,34 @@
+# 1. Context
+Date: {{date}}
+## Status
+Accepted
+## Context
+This project was bootstrapped with [@oss-ma/tpl](https://www.npmjs.com/package/@oss-ma/tpl) using the `react-next` template.
+Stack:
+- Next.js 15 with App Router
+- TypeScript
+- React 19{{#if state}}
+- Zustand for state management{{/if}}{{#if fetching}}
+- TanStack Query for data fetching{{/if}}
+## Decision
+We use Next.js App Router for its server component architecture, built-in routing, and excellent DX.
+## Consequences
+**Positive:**
+- Server components by default → better performance
+- File-system based routing → no react-router needed
+- Built-in API routes and server actions
+- Excellent TypeScript support
+**Negative:**
+- Learning curve for developers new to App Router
+- Some third-party libraries may not support React Server Components yet

package/resources/templates/react-next/files/editorconfig ADDED Viewed

@@ -0,0 +1,12 @@
+root = true
+[*]
+charset = utf-8
+end_of_line = lf
+indent_style = space
+indent_size = 2
+insert_final_newline = true
+trim_trailing_whitespace = true
+[*.md]
+trim_trailing_whitespace = false

package/resources/templates/react-next/files/next.config.ts ADDED Viewed

@@ -0,0 +1,6 @@
+/** @type {import('next').NextConfig} */
+const nextConfig = {
+  reactStrictMode: true,
+};
+export default nextConfig;

package/resources/templates/react-next/files/prettierrc.json ADDED Viewed

@@ -0,0 +1,6 @@
+{
+  "semi": true,
+  "singleQuote": false,
+  "tabWidth": 2,
+  "trailingComma": "es5"
+}