create-node-lib 2.5.1 → 2.7.0

package/template/RELEASE.md

@@ -0,0 +1,42 @@
+# Managing Package Releases
+
+This project uses the [Changesets](https://github.com/changesets/changesets)
+tool to manage semantic versioning and release notes.
+
+## Pre-requisites
+
+Permit GitHub Actions to create and approve pull requests:
+
+1. Go to Actions -> General in the repository settings: (`https://github.com/<user>/<repo>/settings/actions`)
+2. In `Workflow permissions` enable the toggle for
+`Allow GitHub Actions to create and approve pull requests` (it is not required
+to also toggle the `Read and write permission` option)
+
+## How to release a new version of the package
+
+### Step 1: Create a new changeset
+
+```sh
+npx changeset
+```
+
+Follow the prompt to choose the major/minor/patch version and affected
+packages (if a monorepo).
+
+### Step 2: Commit the changeset file(s) to the repository
+
+```sh
+git add .changeset/
+git commit -m "chore: add changeset for release"
+git push origin HEAD
+```
+
+### Step 3: A new Pull Request for versioning
+
+The Changesets GitHub Action will pick up the new changeset in the repository
+and open a new pull request with the versioning changes in the relevant package
+manifest files. Review the changes and merge the pull request.
+
+### Step 4: Publish the package
+
+The GitHub Action will automatically publish the package to the npm registry.

package/template/SECURITY.md

@@ -4,16 +4,25 @@
 
 ## Responsible disclosure security policy
 
-A responsible disclosure policy helps protect users of the project from public disclosure of security vulnerabilities without a fix available. We achieve that by following the process where vulnerabilities are first triaged in a private manner, and are only publicly disclosed after a reasonable time period of the patch being available for users.
+A responsible disclosure policy helps protect users of the project from public
+disclosure of security vulnerabilities without a fix available. We achieve
+that by following the process where vulnerabilities are first triaged in a
+private manner, and are only publicly disclosed after a reasonable time period
+of the patch being available for users.
 
-We kindly ask you to refrain from malicious acts that put our users, the project, or any of the project’s team members at risk.
+We kindly ask you to refrain from malicious acts that put our users, the
+project, or any of the project’s team members at risk.
 
 ## Reporting a security issue
 
 We consider the security of the project a top priority.
 
-If you discover a security vulnerability, please use one of the following means of communications to report it to us:
+If you discover a security vulnerability, please use one of the following
+means of communications to report it to us:
 
-- Report the security issue to the [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix.
+- Report the security issue to the [Snyk Security Team](https://snyk.io/vulnerability-disclosure).
+- They will help triage the security issue and work with all involved parties
+- to remediate and release a fix.
 
-We sincerely appreciate your efforts to responsibly disclose your findings with us.
+We sincerely appreciate your efforts to responsibly disclose your findings
+with us.

package/template/__tests__/app.test.ts

@@ -0,0 +1,17 @@
+import { test, describe, beforeEach, mock } from 'node:test'
+import assert from 'node:assert'
+import { add } from '../src/main.ts'
+
+describe('CLI program', () => {
+
+  beforeEach(() => {
+    // Reset the mocks before each test
+    mock.reset()
+  });
+
+  test('Program sums two arguments', async (t) => {
+    const result = await add(1, 1);
+    assert.strictEqual(result, 2);
+  })
+
+});

package/template/eslint.config.js

@@ -0,0 +1,32 @@
+import pluginSecurity from 'eslint-plugin-security'
+import neostandard, { resolveIgnoresFromGitignore, plugins } from 'neostandard'
+
+export default [
+  ...neostandard({ ignores: resolveIgnoresFromGitignore() }),
+  plugins.n.configs['flat/recommended-script'],
+  pluginSecurity.configs.recommended,
+  {
+    rules: {
+      'no-process-exit': 'warn',
+      'node/no-unsupported-features': 'off',
+      'node/no-unpublished-require': 'off',
+      'security/detect-non-literal-fs-filename': 'error',
+      'security/detect-unsafe-regex': 'error',
+      'security/detect-buffer-noassert': 'error',
+      'security/detect-child-process': 'error',
+      'security/detect-disable-mustache-escape': 'error',
+      'security/detect-eval-with-expression': 'error',
+      'security/detect-no-csrf-before-method-override': 'error',
+      'security/detect-non-literal-regexp': 'error',
+      'security/detect-object-injection': 'warn',
+      'security/detect-possible-timing-attacks': 'error',
+      'security/detect-pseudoRandomBytes': 'error',
+      'space-before-function-paren': 'off',
+      'object-curly-spacing': 'off',
+    },
+    languageOptions: {
+      ecmaVersion: 2024,
+      sourceType: 'module',
+    },
+  },
+]

package/template/package.json

@@ -1,37 +1,57 @@
 {
   "name": "<%= projectName %>",
-  "version": "0.0.0-development",
+  "version": "0.0.1",
   "description": "<%= description %>",
-  "main": "main.js",
-  "bin": {
-    "cli": "bin/cli.js"
-  },
+  "types": "dist/main.d.ts",
+  "type": "module",
+  "bin": "./dist/bin/cli.cjs",
   "exports": {
-    ".": "./src/main.js"
+    ".": {
+      "import": {
+        "types": "./dist/main.d.ts",
+        "default": "./dist/main.mjs"
+      },
+      "require": {
+        "types": "./dist/main.d.cts",
+        "default": "./dist/main.cjs"
+      },
+      "default": "./dist/main.mjs"
+    },
+    "./dist/*": {
+      "types": "./dist/*.d.ts",
+      "import": "./dist/*.mjs",
+      "require": "./dist/*.cjs"
+    }
   },
   "engines": {
-    "node": ">=14.0.0"
+    "node": ">=20.0.0"
   },
-  "type": "module",
+  "packageManager": "npm@8.4.0",
   "files": [
+    "dist",
     "src",
     "bin"
   ],
   "scripts": {
-    "lint": "eslint . && <%= npmClient %> run lint:lockfile",
+    "build": "tsc && tsup",
+    "lint": "eslint . && npm run lint:lockfile",
     "lint:fix": "eslint . --fix",
-    "format": "prettier --config .prettierrc.json --write '**/*.js'",
-    "test": "NODE_OPTIONS=--experimental-vm-modules npx jest",
-    "test:watch": "NODE_OPTIONS=--experimental-vm-modules npx jest --watch",
-    "coverage:view": "open-cli coverage/lcov-report/index.html",
-    "semantic-release": "npx semantic-release",
-    "prepare": "husky install && chmod 755 .husky/*"
+    "lint:lockfile": "lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm yarn",
+    "test": "c8 node --loader ts-node/esm --test __tests__/**",
+    "test:watch": "c8 node --loader ts-node/esm --test --watch __tests__/**",
+    "coverage:view": "open coverage/lcov-report/index.html",
+    "version": "changeset version",
+    "release": "changeset publish"
   },
   "author": {
     "name": "<%= author %>",
     "email": "<%= email %>",
     "url": "https://github.com/<%= username %>"
   },
+  "publishConfig": {
+    "provenance": true,
+    "access": "public"
+  },
   "license": "Apache-2.0",
   "keywords": [
     "<%= keywords %>"
@@ -44,169 +64,25 @@
     "type": "git",
     "url": "<%= projectRepository %>.git"
   },
-  "dependencies": {},
   "devDependencies": {
-    "@babel/core": "^7.15.8",
-    "@babel/eslint-parser": "^7.15.8",
-    "@babel/plugin-syntax-top-level-await": "^7.14.5",
-    "@commitlint/cli": "^13.2.1",
-    "@commitlint/config-conventional": "^13.2.0",
-    "@semantic-release/changelog": "^6.0.0",
-    "@semantic-release/commit-analyzer": "^9.0.1",
-    "@semantic-release/git": "^10.0.0",
-    "@semantic-release/github": "^8.0.1",
-    "@semantic-release/npm": "^8.0.2",
-    "@semantic-release/release-notes-generator": "^10.0.2",
-    "eslint": "^8.0.1",
-    "eslint-plugin-jest": "^25.2.2",
-    "eslint-plugin-node": "^11.1.0",
-    "eslint-plugin-security": "^1.4.0",
-    "eslint-plugin-standard": "^4.1.0",
-    "husky": "^7.0.4",
-    "jest": "^27.3.1",
-    "lint-staged": "^11.2.3",
-    "lockfile-lint": "^4.6.2",
-    "open-cli": "^7.0.1",
-    "prettier": "^2.4.1"
-  },
-  "jest": {
-    "testEnvironment": "node",
-    "verbose": true,
-    "collectCoverage": true,
-    "coverageThreshold": {
-      "global": {
-        "branches": 80,
-        "functions": 80,
-        "lines": 80,
-        "statements": 80
-      }
-    },
-    "testPathIgnorePatterns": [
-      "/__tests__/.*/__fixtures__/.*"
-    ],
-    "collectCoverageFrom": [
-      "index.js",
-      "src/**/*.{js,ts}"
-    ],
-    "testMatch": [
-      "**/*.test.js"
-    ]
+    "@changesets/changelog-github": "^0.5.0",
+    "@changesets/cli": "^2.27.7",
+    "@types/node": "^20.14.10",
+    "c8": "^10.1.2",
+    "eslint": "^9.6.0",
+    "eslint-plugin-security": "^3.0.1",
+    "husky": "^9.0.11",
+    "lint-staged": "^15.2.7",
+    "lockfile-lint": "^4.14.0",
+    "neostandard": "^0.11.0",
+    "ts-node": "^10.9.2",
+    "tsup": "^8.1.0",
+    "typescript": "^5.5.3",
+    "validate-conventional-commit": "^1.0.4"
   },
   "lint-staged": {
-    "**/*.js": [
-      "<%= npmClient %> run format"
-    ]
-  },
-  "commitlint": {
-    "extends": [
-      "@commitlint/config-conventional"
+    "**/*.{js,json}": [
+      "npm run lint:fix"
     ]
-  },
-  "standard": {
-    "env": [
-      "jest"
-    ],
-    "parser": "babel-eslint",
-    "ignore": [
-      "**/out/"
-    ]
-  },
-  "eslintIgnore": [
-    "coverage/**"
-  ],
-  "babel": {
-    "plugins": [
-      "@babel/plugin-syntax-top-level-await"
-    ]
-  },
-  "eslintConfig": {
-    "plugins": [
-      "node",
-      "security",
-      "jest"
-    ],
-    "extends": [
-      "plugin:node/recommended"
-    ],
-    "rules": {
-      "node/no-unsupported-features/es-syntax": [
-        "error",
-        {
-          "ignores": [
-            "dynamicImport",
-            "modules"
-          ]
-        }
-      ],
-      "no-process-exit": "warn",
-      "jest/no-disabled-tests": "error",
-      "jest/no-focused-tests": "error",
-      "jest/no-identical-title": "error",
-      "node/no-unsupported-features": "off",
-      "node/no-unpublished-require": "off",
-      "security/detect-non-literal-fs-filename": "error",
-      "security/detect-unsafe-regex": "error",
-      "security/detect-buffer-noassert": "error",
-      "security/detect-child-process": "error",
-      "security/detect-disable-mustache-escape": "error",
-      "security/detect-eval-with-expression": "error",
-      "security/detect-no-csrf-before-method-override": "error",
-      "security/detect-non-literal-regexp": "error",
-      "security/detect-object-injection": "warn",
-      "security/detect-possible-timing-attacks": "error",
-      "security/detect-pseudoRandomBytes": "error",
-      "space-before-function-paren": "off",
-      "object-curly-spacing": "off"
-    },
-    "parser": "@babel/eslint-parser",
-    "parserOptions": {
-      "sourceType": "module",
-      "ecmaFeatures": {
-        "impliedStrict": true
-      }
-    }
-  },
-  "release": {
-    "branches": [
-      "main",
-      "master"
-    ],
-    "analyzeCommits": {
-      "preset": "angular",
-      "releaseRules": [
-        {
-          "type": "docs",
-          "release": "patch"
-        },
-        {
-          "type": "refactor",
-          "release": "patch"
-        },
-        {
-          "type": "style",
-          "release": "patch"
-        }
-      ]
-    }
-  },
-  "plugins": [
-    "@semantic-release/commit-analyzer",
-    "@semantic-release/release-notes-generator",
-    [
-      "@semantic-release/changelog",
-      {
-        "changelogFile": "CHANGELOG.md"
-      }
-    ],
-    "@semantic-release/npm",
-    [
-      "@semantic-release/git",
-      {
-        "assets": [
-          "CHANGELOG.md"
-        ]
-      }
-    ],
-    "@semantic-release/github"
-  ]
+  }
 }

package/template/src/bin/cli.ts

@@ -0,0 +1,12 @@
+#!/usr/bin/env node
+import { debuglog } from 'node:util'
+import { add } from '../main.ts'
+
+const debug = debuglog('<%= projectName %>')
+
+async function init () {
+    const sum = await add(1,2)
+    debug(sum.toString())
+}
+
+init()

package/template/src/main.ts

@@ -0,0 +1,3 @@
+export async function add(arg1: number, arg2: number): Promise<number> {
+  return Promise.resolve(arg1 + arg2)
+}

package/template/tsconfig.json

@@ -0,0 +1,37 @@
+{
+  "compilerOptions": {
+    "lib": [
+      "ES2022"
+    ],
+    "strict": true,
+    "allowJs": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "moduleResolution": "NodeNext",
+    "module": "NodeNext",
+    "target": "ES2022",
+    "baseUrl": ".",
+    "noEmit": true,
+    "rootDir": "./src",
+    "declaration": true,
+    "declarationMap": true,
+    "sourceMap": true,
+		"allowImportingTsExtensions": true,
+    "allowSyntheticDefaultImports": true,
+		"forceConsistentCasingInFileNames": true,
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "removeComments": true,
+  },
+  "include": [
+    "src/**/*",
+    "src/bin/**/*"
+  ],
+  "exclude": [
+    "dist",
+    "node_modules"
+  ],
+  "ts-node": {
+    "transpileOnly": true,
+  }
+}

package/template/tsup.config.ts

@@ -0,0 +1,29 @@
+import { defineConfig } from 'tsup'
+
+export default defineConfig([
+  {
+    entryPoints: ['src/main.ts', 'src/bin/cli.ts'],
+    format: ['cjs', 'esm'],
+    dts: true,
+    minify: false,
+    outDir: 'dist/',
+    clean: true,
+    sourcemap: false,
+    bundle: true,
+    splitting: false,
+    outExtension (ctx) {
+      return {
+        dts: '.d.ts',
+        js: ctx.format === 'cjs' ? '.cjs' : '.mjs',
+      }
+    },
+    treeshake: false,
+    target: 'es2022',
+    platform: 'node',
+    tsconfig: './tsconfig.json',
+    cjsInterop: true,
+    keepNames: true,
+    skipNodeModulesBundle: false,
+  },
+
+])

package/template/.github/ISSUE_TEMPLATE/1-bug-report.md

@@ -1,44 +0,0 @@
----
-name: "\U0001F41B Bug report"
-about: Create a bug report
----
-
-<!--- Provide a general summary of the issue in the Title above -->
-
-## Expected Behavior
-
-<!--- If you're describing a bug, tell us what should happen -->
-<!--- If you're suggesting a change/improvement, tell us how it should work -->
-
-## Current Behavior
-
-<!--- If describing a bug, tell us what happens instead of the expected behavior -->
-<!--- If suggesting a change/improvement, explain the difference from current behavior -->
-
-## Possible Solution
-
-<!--- Not obligatory, but suggest a fix/reason for the bug, -->
-<!--- or ideas how to implement the addition or change -->
-
-## Steps to Reproduce (for bugs)
-
-<!--- Provide a link to a live example, or an unambiguous set of steps to -->
-<!--- reproduce this bug. Include code to reproduce, if relevant -->
-
-1.
-2.
-3.
-4.
-
-## Context
-
-<!--- How has this issue affected you? What are you trying to accomplish? -->
-<!--- Providing context helps us come up with a solution that is most useful in the real world -->
-
-## Your Environment
-
-<!--- Include as many relevant details about the environment you experienced the bug in -->
-
-- Library Version used:
-- Node.js version (e.g. Node.js 5.4):
-- Operating System and version (desktop or mobile):

package/template/.github/ISSUE_TEMPLATE/2-feature-request.md

@@ -1,19 +0,0 @@
----
-name: "\U0001F680 Feature request"
-about: Suggest an idea for this project
----
-
-<!--
-Thank you for suggesting an idea to make this project better!
-
-Please fill in as much of the template below as you're able.
--->
-
-**Is your feature request related to a problem? Please describe.**
-Please describe the problem you are trying to solve.
-
-**Describe the solution you'd like**
-Please describe the desired behavior.
-
-**Describe alternatives you've considered**
-Please describe alternative solutions or features you have considered.

package/template/.github/workflows/main.yml

@@ -1,53 +0,0 @@
-<% const npmClientInstall = context.npmClient === 'yarn' ? 'yarn install --frozen-lockfile' : 'npm ci' -%>
-name: CI
-
-on: [push, pull_request]
-
-jobs:
-  lint:
-    name: Lint
-    runs-on: 'ubuntu-latest'
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '16'
-      - name: install dependencies
-        run: <%= npmClientInstall %>
-      - name: lint code
-        run: <%= npmClient %> run lint
-
-  build:
-    strategy:
-      matrix:
-        platform: [ubuntu-latest]
-        node: ['14', '16']
-    name: Tests - Node ${{ matrix.node }} (${{ matrix.platform }})
-    runs-on: ${{ matrix.platform }}
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
-        with:
-          node-version: ${{ matrix.node }}
-      - name: install dependencies
-        run: <%= npmClientInstall %> --ignore-engines
-      - name: run tests
-        run: npm run test
-
-  release:
-    name: do semantic release
-    runs-on: 'ubuntu-latest'
-    needs: build
-    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '16'
-      - name: install dependencies
-        run: <%= npmClientInstall %> --ignore-engines --only=production
-      - name: release
-        run: npx semantic-release
-        env:
-          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
-          NPM_TOKEN: ${{secrets.NPM_TOKEN}}

package/template/__tests__/app.test.js

@@ -1,5 +0,0 @@
-import { add } from '../src/main.js'
-
-test('1 + 1 is 2', () => {
-  expect(add(1, 1)).toBe(2)
-})

package/template/bin/cli.js

@@ -1,4 +0,0 @@
-#!/usr/bin/env node
-import { add } from '../src/main.js'
-
-console.log(add(1, 2))