check-package-lock 1.10.0 → 1.11.0

package/.circleci/config.yml

@@ -3,7 +3,7 @@ jobs:
   build:
     docker:
       # Use node image
-      - image: circleci/node
+      - image: cimg/node:lts
 
     # code folder
     working_directory: ~/repo

package/LICENSE

@@ -19,3 +19,4 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
+

package/README.md

@@ -1,46 +1,46 @@
-# check-package-lock
-Checks the package-lock.json file for http:// links
-
-## What does it do?
-check-package-lock can check if the package-lock.json file contain insecure http:// links
-
-## Usage
-To check the package-lock.json file in the current folder:
-```
-npm install -g check-package-lock
-check-package-lock
-```
-
-To check the package-lock.json file in another folder:
-```
-npm install -g check-package-lock
-check-package-lock --folder 'nodefolder'
-```
-
-## Exit codes
-```
-0 = No errors
-1 = Errors were founds in the package-lock.json files
-2 = package-lock.json was not found
-3 = Folder specified does not exists
-4 = Folder specified is not a folder
-```
-
-## Continuous Integration
-check-package-lock can be used in CI environments to check your package-lock.json file before merging a pull request
-
-## Badges
-
-[![CircleCI](https://circleci.com/gh/gemal/node-check-package-lock.svg?style=svg)](https://circleci.com/gh/gemal/node-check-package-lock)
-
-[![codecov](https://codecov.io/gh/gemal/node-check-package-lock/branch/master/graph/badge.svg)](https://codecov.io/gh/gemal/node-check-package-lock)
-
-[![StyleCI](https://github.styleci.io/repos/183420925/shield)](https://github.styleci.io/repos/183420925)
-
-[![Known Vulnerabilities](https://snyk.io/test/github/gemal/node-check-package-lock/badge.svg)](https://snyk.io/test/github/gemal/node-check-package-lock)
-
-[![Total alerts](https://img.shields.io/lgtm/alerts/g/gemal/node-check-package-lock.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/gemal/node-check-package-lock/alerts/)
-
-[![CodeFactor](https://www.codefactor.io/repository/github/gemal/node-check-package-lock/badge)](https://www.codefactor.io/repository/github/gemal/node-check-package-lock)
-
-[![DeepScan grade](https://deepscan.io/api/teams/14204/projects/17307/branches/392368/badge/grade.svg)](https://deepscan.io/dashboard#view=project&tid=14204&pid=17307&bid=392368)
+# check-package-lock
+Checks the package-lock.json file for http:// links
+
+## What does it do?
+check-package-lock can check if the package-lock.json file contain insecure http:// links
+
+## Usage
+To check the package-lock.json file in the current folder:
+```
+npm install -g check-package-lock
+check-package-lock
+```
+
+To check the package-lock.json file in another folder:
+```
+npm install -g check-package-lock
+check-package-lock --folder 'nodefolder'
+```
+
+## Exit codes
+```
+0 = No errors
+1 = Errors were founds in the package-lock.json files
+2 = package-lock.json was not found
+3 = Folder specified does not exists
+4 = Folder specified is not a folder
+```
+
+## CI - Continuous Integration
+check-package-lock can be used in CI environments to check your package-lock.json file before merging a pull request
+
+## Badges
+
+[![CircleCI](https://circleci.com/gh/gemal/node-check-package-lock.svg?style=svg)](https://circleci.com/gh/gemal/node-check-package-lock)
+
+[![codecov](https://codecov.io/gh/gemal/node-check-package-lock/branch/master/graph/badge.svg)](https://codecov.io/gh/gemal/node-check-package-lock)
+
+[![StyleCI](https://github.styleci.io/repos/183420925/shield)](https://github.styleci.io/repos/183420925)
+
+[![Known Vulnerabilities](https://snyk.io/test/github/gemal/node-check-package-lock/badge.svg)](https://snyk.io/test/github/gemal/node-check-package-lock)
+
+[![Total alerts](https://img.shields.io/lgtm/alerts/g/gemal/node-check-package-lock.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/gemal/node-check-package-lock/alerts/)
+
+[![CodeFactor](https://www.codefactor.io/repository/github/gemal/node-check-package-lock/badge)](https://www.codefactor.io/repository/github/gemal/node-check-package-lock)
+
+[![DeepScan grade](https://deepscan.io/api/teams/14204/projects/17307/branches/392368/badge/grade.svg)](https://deepscan.io/dashboard#view=project&tid=14204&pid=17307&bid=392368)

package/eslint.config.js

@@ -0,0 +1,17 @@
+import globals from "globals";
+import js from "@eslint/js";
+
+
+export default [
+  {
+    languageOptions: {
+      globals: {
+        process: "readonly",
+        describe: "readonly",
+        it: "readonly",
+        ...globals.browser
+      }
+    }
+  },
+  js.configs.recommended,
+];

package/index.js

@@ -2,9 +2,14 @@
 
 'use strict';
 
-const fs = require('fs');
-const path = require('path');
-const {program} = require('commander');
+import fs from 'fs';
+import path from 'path';
+import { program } from 'commander';
+import { fileURLToPath } from 'url';
+
+// Define __filename and __dirname for ES modules
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
 
 /**
  * Check a folder.
@@ -17,7 +22,7 @@ function checkFolder() {
     }
     const pack = fullpath + 'package-lock.json';
     if (fs.existsSync(pack)) {
-        const filecontent = fs.readFileSync(pack, {encoding: 'utf-8'});
+        const filecontent = fs.readFileSync(pack, { encoding: 'utf-8' });
         if (filecontent.indexOf('http://registry.npmjs.org') > -1) { // lgtm [js/incomplete-url-substring-sanitization]
             console.log(pack + ' is NOT OK. It contains references to http://registry.npmjs.org');
             console.log('In order to fix this do:');
@@ -31,13 +36,13 @@ function checkFolder() {
             return 0;
         }
     } else {
-        console.log(pack + ' does not exists');
+        console.log(pack + ' does not exist');
         return 2;
     }
 }
 
 program
-    .version(require('./package.json').version)
+    .version(JSON.parse(fs.readFileSync(path.join(__dirname, 'package.json'))).version)
     .description('Checks the package-lock.json file for http:// links')
     .option('-f, --folder <folder>', 'Folder with package-lock.json file')
     .parse(process.argv);
@@ -54,7 +59,7 @@ if (options.folder) {
             process.exitCode = 4;
         }
     } else {
-        console.log('Oops! Folder does not exists: ' + options.folder);
+        console.log('Oops! Folder does not exist: ' + options.folder);
         process.exitCode = 3;
     }
 } else {

package/package.json

@@ -1,47 +1,49 @@
-{
-    "name": "check-package-lock",
-    "version": "1.10.0",
-    "description": "Checks the package-lock.json file for http:// links",
-    "main": "index.js",
-    "repository": {
-        "type": "git",
-        "url": "https://github.com/gemal/node-check-package-lock"
-    },
-    "scripts": {
-        "test": "mocha"
-    },
-    "author": "Henrik Gemal <henrik@gemal.dk> (http://gemal.dk/)",
-    "license": "MIT",
-    "bin": {
-        "check-package-lock": "index.js"
-    },
-    "bugs": {
-        "url": "https://github.com/gemal/node-check-package-lock/issues"
-    },
-    "keywords": [
-        "package",
-        "package-lock",
-        "check",
-        "cli",
-        "lock",
-        "http",
-        "automate",
-        "ci"
-    ],
-    "homepage": "https://github.com/gemal/node-check-package-lock",
-    "dependencies": {
-        "commander": "^9.0.0"
-    },
-    "devDependencies": {
-        "chai": "^4.3.4",
-        "child_process": "^1.0.2",
-        "codecov": "^3.8.2",
-        "eslint": "^8.8.0",
-        "eslint-config-google": "^0.14.0",
-        "expect": "^29.2.2",
-        "lintspaces-cli": "^0.7.1",
-        "mocha": "^10.0.0",
-        "nyc": "^15.1.0",
-        "snyk": "^1.594.0"
-    }
-}
+{
+    "name": "check-package-lock",
+    "version": "1.11.0",
+    "description": "Checks the package-lock.json file for insecure http:// links",
+    "main": "index.js",
+    "repository": {
+        "type": "git",
+        "url": "https://github.com/gemal/node-check-package-lock"
+    },
+    "scripts": {
+        "test": "mocha"
+    },
+    "type": "module",
+    "author": "Henrik Gemal <henrik@gemal.dk> (http://gemal.dk/)",
+    "license": "MIT",
+    "bin": {
+        "check-package-lock": "index.js"
+    },
+    "bugs": {
+        "url": "https://github.com/gemal/node-check-package-lock/issues"
+    },
+    "keywords": [
+        "package",
+        "package-lock",
+        "check",
+        "cli",
+        "lock",
+        "http",
+        "automate",
+        "ci"
+    ],
+    "homepage": "https://github.com/gemal/node-check-package-lock",
+    "dependencies": {
+        "commander": "^12.1.0"
+    },
+    "devDependencies": {
+        "@eslint/js": "^9.13.0",
+        "chai": "^5.1.2",
+        "child_process": "^1.0.2",
+        "codecov": "^3.8.2",
+        "eslint": "^9.13.0",
+        "expect": "^29.2.2",
+        "globals": "^15.11.0",
+        "lintspaces-cli": "^1.0.0",
+        "mocha": "^10.0.0",
+        "nyc": "^17.1.0",
+        "snyk": "^1.594.0"
+    }
+}

package/test/index.js

@@ -1,115 +1,56 @@
-#!/usr/bin/env node
+import { expect } from 'chai';
+import path from 'path';
+import { exec } from "node:child_process";
+import { fileURLToPath } from 'url';
 
-'use strict';
-
-const assert = require('assert');
-const path = require('path');
-const spawn = require('child_process').spawn;
-const expect = require('chai').expect;
+// Define __filename and __dirname in ES modules
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
 
 describe('index.js', function() {
-    // eslint-disable-next-line no-invalid-this
     this.timeout(8000);
 
-    it('should exit 1 having problems', function(done) {
-        let out = '';
-        spawn('node', [path.join(__dirname, '../index.js'), '--folder', 'test/test1'], {
-            cwd: path.join(__dirname, '../'),
-        }).on('exit', function(code) {
-            assert.strictEqual(code, 1);
-            expect(out).to.match(/package-lock.json is NOT OK/);
-            expect(out).to.match(/Delete the node_modules folder/);
+    function runTest(args, expectedExitCode, expectedOutput, done) {
+        const command = `node ${path.join(__dirname, '../index.js')} ${args.join(' ')}`;
+        exec(command, { cwd: path.join(__dirname, '../') }, (error, stdout) => {
+            if (error) {
+                expect(error.code).to.equal(expectedExitCode);
+            } else {
+                expect(stdout).to.match(expectedOutput);
+            }
             done();
-        }).stdout.on('data', function(data) {
-            out += data;
         });
+    }
+
+    it('should exit 1 having problems', function(done) {
+        runTest(['--folder', 'test/test1'], 1, /package-lock.json is NOT OK/, done);
     });
 
     it('should exit 0 having no problems', function(done) {
-        let out = '';
-        spawn('node', [path.join(__dirname, '../index.js'), '--folder', 'test/test2'], {
-            cwd: path.join(__dirname, '../'),
-        }).on('exit', function(code) {
-            assert.strictEqual(code, 0);
-            expect(out).to.match(/package-lock.json is OK/);
-            done();
-        }).stdout.on('data', function(data) {
-            out += data;
-        });
+        runTest(['--folder', 'test/test2'], 0, /package-lock.json is OK/, done);
     });
 
     it('should exit 0 having no problems with slash', function(done) {
-        let out = '';
-        spawn('node', [path.join(__dirname, '../index.js'), '--folder', 'test/test2/'], {
-            cwd: path.join(__dirname, '../'),
-        }).on('exit', function(code) {
-            assert.strictEqual(code, 0);
-            expect(out).to.match(/package-lock.json is OK/);
-            done();
-        }).stdout.on('data', function(data) {
-            out += data;
-        });
+        runTest(['--folder', 'test/test2/'], 0, /package-lock.json is OK/, done);
     });
 
     it('should exit 0 having no problems without folder', function(done) {
-        let out = '';
-        spawn('node', [path.join(__dirname, '../index.js')], {
-            cwd: path.join(__dirname, '../'),
-        }).on('exit', function(code) {
-            assert.strictEqual(code, 0);
-            expect(out).to.match(/package-lock.json is OK/);
-            done();
-        }).stdout.on('data', function(data) {
-            out += data;
-        });
+        runTest([], 0, /package-lock.json is OK/, done);
     });
 
     it('should exit 1 having problems', function(done) {
-        let out = '';
-        spawn('node', [path.join(__dirname, '../index.js'), '--folder', 'test/test3'], {
-            cwd: path.join(__dirname, '../'),
-        }).on('exit', function(code) {
-            assert.strictEqual(code, 1);
-            expect(out).to.match(/package-lock.json is NOT OK/);
-            expect(out).to.match(/Delete the node_modules folder/);
-            done();
-        }).stdout.on('data', function(data) {
-            out += data;
-        });
+        runTest(['--folder', 'test/test3'], 1, /package-lock.json is NOT OK/, done);
     });
 
     it('should exit 1 having problems with no file', function(done) {
-        let out = '';
-        spawn('node', [path.join(__dirname, '../index.js'), '--folder', 'test'], {
-            cwd: path.join(__dirname, '../'),
-        }).on('exit', function(code) {
-            assert.strictEqual(code, 2);
-            expect(out).to.match(/package-lock.json does not exists/);
-            done();
-        }).stdout.on('data', function(data) {
-            out += data;
-        });
+        runTest(['--folder', 'test'], 2, /package-lock.json does not exists/, done);
     });
 
     it('should exit 3 if folder does not exist', function(done) {
-        spawn('node', [path.join(__dirname, '../index.js'), '--folder', '404'], {
-            cwd: path.join(__dirname, '../'),
-        }).on('exit', function(code) {
-            assert.strictEqual(code, 3);
-        }).stdout.on('data', function(data) {
-            assert.strictEqual(data.toString(), 'Oops! Folder does not exists: 404\n');
-            done();
-        });
+        runTest(['--folder', '404'], 3, /Oops! Folder does not exists: 404\n/, done);
     });
 
     it('should exit 4 if folder is not a folder', function(done) {
-        spawn('node', [path.join(__dirname, '../index.js'), '--folder', 'test/index.js'], {
-            cwd: path.join(__dirname, '../'),
-        }).on('exit', function(code) {
-            assert.strictEqual(code, 4);
-        }).stdout.on('data', function(data) {
-            assert.strictEqual(data.toString(), 'Oops! Folder is not a real folder: test/index.js\n');
-            done();
-        });
+        runTest(['--folder', 'test/index.js'], 4, /Oops! Folder is not a real folder: test\/index.js\n/, done);
     });
 });