bun-ready 0.1.0 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +139 -0
  2. package/dist/cli.js +1024 -145
  3. package/package.json +1 -1
package/README.md CHANGED
@@ -39,6 +39,145 @@ bun-ready scan . --no-install --no-test
39
39
  - 2 → YELLOW
40
40
  - 3 → RED
41
41
 
42
+ ## Monorepo / Workspaces Support
43
+
44
+ bun-ready now supports scanning monorepo projects with multiple workspace packages.
45
+
46
+ ### Workspace Discovery
47
+
48
+ If your `package.json` contains a `workspaces` field (array or object), bun-ready will:
49
+ - Discover all workspace packages automatically
50
+ - Analyze each package individually
51
+ - Aggregate results into a single report
52
+
53
+ ### Configuration
54
+
55
+ You can create a `bun-ready.config.json` file in your repository root to customize the scan:
56
+
57
+ ```json
58
+ {
59
+ "ignorePackages": ["packages/legacy"],
60
+ "ignoreFindings": ["scripts.pm_assumptions"],
61
+ "nativeAddonAllowlist": ["fsevents"],
62
+ "failOn": "yellow"
63
+ }
64
+ ```
65
+
66
+ ### Options
67
+
68
+ | Option | Description | Default |
69
+ |---------|-------------|----------|
70
+ | `ignorePackages` | Array of package paths to ignore | `[]` |
71
+ | `ignoreFindings` | Array of finding IDs to ignore | `[]` |
72
+ | `nativeAddonAllowlist` | Packages to exclude from native addon checks | `[]` |
73
+ | `failOn` | When to return non-zero exit code | `"red"` |
74
+
75
+ ### New CLI Flags
76
+
77
+ `--scope root|packages|all`
78
+ - `root`: Scan only the root package.json
79
+ - `packages`: Scan only workspace packages
80
+ - `all`: Scan root and all workspace packages (default)
81
+
82
+ `--fail-on green|yellow|red`
83
+ - Controls when bun-ready exits with a failure code
84
+ - `green`: Fail on anything not green (exit 3)
85
+ - `yellow`: Fail on red only (exit 3), yellow passes (exit 0)
86
+ - `red`: Default behavior - green=0, yellow=2, red=3
87
+
88
+ ## How Scoring Works
89
+
90
+ bun-ready uses a combination of heuristics to determine migration readiness:
91
+
92
+ ### Severity Levels
93
+
94
+ **🟢 GREEN** - Ready to migrate
95
+ - No critical issues detected
96
+ - Bun install succeeds
97
+ - Tests pass (if compatible)
98
+ - No native addon risks or properly handled
99
+
100
+ **🟡 YELLOW** - Migration possible with manual fixes
101
+ - Lifecycle scripts present (verify npm compatibility)
102
+ - Native addons detected (may need updates)
103
+ - Package manager assumptions in scripts
104
+ - Node version < 18
105
+ - Dev tools that may need configuration
106
+
107
+ **🔴 RED** - Migration blocked
108
+ - Bun install fails
109
+ - Native build tools (node-gyp, node-sass)
110
+ - Critical missing dependencies
111
+ - Tests fail
112
+
113
+ ### Findings Categories
114
+
115
+ - `scripts.lifecycle` - Lifecycle scripts in root or dependencies
116
+ - `scripts.npm_specific` - npm/yarn/pnpm-specific commands
117
+ - `scripts.pm_assumptions` - Package manager assumptions
118
+ - `deps.native_addons` - Native addon dependencies
119
+ - `runtime.node_version` - Node.js version requirements
120
+ - `runtime.dev_tools` - Testing frameworks (jest, vitest, etc.)
121
+ - `runtime.build_tools` - Build tools (webpack, babel, etc.)
122
+ - `runtime.ts_execution` - TypeScript runtime execution
123
+ - `lockfile.missing` - No lockfile detected
124
+ - `lockfile.migration` - Non-Bun lockfile present
125
+ - `install.blocked_scripts` - Scripts blocked by Bun
126
+ - `install.trusted_deps` - Trusted dependencies mentioned
127
+
128
+ ## FAQ
129
+
130
+ ### Why yellow when there's a postinstall script?
131
+
132
+ Bun runs your project's lifecycle scripts during install, but **does not run** lifecycle scripts of dependencies unless they're in `trustedDependencies`. The yellow warning reminds you to verify these scripts work correctly with Bun.
133
+
134
+ ### What are trustedDependencies?
135
+
136
+ Bun's `trustedDependencies` configuration controls which packages are allowed to run their lifecycle scripts. You can add trusted packages to this field in your `package.json`:
137
+
138
+ ```json
139
+ {
140
+ "trustedDependencies": ["some-package"]
141
+ }
142
+ ```
143
+
144
+ ### How do I handle monorepo scanning?
145
+
146
+ For monorepos, bun-ready automatically detects workspaces and scans all packages. Use `--scope` to control what's scanned:
147
+
148
+ ```bash
149
+ # Scan everything (default)
150
+ bun-ready scan .
151
+
152
+ # Scan only root package
153
+ bun-ready scan . --scope root
154
+
155
+ # Scan only workspace packages
156
+ bun-ready scan . --scope packages
157
+ ```
158
+
159
+ ### Can I ignore certain findings?
160
+
161
+ Yes! Create a `bun-ready.config.json` file:
162
+
163
+ ```json
164
+ {
165
+ "ignoreFindings": ["scripts.pm_assumptions"]
166
+ }
167
+ ```
168
+
169
+ ### What if a package is in the native addon list but works with Bun?
170
+
171
+ Add it to the allowlist:
172
+
173
+ ```json
174
+ {
175
+ "nativeAddonAllowlist": ["fsevents"]
176
+ }
177
+ ```
178
+
179
+ Some packages have optional native modules that can be disabled or work fine with Bun.
180
+
42
181
  ## What it checks (MVP)
43
182
  - package.json presence & shape
44
183
  - lockfiles (npm/yarn/pnpm/bun)