@wyxos/zephyr 0.2.14 → 0.2.16

package/bin/zephyr.mjs

@@ -1,13 +1,24 @@
-#!/usr/bin/env node
+#!/usr/bin/env node
 import { main } from '../src/index.mjs'
+import { checkAndUpdateVersion } from '../src/version-checker.mjs'
+import inquirer from 'inquirer'
 
 // Parse --type flag from command line arguments
 const args = process.argv.slice(2)
 const typeFlag = args.find(arg => arg.startsWith('--type='))
 const releaseType = typeFlag ? typeFlag.split('=')[1] : null
 
-// Pass the type to main function
-main(releaseType).catch((error) => {
-  console.error(error.message)
-  process.exit(1)
-})
+// Check for updates and re-execute if user confirms
+checkAndUpdateVersion((questions) => inquirer.prompt(questions), args)
+  .then((reExecuted) => {
+    if (reExecuted) {
+      // Version was updated and script re-executed, exit this process
+      process.exit(0)
+    }
+    // No update or user declined, continue with normal execution
+    return main(releaseType)
+  })
+  .catch((error) => {
+    console.error(error.message)
+    process.exit(1)
+  })

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wyxos/zephyr",
-  "version": "0.2.14",
+  "version": "0.2.16",
   "description": "A streamlined deployment tool for web applications with intelligent Laravel project detection",
   "type": "module",
   "main": "./src/index.mjs",

package/src/dependency-scanner.mjs

@@ -0,0 +1,457 @@
+import { readFile, writeFile } from 'node:fs/promises'
+import path from 'node:path'
+import { spawn } from 'node:child_process'
+import process from 'node:process'
+
+const IS_WINDOWS = process.platform === 'win32'
+
+function isLocalPathOutsideRepo(depPath, rootDir) {
+  if (!depPath || typeof depPath !== 'string') {
+    return false
+  }
+
+  // Remove file: prefix if present
+  let cleanPath = depPath
+  if (depPath.startsWith('file:')) {
+    cleanPath = depPath.slice(5)
+  }
+
+  // Resolve the path relative to the root directory
+  const resolvedPath = path.resolve(rootDir, cleanPath)
+  const resolvedRoot = path.resolve(rootDir)
+
+  // Normalize paths to handle different separators
+  const normalizedResolved = path.normalize(resolvedPath)
+  const normalizedRoot = path.normalize(resolvedRoot)
+
+  // If paths are equal, it's not outside
+  if (normalizedResolved === normalizedRoot) {
+    return false
+  }
+
+  // Check if resolved path is outside the repository root
+  // Use path.relative to check if the path goes outside
+  const relative = path.relative(normalizedRoot, normalizedResolved)
+  
+  // If relative path starts with .., it's outside the repo
+  // Also check if the resolved path doesn't start with the root + separator (for absolute paths)
+  return relative.startsWith('..') || !normalizedResolved.startsWith(normalizedRoot + path.sep)
+}
+
+async function scanPackageJsonDependencies(rootDir) {
+  const packageJsonPath = path.join(rootDir, 'package.json')
+  const localDeps = []
+
+  try {
+    const raw = await readFile(packageJsonPath, 'utf8')
+    const pkg = JSON.parse(raw)
+
+    const checkDeps = (deps, field) => {
+      if (!deps || typeof deps !== 'object') {
+        return
+      }
+
+      for (const [packageName, version] of Object.entries(deps)) {
+        if (typeof version === 'string' && version.startsWith('file:')) {
+          if (isLocalPathOutsideRepo(version, rootDir)) {
+            localDeps.push({
+              packageName,
+              path: version,
+              field
+            })
+          }
+        }
+      }
+    }
+
+    checkDeps(pkg.dependencies, 'dependencies')
+    checkDeps(pkg.devDependencies, 'devDependencies')
+
+    return localDeps
+  } catch (error) {
+    if (error.code === 'ENOENT') {
+      return []
+    }
+    throw error
+  }
+}
+
+async function scanComposerJsonDependencies(rootDir) {
+  const composerJsonPath = path.join(rootDir, 'composer.json')
+  const localDeps = []
+
+  try {
+    const raw = await readFile(composerJsonPath, 'utf8')
+    const composer = JSON.parse(raw)
+
+    // Check repositories field for local path repositories
+    if (composer.repositories && Array.isArray(composer.repositories)) {
+      for (const repo of composer.repositories) {
+        if (repo.type === 'path' && repo.url) {
+          if (isLocalPathOutsideRepo(repo.url, rootDir)) {
+            // Try to find which package uses this repository
+            // Check require and require-dev for packages that might use this repo
+            const repoPath = path.basename(repo.url.replace(/\/$/, ''))
+            const possiblePackages = []
+
+            const checkRequire = (requireObj, field) => {
+              if (!requireObj || typeof requireObj !== 'object') {
+                return
+              }
+              for (const [packageName] of Object.entries(requireObj)) {
+                // If package name matches the repo path or contains it, it's likely using this repo
+                if (packageName.includes(repoPath) || repoPath.includes(packageName.split('/').pop())) {
+                  possiblePackages.push({ packageName, field })
+                }
+              }
+            }
+
+            checkRequire(composer.require, 'require')
+            checkRequire(composer['require-dev'], 'require-dev')
+
+            if (possiblePackages.length > 0) {
+              for (const { packageName, field } of possiblePackages) {
+                localDeps.push({
+                  packageName,
+                  path: repo.url,
+                  field
+                })
+              }
+            } else {
+              // If we can't determine which package, still report the repository
+              localDeps.push({
+                packageName: repo.url,
+                path: repo.url,
+                field: 'repositories'
+              })
+            }
+          }
+        }
+      }
+    }
+
+    return localDeps
+  } catch (error) {
+    if (error.code === 'ENOENT') {
+      return []
+    }
+    throw error
+  }
+}
+
+async function fetchLatestNpmVersion(packageName) {
+  try {
+    const response = await fetch(`https://registry.npmjs.org/${packageName}/latest`)
+    if (!response.ok) {
+      return null
+    }
+    const data = await response.json()
+    return data.version || null
+  } catch (error) {
+    return null
+  }
+}
+
+async function fetchLatestPackagistVersion(packageName) {
+  try {
+    // Packagist API v2 format
+    const response = await fetch(`https://repo.packagist.org/p2/${packageName}.json`)
+    if (!response.ok) {
+      return null
+    }
+    const data = await response.json()
+    if (data.packages && data.packages[packageName] && data.packages[packageName].length > 0) {
+      // Get the latest version (first in array is usually latest)
+      const latest = data.packages[packageName][0]
+      return latest.version || null
+    }
+    return null
+  } catch (error) {
+    return null
+  }
+}
+
+async function updatePackageJsonDependency(rootDir, packageName, newVersion, field) {
+  const packageJsonPath = path.join(rootDir, 'package.json')
+  const raw = await readFile(packageJsonPath, 'utf8')
+  const pkg = JSON.parse(raw)
+
+  if (!pkg[field]) {
+    pkg[field] = {}
+  }
+
+  pkg[field][packageName] = `^${newVersion}`
+
+  const updatedContent = JSON.stringify(pkg, null, 2) + '\n'
+  await writeFile(packageJsonPath, updatedContent, 'utf8')
+}
+
+async function updateComposerJsonDependency(rootDir, packageName, newVersion, field) {
+  const composerJsonPath = path.join(rootDir, 'composer.json')
+  const raw = await readFile(composerJsonPath, 'utf8')
+  const composer = JSON.parse(raw)
+
+  if (field === 'repositories') {
+    // Remove the local repository entry
+    if (composer.repositories && Array.isArray(composer.repositories)) {
+      composer.repositories = composer.repositories.filter(
+        (repo) => !(repo.type === 'path' && repo.url === packageName)
+      )
+    }
+    // Update the dependency version in require or require-dev
+    // We need to find which field contains this package
+    if (composer.require && composer.require[packageName]) {
+      composer.require[packageName] = `^${newVersion}`
+    } else if (composer['require-dev'] && composer['require-dev'][packageName]) {
+      composer['require-dev'][packageName] = `^${newVersion}`
+    }
+  } else {
+    if (!composer[field]) {
+      composer[field] = {}
+    }
+    composer[field][packageName] = `^${newVersion}`
+  }
+
+  const updatedContent = JSON.stringify(composer, null, 2) + '\n'
+  await writeFile(composerJsonPath, updatedContent, 'utf8')
+}
+
+async function runCommand(command, args, { cwd = process.cwd(), capture = false } = {}) {
+  return new Promise((resolve, reject) => {
+    const spawnOptions = {
+      stdio: capture ? ['ignore', 'pipe', 'pipe'] : 'inherit',
+      cwd
+    }
+
+    if (IS_WINDOWS && command !== 'git') {
+      spawnOptions.shell = true
+    }
+
+    const child = spawn(command, args, spawnOptions)
+    let stdout = ''
+    let stderr = ''
+
+    if (capture) {
+      child.stdout.on('data', (chunk) => {
+        stdout += chunk
+      })
+
+      child.stderr.on('data', (chunk) => {
+        stderr += chunk
+      })
+    }
+
+    child.on('error', reject)
+    child.on('close', (code) => {
+      if (code === 0) {
+        resolve(capture ? { stdout: stdout.trim(), stderr: stderr.trim() } : undefined)
+      } else {
+        const error = new Error(`Command failed (${code}): ${command} ${args.join(' ')}`)
+        if (capture) {
+          error.stdout = stdout
+          error.stderr = stderr
+        }
+        error.exitCode = code
+        reject(error)
+      }
+    })
+  })
+}
+
+async function getGitStatus(rootDir) {
+  try {
+    const result = await runCommand('git', ['status', '--porcelain'], { capture: true, cwd: rootDir })
+    return result.stdout || ''
+  } catch (error) {
+    return ''
+  }
+}
+
+function hasStagedChanges(statusOutput) {
+  if (!statusOutput || statusOutput.length === 0) {
+    return false
+  }
+
+  const lines = statusOutput.split('\n').filter((line) => line.trim().length > 0)
+
+  return lines.some((line) => {
+    const firstChar = line[0]
+    return firstChar && firstChar !== ' ' && firstChar !== '?'
+  })
+}
+
+async function commitDependencyUpdates(rootDir, updatedFiles, logFn) {
+  try {
+    // Check if we're in a git repository
+    await runCommand('git', ['rev-parse', '--is-inside-work-tree'], { capture: true, cwd: rootDir })
+  } catch {
+    // Not a git repository, skip commit
+    return false
+  }
+
+  const status = await getGitStatus(rootDir)
+
+  // Stage the updated files
+  for (const file of updatedFiles) {
+    try {
+      await runCommand('git', ['add', file], { cwd: rootDir })
+    } catch {
+      // File might not exist or not be tracked, continue
+    }
+  }
+
+  const newStatus = await getGitStatus(rootDir)
+  if (!hasStagedChanges(newStatus)) {
+    return false
+  }
+
+  // Build commit message
+  const fileList = updatedFiles.map(f => path.basename(f)).join(', ')
+  const commitMessage = `chore: update local file dependencies to online versions (${fileList})`
+
+  if (logFn) {
+    logFn('Committing dependency updates...')
+  }
+
+  await runCommand('git', ['commit', '-m', commitMessage], { cwd: rootDir })
+
+  if (logFn) {
+    logFn('Dependency updates committed.')
+  }
+
+  return true
+}
+
+async function validateLocalDependencies(rootDir, promptFn, logFn = null) {
+  const packageDeps = await scanPackageJsonDependencies(rootDir)
+  const composerDeps = await scanComposerJsonDependencies(rootDir)
+
+  const allDeps = [...packageDeps, ...composerDeps]
+
+  if (allDeps.length === 0) {
+    return
+  }
+
+  // Fetch latest versions for all dependencies
+  const depsWithVersions = await Promise.all(
+    allDeps.map(async (dep) => {
+      let latestVersion = null
+      if (dep.field === 'dependencies' || dep.field === 'devDependencies') {
+        latestVersion = await fetchLatestNpmVersion(dep.packageName)
+      } else if (dep.field === 'require' || dep.field === 'require-dev') {
+        latestVersion = await fetchLatestPackagistVersion(dep.packageName)
+      } else if (dep.field === 'repositories') {
+        // For repositories, try to extract package name and fetch from Packagist
+        // The packageName might be the path, so we need to handle this differently
+        // For now, we'll show the path but can't fetch version
+      }
+
+      return {
+        ...dep,
+        latestVersion
+      }
+    })
+  )
+
+  // Build warning messages
+  const messages = depsWithVersions.map((dep) => {
+    const versionInfo = dep.latestVersion
+      ? ` Latest version available: ${dep.latestVersion}.`
+      : ' Latest version could not be determined.'
+    return `Dependency '${dep.packageName}' is pointing to a local path outside the repository: ${dep.path}.${versionInfo}`
+  })
+
+  // Prompt user
+  const { shouldUpdate } = await promptFn([
+    {
+      type: 'confirm',
+      name: 'shouldUpdate',
+      message: `Found ${allDeps.length} local file dependency/dependencies pointing outside the repository:\n\n${messages.join('\n\n')}\n\nUpdate to latest version?`,
+      default: true
+    }
+  ])
+
+  if (!shouldUpdate) {
+    throw new Error('Release cancelled: local file dependencies must be updated before release.')
+  }
+
+  // Track which files were updated
+  const updatedFiles = new Set()
+
+  // Update dependencies
+  for (const dep of depsWithVersions) {
+    if (!dep.latestVersion) {
+      continue
+    }
+
+    if (dep.field === 'dependencies' || dep.field === 'devDependencies') {
+      await updatePackageJsonDependency(rootDir, dep.packageName, dep.latestVersion, dep.field)
+      updatedFiles.add('package.json')
+    } else if (dep.field === 'require' || dep.field === 'require-dev') {
+      await updateComposerJsonDependency(rootDir, dep.packageName, dep.latestVersion, dep.field)
+      updatedFiles.add('composer.json')
+    } else if (dep.field === 'repositories') {
+      // For repositories, we need to remove the repository entry
+      // But we still need to update the dependency version
+      // This is more complex, so for now we'll just update if we can find the package
+      const composerJsonPath = path.join(rootDir, 'composer.json')
+      const raw = await readFile(composerJsonPath, 'utf8')
+      const composer = JSON.parse(raw)
+
+      // Try to find which package uses this repository
+      let packageToUpdate = null
+      let fieldToUpdate = null
+
+      if (composer.require) {
+        for (const [pkgName] of Object.entries(composer.require)) {
+          if (pkgName.includes(dep.packageName.split('/').pop()) || dep.packageName.includes(pkgName.split('/').pop())) {
+            packageToUpdate = pkgName
+            fieldToUpdate = 'require'
+            break
+          }
+        }
+      }
+
+      if (!packageToUpdate && composer['require-dev']) {
+        for (const [pkgName] of Object.entries(composer['require-dev'])) {
+          if (pkgName.includes(dep.packageName.split('/').pop()) || dep.packageName.includes(pkgName.split('/').pop())) {
+            packageToUpdate = pkgName
+            fieldToUpdate = 'require-dev'
+            break
+          }
+        }
+      }
+
+      if (packageToUpdate && fieldToUpdate) {
+        await updateComposerJsonDependency(rootDir, packageToUpdate, dep.latestVersion, fieldToUpdate)
+        // Also remove the repository entry
+        const updatedRaw = await readFile(composerJsonPath, 'utf8')
+        const updatedComposer = JSON.parse(updatedRaw)
+        if (updatedComposer.repositories && Array.isArray(updatedComposer.repositories)) {
+          updatedComposer.repositories = updatedComposer.repositories.filter(
+            (repo) => !(repo.type === 'path' && repo.url === dep.path)
+          )
+          const updatedContent = JSON.stringify(updatedComposer, null, 2) + '\n'
+          await writeFile(composerJsonPath, updatedContent, 'utf8')
+        }
+        updatedFiles.add('composer.json')
+      }
+    }
+  }
+
+  // Commit the changes if any files were updated
+  if (updatedFiles.size > 0) {
+    await commitDependencyUpdates(rootDir, Array.from(updatedFiles), logFn)
+  }
+}
+
+export {
+  scanPackageJsonDependencies,
+  scanComposerJsonDependencies,
+  fetchLatestNpmVersion,
+  fetchLatestPackagistVersion,
+  updatePackageJsonDependency,
+  updateComposerJsonDependency,
+  isLocalPathOutsideRepo,
+  validateLocalDependencies
+}

package/src/index.mjs

@@ -9,6 +9,7 @@ import inquirer from 'inquirer'
 import { NodeSSH } from 'node-ssh'
 import { releaseNode } from './release-node.mjs'
 import { releasePackagist } from './release-packagist.mjs'
+import { validateLocalDependencies } from './dependency-scanner.mjs'
 
 const IS_WINDOWS = process.platform === 'win32'
 
@@ -1249,7 +1250,7 @@ async function runRemoteTasks(config, options = {}) {
   if (isLaravel) {
     logProcessing('Running Laravel tests locally...')
     try {
-      await runCommand('php', ['artisan', 'test'], { cwd: rootDir })
+      await runCommand('php', ['artisan', 'test', '--compact'], { cwd: rootDir })
       logSuccess('Local tests passed.')
     } catch (error) {
       throw new Error(`Local tests failed. Fix test failures before deploying. ${error.message}`)
@@ -1906,6 +1907,17 @@ async function main(releaseType = null) {
   await ensureGitignoreEntry(rootDir)
   await ensureProjectReleaseScript(rootDir)
 
+  // Validate dependencies if package.json or composer.json exists
+  const packageJsonPath = path.join(rootDir, 'package.json')
+  const composerJsonPath = path.join(rootDir, 'composer.json')
+  const hasPackageJson = await fs.access(packageJsonPath).then(() => true).catch(() => false)
+  const hasComposerJson = await fs.access(composerJsonPath).then(() => true).catch(() => false)
+
+  if (hasPackageJson || hasComposerJson) {
+    logProcessing('Validating dependencies...')
+    await validateLocalDependencies(rootDir, runPrompt, logSuccess)
+  }
+
   // Load servers first (they may be migrated)
   const servers = await loadServers()
   // Load project config with servers for migration

package/src/release-node.mjs

@@ -6,6 +6,8 @@ import fs from 'node:fs'
 import path from 'node:path'
 import process from 'node:process'
 import chalk from 'chalk'
+import inquirer from 'inquirer'
+import { validateLocalDependencies } from './dependency-scanner.mjs'
 
 const IS_WINDOWS = process.platform === 'win32'
 
@@ -580,6 +582,9 @@ export async function releaseNode() {
     logStep('Reading package metadata...')
     const pkg = await readPackage(rootDir)
 
+    logStep('Validating dependencies...')
+    await validateLocalDependencies(rootDir, (questions) => inquirer.prompt(questions), logSuccess)
+
     logStep('Checking working tree status...')
     await ensureCleanWorkingTree(rootDir)
 

package/src/release-packagist.mjs

@@ -6,6 +6,8 @@ import fs from 'node:fs'
 import path from 'node:path'
 import process from 'node:process'
 import semver from 'semver'
+import inquirer from 'inquirer'
+import { validateLocalDependencies } from './dependency-scanner.mjs'
 
 const STEP_PREFIX = '→'
 const OK_PREFIX = '✔'
@@ -303,7 +305,7 @@ async function runTests(skipTests, composer, rootDir = process.cwd()) {
     }, 200)
 
     if (hasArtisanFile) {
-      await runCommand('php', ['artisan', 'test'], { capture: true, cwd: rootDir })
+      await runCommand('php', ['artisan', 'test', '--compact'], { capture: true, cwd: rootDir })
     } else if (hasTestScript) {
       await runCommand('composer', ['test'], { capture: true, cwd: rootDir })
     }
@@ -384,6 +386,9 @@ export async function releasePackagist() {
     throw new Error('composer.json does not have a version field. Add "version": "0.0.0" to composer.json.')
   }
 
+  logStep('Validating dependencies...')
+  await validateLocalDependencies(rootDir, (questions) => inquirer.prompt(questions), logSuccess)
+
   logStep('Checking working tree status...')
   await ensureCleanWorkingTree(rootDir)
 

package/src/version-checker.mjs

@@ -0,0 +1,126 @@
+import { readFile } from 'node:fs/promises'
+import { fileURLToPath } from 'node:url'
+import path from 'node:path'
+import { spawn } from 'node:child_process'
+import process from 'node:process'
+import semver from 'semver'
+
+const IS_WINDOWS = process.platform === 'win32'
+
+async function getCurrentVersion() {
+  try {
+    // Try to get version from package.json
+    // When running via npx, the package.json is in the installed package directory
+    const packageJsonPath = path.resolve(
+      path.dirname(fileURLToPath(import.meta.url)),
+      '..',
+      'package.json'
+    )
+    const packageJson = JSON.parse(await readFile(packageJsonPath, 'utf8'))
+    return packageJson.version
+  } catch (error) {
+    // If we can't read package.json, return null
+    return null
+  }
+}
+
+async function getLatestVersion() {
+  try {
+    const response = await fetch('https://registry.npmjs.org/@wyxos/zephyr/latest')
+    if (!response.ok) {
+      return null
+    }
+    const data = await response.json()
+    return data.version || null
+  } catch (error) {
+    return null
+  }
+}
+
+function isNewerVersionAvailable(current, latest) {
+  if (!current || !latest) {
+    return false
+  }
+
+  // Use semver to properly compare versions
+  try {
+    return semver.gt(latest, current)
+  } catch (error) {
+    // If semver comparison fails, fall back to simple string comparison
+    return latest !== current
+  }
+}
+
+async function reExecuteWithLatest(args) {
+  // Re-execute with npx @wyxos/zephyr@latest
+  const command = IS_WINDOWS ? 'npx.cmd' : 'npx'
+  const npxArgs = ['@wyxos/zephyr@latest', ...args]
+
+  return new Promise((resolve, reject) => {
+    const child = spawn(command, npxArgs, {
+      stdio: 'inherit',
+      shell: IS_WINDOWS
+    })
+
+    child.on('error', reject)
+    child.on('close', (code) => {
+      if (code === 0) {
+        resolve()
+      } else {
+        reject(new Error(`Command exited with code ${code}`))
+      }
+    })
+  })
+}
+
+export async function checkAndUpdateVersion(promptFn, args) {
+  try {
+    // Skip check if already running @latest (detected via environment or process)
+    // When npx runs @latest, the version should already be latest
+    const isRunningLatest = process.env.npm_config_user_config?.includes('@latest') ||
+                           process.argv.some(arg => arg.includes('@latest'))
+
+    if (isRunningLatest) {
+      return false
+    }
+
+    const currentVersion = await getCurrentVersion()
+    if (!currentVersion) {
+      // Can't determine current version, skip check
+      return false
+    }
+
+    const latestVersion = await getLatestVersion()
+    if (!latestVersion) {
+      // Can't fetch latest version, skip check
+      return false
+    }
+
+    if (!isNewerVersionAvailable(currentVersion, latestVersion)) {
+      // Already on latest or newer
+      return false
+    }
+
+    // Newer version available, prompt user
+    const { shouldUpdate } = await promptFn([
+      {
+        type: 'confirm',
+        name: 'shouldUpdate',
+        message: `A new version of @wyxos/zephyr is available (${latestVersion}). You are currently on ${currentVersion}. Update and continue?`,
+        default: true
+      }
+    ])
+
+    if (!shouldUpdate) {
+      return false
+    }
+
+    // User confirmed, re-execute with latest version
+    await reExecuteWithLatest(args)
+    return true // Indicates we've re-executed, so the current process should exit
+  } catch (error) {
+    // If version check fails, just continue with current version
+    // Don't block the user from using the tool
+    return false
+  }
+}