check-npm-lockfile 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +8 -1
- package/dist/cli.js.map +1 -1
- package/package.json +1 -1
package/dist/cli.js
CHANGED
|
@@ -5,12 +5,19 @@ import {
|
|
|
5
5
|
} from "./chunk-WYSKMPXQ.js";
|
|
6
6
|
|
|
7
7
|
// src/cli.ts
|
|
8
|
+
import { readFileSync } from "fs";
|
|
9
|
+
import { dirname, resolve } from "path";
|
|
10
|
+
import { fileURLToPath } from "url";
|
|
8
11
|
import { Command } from "commander";
|
|
9
12
|
import ora from "ora";
|
|
13
|
+
var __dirname = dirname(fileURLToPath(import.meta.url));
|
|
14
|
+
var packageJson = JSON.parse(
|
|
15
|
+
readFileSync(resolve(__dirname, "../package.json"), "utf-8")
|
|
16
|
+
);
|
|
10
17
|
var program = new Command();
|
|
11
18
|
program.name("check-npm-lockfile").description(
|
|
12
19
|
"Detect recently published npm packages in lockfiles for supply chain attack prevention"
|
|
13
|
-
).version(
|
|
20
|
+
).version(packageJson.version).argument("[lockfile]", "Path to lockfile (auto-detects if not specified)").option(
|
|
14
21
|
"--minimum-release-age <duration>",
|
|
15
22
|
"Minimum age threshold (e.g., '3 days', '7 days')",
|
|
16
23
|
"3 days"
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/cli.ts"],"sourcesContent":["#!/usr/bin/env node\nimport { Command } from \"commander\";\nimport ora from \"ora\";\nimport { analyzeLockfile } from \"./analyzer/index.js\";\nimport { formatOutput } from \"./output/index.js\";\nimport type { CLIOptions } from \"./types/index.js\";\n\nconst program = new Command();\n\nprogram\n .name(\"check-npm-lockfile\")\n .description(\n \"Detect recently published npm packages in lockfiles for supply chain attack prevention\"\n )\n .version(
|
|
1
|
+
{"version":3,"sources":["../src/cli.ts"],"sourcesContent":["#!/usr/bin/env node\nimport { readFileSync } from \"fs\";\nimport { dirname, resolve } from \"path\";\nimport { fileURLToPath } from \"url\";\nimport { Command } from \"commander\";\nimport ora from \"ora\";\nimport { analyzeLockfile } from \"./analyzer/index.js\";\nimport { formatOutput } from \"./output/index.js\";\nimport type { CLIOptions } from \"./types/index.js\";\n\nconst __dirname = dirname(fileURLToPath(import.meta.url));\nconst packageJson = JSON.parse(\n readFileSync(resolve(__dirname, \"../package.json\"), \"utf-8\")\n) as { version: string };\n\nconst program = new Command();\n\nprogram\n .name(\"check-npm-lockfile\")\n .description(\n \"Detect recently published npm packages in lockfiles for supply chain attack prevention\"\n )\n .version(packageJson.version)\n .argument(\"[lockfile]\", \"Path to lockfile (auto-detects if not specified)\")\n .option(\n \"--minimum-release-age <duration>\",\n \"Minimum age threshold (e.g., '3 days', '7 days')\",\n \"3 days\"\n )\n .option(\n \"-e, --exclude <packages...>\",\n \"Packages to exclude from checking\",\n []\n )\n .option(\"-f, --format <type>\", \"Output format: console or json\", \"console\")\n .option(\n \"-c, --concurrency <number>\",\n \"Max concurrent API requests\",\n \"10\"\n )\n .option(\"--no-exit-code\", \"Always exit with code 0\")\n .option(\"-v, --verbose\", \"Show verbose output\")\n .action(\n async (\n lockfilePath: string | undefined,\n opts: {\n minimumReleaseAge: string;\n exclude: string[];\n format: string;\n concurrency: string;\n exitCode: boolean;\n verbose: boolean;\n }\n ) => {\n const options: CLIOptions = {\n minimumReleaseAge: opts.minimumReleaseAge,\n exclude: opts.exclude,\n format: opts.format as \"console\" | \"json\",\n concurrency: parseInt(opts.concurrency, 10),\n exitCode: opts.exitCode,\n verbose: opts.verbose,\n };\n\n const spinner =\n options.format === \"console\" ? ora(\"Analyzing lockfile...\").start() : null;\n\n try {\n const result = await analyzeLockfile(\n lockfilePath,\n options,\n (current, total) => {\n if (spinner && options.verbose) {\n spinner.text = `Checking packages: ${current}/${total}`;\n }\n }\n );\n\n spinner?.stop();\n\n formatOutput(result, options.format);\n\n if (options.exitCode && result.recentPackages.length > 0) {\n process.exit(1);\n }\n } catch (error) {\n spinner?.fail(\n error instanceof Error ? error.message : \"Unknown error\"\n );\n process.exit(1);\n }\n }\n );\n\nprogram.parse();\n"],"mappings":";;;;;;;AACA,SAAS,oBAAoB;AAC7B,SAAS,SAAS,eAAe;AACjC,SAAS,qBAAqB;AAC9B,SAAS,eAAe;AACxB,OAAO,SAAS;AAKhB,IAAM,YAAY,QAAQ,cAAc,YAAY,GAAG,CAAC;AACxD,IAAM,cAAc,KAAK;AAAA,EACvB,aAAa,QAAQ,WAAW,iBAAiB,GAAG,OAAO;AAC7D;AAEA,IAAM,UAAU,IAAI,QAAQ;AAE5B,QACG,KAAK,oBAAoB,EACzB;AAAA,EACC;AACF,EACC,QAAQ,YAAY,OAAO,EAC3B,SAAS,cAAc,kDAAkD,EACzE;AAAA,EACC;AAAA,EACA;AAAA,EACA;AACF,EACC;AAAA,EACC;AAAA,EACA;AAAA,EACA,CAAC;AACH,EACC,OAAO,uBAAuB,kCAAkC,SAAS,EACzE;AAAA,EACC;AAAA,EACA;AAAA,EACA;AACF,EACC,OAAO,kBAAkB,yBAAyB,EAClD,OAAO,iBAAiB,qBAAqB,EAC7C;AAAA,EACC,OACE,cACA,SAQG;AACH,UAAM,UAAsB;AAAA,MAC1B,mBAAmB,KAAK;AAAA,MACxB,SAAS,KAAK;AAAA,MACd,QAAQ,KAAK;AAAA,MACb,aAAa,SAAS,KAAK,aAAa,EAAE;AAAA,MAC1C,UAAU,KAAK;AAAA,MACf,SAAS,KAAK;AAAA,IAChB;AAEA,UAAM,UACJ,QAAQ,WAAW,YAAY,IAAI,uBAAuB,EAAE,MAAM,IAAI;AAExE,QAAI;AACF,YAAM,SAAS,MAAM;AAAA,QACnB;AAAA,QACA;AAAA,QACA,CAAC,SAAS,UAAU;AAClB,cAAI,WAAW,QAAQ,SAAS;AAC9B,oBAAQ,OAAO,sBAAsB,OAAO,IAAI,KAAK;AAAA,UACvD;AAAA,QACF;AAAA,MACF;AAEA,eAAS,KAAK;AAEd,mBAAa,QAAQ,QAAQ,MAAM;AAEnC,UAAI,QAAQ,YAAY,OAAO,eAAe,SAAS,GAAG;AACxD,gBAAQ,KAAK,CAAC;AAAA,MAChB;AAAA,IACF,SAAS,OAAO;AACd,eAAS;AAAA,QACP,iBAAiB,QAAQ,MAAM,UAAU;AAAA,MAC3C;AACA,cAAQ,KAAK,CAAC;AAAA,IAChB;AAAA,EACF;AACF;AAEF,QAAQ,MAAM;","names":[]}
|