npm - @rtorcato/js-tooling - Versions diffs - 2.13.0 → 2.15.0 - Mend

@rtorcato/js-tooling 2.13.0 → 2.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/cli/commands/doctor.js +19 -3
package/dist/cli/commands/fix-targets.js +2 -0
package/dist/cli/commands/fix.js +44 -2
package/dist/cli/generators/gitlab-ci.js +87 -0
package/dist/cli/generators/security.js +22 -0
package/dist/cli/index.js +6 -0
package/package.json +2 -2

package/dist/cli/commands/doctor.js CHANGED Viewed

@@ -529,11 +529,27 @@ async function checkDependabot(dir) {
             };
         }
     }
+    for (const candidate of [
+        'renovate.json',
+        'renovate.json5',
+        '.github/renovate.json',
+        '.github/renovate.json5',
+        '.renovaterc',
+        '.renovaterc.json',
+    ]) {
+        if (await fs.pathExists(path.join(dir, candidate))) {
+            return {
+                check: 'Dependabot',
+                status: 'ok',
+                detail: `${candidate} found (Renovate)`,
+            };
+        }
+    }
     return {
         check: 'Dependabot',
         status: 'optional-missing',
-        detail: 'no .github/dependabot.yml',
-        hint: 'Run `npx @rtorcato/js-tooling fix dependabot` to scaffold weekly dep updates',
+        detail: 'no Dependabot or Renovate config',
+        hint: 'Run `npx @rtorcato/js-tooling fix dependabot` (or `fix renovate`) to scaffold weekly dep updates',
     };
 }
 async function checkCodeQL(dir) {
@@ -661,7 +677,7 @@ async function checkGitLabCI(dir) {
         check: 'GitLab CI',
         status: 'optional-missing',
         detail: 'no .gitlab-ci.yml',
-        hint: 'Add a .gitlab-ci.yml if this repo is hosted on GitLab',
+        hint: 'Run `npx @rtorcato/js-tooling fix gitlab-ci` to scaffold a starter GitLab pipeline',
     };
 }
 export async function runDoctor(dir) {

package/dist/cli/commands/fix-targets.js CHANGED Viewed

@@ -21,6 +21,7 @@ export const FIX_TARGETS = {
     Dependabot: 'dependabot',
     CodeQL: 'codeql',
     CODEOWNERS: 'codeowners',
+    'GitLab CI': 'gitlab-ci',
     lockfile: 'lockfile',
     '.js-tooling.json': 'lockfile',
 };
@@ -109,6 +110,7 @@ export function lockfilePatchForTarget(target, lock) {
         case 'semantic-release':
             return c.semanticRelease ? null : { semanticRelease: true };
         case 'dependabot':
+        case 'renovate':
         case 'codeql':
             return c.securityAutomation ? null : { securityAutomation: true };
         case 'tsconfig':

package/dist/cli/commands/fix.js CHANGED Viewed

@@ -5,11 +5,12 @@ import inquirer from 'inquirer';
 import { generateSemanticReleaseConfig } from '../generators/build.js';
 import { generateCommitlintConfig, generateHuskyConfig, generatePrePushHook, } from '../generators/git.js';
 import { generateGitHubActions } from '../generators/github-actions.js';
+import { generateGitLabCI } from '../generators/gitlab-ci.js';
 import { generateESLintConfig, generatePrettierConfig } from '../generators/linting.js';
 import { ensureEnginesNode, generateCodeowners, generateEditorConfig, generateKnipConfig, generateNvmrc, generateSizeLimitConfig, } from '../generators/misc.js';
 import { generateConfigs } from '../generators/index.js';
 import { composeVerifyScriptFromPkg } from '../generators/package-json.js';
-import { generateCodeQLWorkflow, generateDependabotConfig } from '../generators/security.js';
+import { generateCodeQLWorkflow, generateDependabotConfig, generateRenovateConfig, } from '../generators/security.js';
 import { generateVitestConfig } from '../generators/testing.js';
 import { generateTreeshakeCheck, inferSubpathsFromExports } from '../generators/treeshake.js';
 import { copyPreset } from '../utils/copy-preset.js';
@@ -221,6 +222,17 @@ const FIXERS = [
             return { filesWritten: ['.github/dependabot.yml'] };
         },
     },
+    {
+        target: 'renovate',
+        description: 'Scaffold renovate.json (weekly schedule; alternative to Dependabot)',
+        appliesTo: ['Dependabot'],
+        outputs: ['renovate.json'],
+        riskLevel: 'safe-add',
+        async run({ targetDir }) {
+            await generateRenovateConfig(targetDir);
+            return { filesWritten: ['renovate.json'] };
+        },
+    },
     {
         target: 'codeql',
         description: 'Scaffold .github/workflows/codeql.yml (security scanning)',
@@ -243,6 +255,17 @@ const FIXERS = [
             return { filesWritten: [written] };
         },
     },
+    {
+        target: 'gitlab-ci',
+        description: 'Scaffold .gitlab-ci.yml (lint/typecheck/test/build mirrored from GitHub Actions)',
+        appliesTo: ['GitLab CI'],
+        outputs: ['.gitlab-ci.yml'],
+        canFixDrift: true,
+        async run({ targetDir, pkg }) {
+            const written = await generateGitLabCI(inferProjectConfig(pkg), targetDir);
+            return { filesWritten: [written] };
+        },
+    },
     {
         target: 'editorconfig',
         description: 'Scaffold .editorconfig (UTF-8, LF, tab indent)',
@@ -381,6 +404,18 @@ const FIXERS = [
 export function getFixers() {
     return FIXERS;
 }
+async function ownOutputsPresent(targetDir, fixer) {
+    for (const out of fixer.outputs) {
+        // Outputs that reference a package.json field (e.g. "package.json (scripts.verify)")
+        // can't be cheaply file-checked here; treat as present so we don't accidentally
+        // re-run safe-merge fixers on every targeted invocation.
+        if (out.includes('('))
+            return true;
+        if (await fs.pathExists(path.join(targetDir, out)))
+            return true;
+    }
+    return false;
+}
 function findFixer(target) {
     const normalized = target.toLowerCase();
     return FIXERS.find((f) => f.target.toLowerCase() === normalized);
@@ -575,7 +610,14 @@ export async function fixCommand(target, options = {}) {
         // fixable when the user explicitly targets it — treat it as optional-missing
         // so the override + lockfile resync paths run.
         const lockfileDemoted = lock !== null && declinedInLock(lock, result.check);
-        const effectiveResult = result.status === 'ok' && lockfileDemoted ? { ...result, status: 'optional-missing' } : result;
+        // When multiple fixers share a check (e.g. dependabot + renovate both apply to
+        // "Dependabot" deps-update coverage), the check can be `ok` from a sibling tool
+        // while this fixer's own outputs are still absent. In that case, treat as missing
+        // so the targeted scaffold runs.
+        const fixerOutputsPresent = await ownOutputsPresent(targetDir, fixer);
+        const effectiveResult = result.status === 'ok' && (lockfileDemoted || !fixerOutputsPresent)
+            ? { ...result, status: 'optional-missing' }
+            : result;
         if (effectiveResult.status === 'ok') {
             actions.push(recordFor(fixer.target, result.check, 'ok', 'already-ok', []));
             if (json)

package/dist/cli/generators/gitlab-ci.js ADDED Viewed

@@ -0,0 +1,87 @@
+import path from 'node:path';
+import fs from 'fs-extra';
+export async function generateGitLabCI(config, targetDir) {
+    const yamlPath = path.join(targetDir, '.gitlab-ci.yml');
+    await fs.writeFile(yamlPath, renderGitLabCI(config));
+    return '.gitlab-ci.yml';
+}
+function lintCommand(config) {
+    if (config.linting.tool === 'biome' || config.linting.tool === 'both')
+        return 'pnpm check';
+    return 'pnpm lint';
+}
+function renderGitLabCI(config) {
+    const hasTypeScript = config.typescript.enabled;
+    const hasTests = config.testing.framework !== 'none';
+    const hasLint = config.linting.tool !== 'none';
+    const hasBuild = config.bundler !== 'none';
+    const stages = [];
+    if (hasLint || hasTypeScript || hasTests)
+        stages.push('test');
+    if (hasBuild)
+        stages.push('build');
+    if (stages.length === 0)
+        stages.push('test');
+    const jobs = [];
+    if (hasLint) {
+        jobs.push(`lint:
+  stage: test
+  script:
+    - ${lintCommand(config)}`);
+    }
+    if (hasTypeScript) {
+        jobs.push(`typecheck:
+  stage: test
+  script:
+    - pnpm typecheck`);
+    }
+    if (hasTests) {
+        const testCmd = config.testing.framework === 'vitest'
+            ? 'pnpm exec vitest run'
+            : config.testing.framework === 'playwright'
+                ? 'pnpm test:e2e'
+                : 'pnpm test';
+        jobs.push(`test:
+  stage: test
+  script:
+    - ${testCmd}`);
+    }
+    if (hasBuild) {
+        jobs.push(`build:
+  stage: build
+  script:
+    - pnpm build
+  artifacts:
+    paths:
+      - dist/
+    expire_in: 1 week`);
+    }
+    return `# .gitlab-ci.yml — generated by @rtorcato/js-tooling
+# Customize stages and jobs to fit your pipeline.
+image: node:20
+stages:
+${stages.map((s) => `  - ${s}`).join('\n')}
+variables:
+  PNPM_CACHE_FOLDER: .pnpm-store
+cache:
+  key:
+    files:
+      - pnpm-lock.yaml
+  paths:
+    - .pnpm-store
+    - node_modules
+default:
+  before_script:
+    - corepack enable
+    - corepack prepare pnpm@latest --activate
+    - pnpm config set store-dir "$PNPM_CACHE_FOLDER"
+    - pnpm install --frozen-lockfile
+${jobs.join('\n\n')}
+`;
+}

package/dist/cli/generators/security.js CHANGED Viewed

@@ -24,6 +24,28 @@ updates:
 `;
     await fs.writeFile(filepath, content);
 }
+export async function generateRenovateConfig(targetDir) {
+    const filepath = path.join(targetDir, 'renovate.json');
+    const content = `${JSON.stringify({
+        $schema: 'https://docs.renovatebot.com/renovate-schema.json',
+        extends: ['config:recommended', ':semanticCommits', ':semanticCommitTypeAll(chore)'],
+        schedule: ['before 4am on Monday'],
+        prConcurrentLimit: 10,
+        prHourlyLimit: 0,
+        rangeStrategy: 'bump',
+        packageRules: [
+            {
+                matchManagers: ['github-actions'],
+                commitMessagePrefix: 'chore(ci):',
+            },
+            {
+                matchManagers: ['npm'],
+                commitMessagePrefix: 'chore(deps):',
+            },
+        ],
+    }, null, 2)}\n`;
+    await fs.writeFile(filepath, content);
+}
 export async function generateCodeQLWorkflow(targetDir) {
     await fs.ensureDir(path.join(targetDir, '.github', 'workflows'));
     const filepath = path.join(targetDir, '.github', 'workflows', 'codeql.yml');

package/dist/cli/index.js CHANGED Viewed

@@ -184,6 +184,12 @@ const TOOL_CATALOG = [
         exports: [],
         fixTarget: 'dependabot',
     },
+    {
+        name: 'Renovate',
+        description: 'Weekly automated dependency updates (alternative to Dependabot)',
+        exports: [],
+        fixTarget: 'renovate',
+    },
     {
         name: 'CodeQL',
         description: 'GitHub security scanning workflow',

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@rtorcato/js-tooling",
-	"version": "2.13.0",
+	"version": "2.15.0",
 	"description": "JavaScript and TypeScript tooling for Node.js, React, Next.js, and Vitest.",
 	"type": "module",
 	"keywords": [
@@ -240,7 +240,7 @@
 		"ts-jest": "^29.0.0",
 		"tsup": "^8.0.0",
 		"typescript": ">=5.0.0",
-		"typescript-eslint": "*",
+		"typescript-eslint": "^8.0.0",
 		"vitest": ">=3.0.0"
 	},
 	"peerDependenciesMeta": {