npm - jpm-pkg - Versions diffs - 1.0.3 - Mend

jpm-pkg 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

package/LICENSE.md +21 -0
package/README.md +148 -0
package/bin/jpm.js +252 -0
package/package.json +52 -0
package/src/commands/audit.js +56 -0
package/src/commands/config.js +59 -0
package/src/commands/info.js +78 -0
package/src/commands/init.js +88 -0
package/src/commands/install.js +139 -0
package/src/commands/list.js +103 -0
package/src/commands/publish.js +148 -0
package/src/commands/run.js +72 -0
package/src/commands/search.js +41 -0
package/src/commands/uninstall.js +48 -0
package/src/commands/update.js +63 -0
package/src/commands/x.js +136 -0
package/src/core/cache.js +117 -0
package/src/core/installer.js +316 -0
package/src/core/lockfile.js +128 -0
package/src/core/package-json.js +133 -0
package/src/core/registry.js +166 -0
package/src/core/resolver.js +248 -0
package/src/security/audit.js +100 -0
package/src/security/integrity.js +70 -0
package/src/utils/config.js +138 -0
package/src/utils/env.js +31 -0
package/src/utils/fs.js +154 -0
package/src/utils/http.js +232 -0
package/src/utils/logger.js +128 -0
package/src/utils/lru-cache.js +66 -0
package/src/utils/progress.js +142 -0
package/src/utils/semver.js +279 -0
package/src/utils/system.js +39 -0
package/src/workspace/workspace.js +126 -0

package/LICENSE.md ADDED Viewed

@@ -0,0 +1,21 @@
+# MIT License
+Copyright (c) 2026 Muhammad Sulman
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,148 @@
+# JPM ⚡ Joint Package Manager
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+[![Node.js Version](https://img.shields.io/badge/node-%3E%3D18.0.0-brightgreen.svg)](https://nodejs.org/)
+[![Bun](https://img.shields.io/badge/Bun-Supported-black.svg)](https://bun.sh/)
+**JPM (Joint Package Manager)** is an enterprise-grade, high-performance, and environment-aware package manager built for the modern JavaScript ecosystem. It provides a unified, blazing-fast experience across **Node.js** and **Bun** with a focus on security, speed, and advanced monorepo capabilities.
+---
+## 🚀 Key Features
+### ⚡ Blazing Performance
+- **Environment-Aware**: Leverages native Bun I/O (`Bun.write`, `Bun.spawn`) for near-zero overhead or high-performance Node.js streams.
+- **Worker-Pool Installation**: Uses a continuous worker-pool architecture for maximum parallel download and extraction speeds.
+- **Platform-Aware Filtering**: Only downloads optional binaries (like native modules) compatible with your specific OS and CPU, saving bandwidth and disk space.
+- **Incremental Core**: Intelligent caching and symlinking system ensures you never re-download the same package twice.
+### 🛡️ Hardened Security
+- **Zip Slip Protection**: Built-in path traversal filtering prevents malicious packages from writing files outside their `node_modules`.
+- **Strict HTTPS & Integrity**: Enforces mandatory SHA-512 integrity checks and strict SSL for all registry metadata and audits.
+- **Malicious Script Detection**: Scans `preinstall`/`postinstall` scripts for suspicious patterns (e.g., unauthorized `curl` or `rm` commands).
+- **Transactional Installs**: Automatic rollbacks ensure a failed installation never leaves your project in a corrupted state.
+### 📦 Handy CLI
+- **Simplified Command Set**: Intuitive, easy-to-remember verbs like `get`, `drop`, and `syn`.
+- **Remote Execution (`x`)**: Run any package without installing it (equivalent to `npx`), with built-in security auditing before every run.
+- **Hive (Workspaces)**: First-class monorepo support with seamless discovery and cross-workspace script broad casting.
+---
+## 📦 Handy Commands Guide
+| Command            | Alias                 | Description                                  |
+| :----------------- | :-------------------- | :------------------------------------------- |
+| `jpm get <pkg>`    | `i`, `add`, `install` | Install packages and update `package.json`   |
+| `jpm drop <pkg>`   | `remove`, `rm`        | Remove packages and cleanup binaries         |
+| `jpm syn`          |                       | Synchronize all dependencies (clean install) |
+| `jpm x <pkg>`      | `exec`                | Execute remote package binary (like `npx`)   |
+| `jpm run <script>` | `do`                  | Execute a script defined in `package.json`   |
+| `jpm scan`         | `audit`               | Deep security and vulnerability audit        |
+| `jpm up`           | `upgrade`             | Upgrade dependencies to safe latest versions |
+| `jpm peek`         | `ls`, `list`          | Inspect installed tree and metadata          |
+| `jpm info <pkg>`   | `view`                | Detailed package intelligence/manifest       |
+| `jpm hive`         | `workspace`           | Manage workspace clusters (Monorepos)        |
+| `jpm setup`        | `init`                | Initialize a new JPM project                 |
+| `jpm cache`        |                       | Manage the local high-speed cache            |
+---
+## 🛠️ Detailed Usage
+### Installing Packages
+```bash
+jpm get express             # Add latest express
+jpm get lodash@4.17.21      # Specific version
+jpm get jest -D             # Add to devDependencies
+jpm get --save-exact        # Pin versions precisely
+```
+### Remote Execution (`jpm x`)
+Run packages without global installation. JPM performs a security scan on the remote package before it touches your machine.
+```bash
+jpm x create-next-app@latest my-app
+jpm x vite@latest --open
+```
+### Monorepo Management (`jpm hive`)
+JPM makes managing complex project clusters effortless.
+```bash
+jpm hive list               # See all workspace packages
+jpm hive run build          # Build every package in the hive
+jpm hive run test -f app    # Run tests only in matching packages
+```
+---
+## 🔐 Security Deep Dive
+### Zip Slip Protection
+JPM's extractor implements a robust `filter` that resolves every file in a tarball. If a package tries to extract a file outside it's legitimate directory (using `../` hacks), JPM kills the process and reports a security violation.
+### Insecure Protocol Blocking
+In JPM's strict mode (enabled for all audits), any communication over plain `http:` is blocked to prevent man-in-the-middle attacks.
+### Mandatory Integrity
+JPM refuses to install any package that doesn't provide a valid `sha512` or `shasum` from the registry, preventing "Trust-on-First-Use" (TOFU) vulnerabilities.
+---
+## ⚙️ Configuration
+JPM is configured via `.jpmrc` files (INI format).
+**Hierarchy:**
+1. CLI Flags (`--registry`, `--fast`)
+2. Project `.jpmrc`
+3. User `~/.jpmrc`
+**Recommended `.jpmrc`:**
+```ini
+registry=https://registry.npmjs.org/
+save-exact=false
+audit-level=moderate
+loglevel=info
+# Use --fast globally for speed, but manually verify integrity
+# fast=true
+```
+---
+## � Installation
+To build JPM from source and link it to your system:
+```bash
+git clone https://github.com/whomaderules/jpm.git
+cd jpm
+npm install       # Install build-time dependency (tar)
+npm link          # Link JPM to your global path
+```
+---
+## 📚 Documentation
+- [Introduction](./docs/intro.md)
+- [Getting Started](./docs/getting-started.md)
+- [CLI Reference](./docs/cli.md)
+- [Performance](./docs/performance.md)
+- [Security](./docs/security.md)
+- [Workspaces](./docs/workspaces.md)
+- [Troubleshooting](./docs/troubleshooting.md)
+**Built with ❤️ for the JS Community by [Muhammad Sulman](https://www.linkedin.com/in/sulmanedev)**

package/bin/jpm.js ADDED Viewed

@@ -0,0 +1,252 @@
+#!/usr/bin/env node
+'use strict';
+/**
+ * Parses command-line arguments into a structured command, arguments, and flags object.
+ *
+ * @param {string[]} argv - Raw process.argv array
+ * @returns {{ command: string, args: string[], flags: Object.<string, string|boolean> }}
+ */
+function parseArgs(argv) {
+    const args = [];
+    const flags = {};
+    for (const token of argv.slice(2)) {
+        if (token.startsWith('--')) {
+            const eq = token.indexOf('=');
+            const key = eq === -1 ? token.slice(2) : token.slice(2, eq);
+            const val = eq === -1 ? true : token.slice(eq + 1);
+            flags[key] = val;
+        } else if (token.startsWith('-') && token.length === 2) {
+            flags[token.slice(1)] = true;
+        } else {
+            args.push(token);
+        }
+    }
+    return { command: args[0], args: args.slice(1), flags };
+}
+const { command, args, flags } = parseArgs(process.argv);
+// Initial configuration applying CLI-provided global overrides
+const config = require('../src/utils/config');
+if (flags.loglevel) config.setCLI({ loglevel: flags.loglevel });
+if (flags.registry) config.setCLI({ registry: flags.registry });
+if (flags.silent) config.setCLI({ loglevel: 'silent' });
+const logger = require('../src/utils/logger');
+logger.setLevel(config.loglevel);
+/**
+ * Entry point for cache-related subcommands.
+ *
+ * @param {string[]} cmdArgs - Action and optional parameters
+ * @param {Object} cmdFlags - CLI flags
+ */
+async function cacheCommand(cmdArgs, cmdFlags) {
+    const cache = require('../src/core/cache');
+    const { formatBytes } = require('../src/utils/fs');
+    const [action] = cmdArgs;
+    if (action === 'clean' || action === 'clear') {
+        cache.clear();
+    } else if (action === 'ls' || action === 'list') {
+        const items = cache.list();
+        if (!items.length) { logger.info('Cache is empty'); return; }
+        logger.table(items, ['name', 'version']);
+    } else {
+        const s = cache.stats();
+        logger.log('Cache directory: ' + logger.c.cyan(s.root || 'n/a'));
+        logger.log('Packages:        ' + s.packages);
+        logger.log('Total size:      ' + formatBytes(s.size));
+    }
+}
+/**
+ * Entry point for workspace (hive) management.
+ *
+ * @param {string[]} cmdArgs - Subcommand and arguments
+ * @param {Object} cmdFlags - CLI flags
+ */
+async function workspaceCommand(cmdArgs, cmdFlags) {
+    const Workspace = require('../src/workspace/workspace');
+    const ws = new Workspace(process.cwd());
+    const [action, ...rest] = cmdArgs;
+    if (!action || action === 'list' || action === 'ls') {
+        const packages = ws.getPackages();
+        if (!packages.length) { logger.warn('No workspaces found.'); return; }
+        logger.table(packages.map(p => ({ Name: p.name, Version: p.version, Path: p.dir })), ['Name', 'Version', 'Path']);
+    } else if (action === 'run') {
+        await ws.runScript(rest[0], { filter: cmdFlags.filter || cmdFlags.f });
+    } else if (action === 'link') {
+        await ws.link();
+    } else {
+        logger.error('Unknown workspace subcommand: ' + action);
+    }
+}
+/**
+ * Displays version information for JPM and the current Node.js runtime.
+ */
+function showVersion() {
+    const pkg = require('../package.json');
+    logger.log('jpm v' + pkg.version);
+    logger.log('node ' + process.version);
+}
+/**
+ * Renders the terminal help interface with available commands and descriptions.
+ */
+function showHelp() {
+    const c = logger.c;
+    const lines = [
+        '',
+        c.bold('JPM') + ' \u2014 ' + c.yellow('Joint Package Manager') + ' v1.0.0',
+        c.gray('Universal, advanced, and blazing fast (Node.js & Bun)'),
+        '',
+        c.bold('Handy Commands:'),
+        '  ' + c.cyan('get [pkg@ver ...]') + '   Fetch and install packages',
+        '  ' + c.cyan('drop <pkg ...>') + '      Remove packages from project',
+        '  ' + c.cyan('syn') + '                Synchronize project dependencies',
+        '  ' + c.cyan('do <script> [args]') + '  Execute a package script',
+        '  ' + c.cyan('scan') + '               Deep security & integrity audit',
+        '  ' + c.cyan('up [pkg ...]') + '       Upgrade project dependencies',
+        '  ' + c.cyan('x <pkg> [args]') + '     Execute remote package binary',
+        '',
+        c.bold('Discovery & Metadata:'),
+        '  ' + c.cyan('peek') + '               Inspect installed dependency tree',
+        '  ' + c.cyan('find <query>') + '       Search for packages on registry',
+        '  ' + c.cyan('info <pkg>') + '         Detailed package intelligence',
+        '',
+        c.bold('Project Life-cycle:'),
+        '  ' + c.cyan('setup [-y]') + '          Initialize a new JPM project',
+        '  ' + c.cyan('ship') + '               Publish package to registry',
+        '  ' + c.cyan('config <get|set>') + '    Manage JPM environment (.jpmrc)',
+        '  ' + c.cyan('cache [clean|ls]') + '   Disk cache operations',
+        '',
+        c.bold('Advanced (Hive/Workspaces):'),
+        '  ' + c.cyan('hive list') + '          View workspace cluster',
+        '  ' + c.cyan('hive run <script>') + '   Broadcast script to all hives',
+        '  ' + c.cyan('hive link') + '          Inter-link workspace packages',
+        '',
+        c.bold('Global Controls:'),
+        '  ' + c.cyan('--fast') + '              Blind Install (Bypass all checks)',
+        '  ' + c.cyan('--registry <url>') + '    Custom registry target',
+        '  ' + c.cyan('--loglevel <level>') + '  Choose verbosity (silent|debug)',
+        '  ' + c.cyan('-D, --save-dev') + '      Mark as development tool',
+        '',
+        c.gray('JPM supports Node.js and Bun automatically.'),
+        '',
+    ];
+    logger.log(lines.join('\n'));
+}
+/**
+ * Command routing table mapping CLI verbs to their respective implementations.
+ */
+const COMMANDS = {
+    get: () => require('../src/commands/install'),
+    drop: () => require('../src/commands/uninstall'),
+    syn: () => require('../src/commands/install'),
+    do: () => require('../src/commands/run'),
+    up: () => require('../src/commands/update'),
+    scan: () => require('../src/commands/audit'),
+    ship: () => require('../src/commands/publish'),
+    setup: () => require('../src/commands/init'),
+    peek: () => require('../src/commands/list'),
+    find: () => require('../src/commands/search'),
+    info: () => require('../src/commands/info'),
+    x: () => require('../src/commands/x'),
+    hive: () => workspaceCommand,
+    // Aliases & Standard Compatibility
+    install: () => require('../src/commands/install'),
+    i: () => require('../src/commands/install'),
+    add: () => require('../src/commands/install'),
+    uninstall: () => require('../src/commands/uninstall'),
+    remove: () => require('../src/commands/uninstall'),
+    rm: () => require('../src/commands/uninstall'),
+    un: () => require('../src/commands/uninstall'),
+    update: () => require('../src/commands/update'),
+    upgrade: () => require('../src/commands/update'),
+    outdated: () => require('../src/commands/update'),
+    search: () => require('../src/commands/search'),
+    publish: () => require('../src/commands/publish'),
+    audit: () => require('../src/commands/audit'),
+    run: () => require('../src/commands/run'),
+    init: () => require('../src/commands/init'),
+    create: () => require('../src/commands/init'),
+    show: () => require('../src/commands/info'),
+    view: () => require('../src/commands/info'),
+    list: () => require('../src/commands/list'),
+    ls: () => require('../src/commands/list'),
+    exec: () => require('../src/commands/x'),
+    workspace: () => workspaceCommand,
+    ws: () => workspaceCommand,
+    config: () => require('../src/commands/config'),
+    cfg: () => require('../src/commands/config'),
+    cache: () => cacheCommand,
+    help: () => showHelp,
+    version: () => showVersion,
+};
+// ── Global Error Boundaries ──────────────────────────────────────────────────
+/**
+ * Global handler for uncaught exceptions to ensure graceful termination.
+ */
+process.on('uncaughtException', (err) => {
+    logger.error('FATAL EXCEPTION: ' + err.message);
+    if (config.loglevel === 'debug' || config.loglevel === 'verbose') {
+        logger.log(err.stack);
+    }
+    logger.info('\nIf this persists, please report the issue at: https://github.com/whomaderules/jpm/issues');
+    process.exit(1);
+});
+/**
+ * Global handler for unhandled promise rejections.
+ */
+process.on('unhandledRejection', (reason) => {
+    logger.error('UNHANDLED REJECTION: ' + (reason instanceof Error ? reason.message : reason));
+    if ((config.loglevel === 'debug' || config.loglevel === 'verbose') && reason instanceof Error) {
+        logger.log(reason.stack);
+    }
+    process.exit(1);
+});
+/**
+ * Principal execution routine of the JPM CLI.
+ */
+async function main() {
+    if (!command || command === 'help' || flags.help || flags.h) {
+        await showHelp();
+        return;
+    }
+    if (command === 'version' || flags.version || flags.v) {
+        showVersion();
+        return;
+    }
+    const loader = COMMANDS[command];
+    if (!loader) {
+        logger.error('Unknown command: "' + command + '"');
+        logger.info('Run ' + logger.c.cyan('jpm help') + ' for usage.');
+        process.exit(1);
+    }
+    const handler = loader();
+    try {
+        await handler(args, flags, command);
+    } catch (err) {
+        if (flags.loglevel === 'debug' || flags.loglevel === 'verbose') {
+            logger.error(err.stack || err.message);
+        } else {
+            logger.error(err.message);
+        }
+        process.exit(1);
+    }
+}
+main();

package/package.json ADDED Viewed

@@ -0,0 +1,52 @@
+{
+  "name": "jpm-pkg",
+  "version": "1.0.3",
+  "description": "Joint Package Manager — Joint, universal, advanced, and blazing fast package manager for Node.js and Bun.",
+  "main": "src/index.js",
+  "type": "commonjs",
+  "private": false,
+  "exports": {
+    ".": "./src/index.js"
+  },
+  "bin": {
+    "jpm": "./bin/jpm.js"
+  },
+  "scripts": {
+    "test": "jest",
+    "lint": "node --check src/**/*.js"
+  },
+  "keywords": [
+    "package-manager",
+    "npm",
+    "javascript",
+    "node",
+    "cli",
+    "fast",
+    "secure"
+  ],
+  "author": "Muhammad Sulman <whomaderules@gmail.com>",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/whomaderules/jpm.git"
+  },
+  "bugs": {
+    "url": "https://github.com/whomaderules/jpm/issues"
+  },
+  "homepage": "https://github.com/whomaderules/jpm#readme",
+  "dependencies": {
+    "tar": "^6.2.0"
+  },
+  "devDependencies": {
+    "jest": "^29.7.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "files": [
+    "src",
+    "bin",
+    "LICENSE.md",
+    "README.md"
+  ]
+}

package/src/commands/audit.js ADDED Viewed

@@ -0,0 +1,56 @@
+'use strict';
+const fs = require('node:fs');
+const path = require('node:path');
+const auditSec = require('../security/audit');
+const PackageJSON = require('../core/package-json');
+const { Spinner } = require('../utils/progress');
+const logger = require('../utils/logger');
+const config = require('../utils/config');
+module.exports = async function auditCmd(args, flags) {
+    const cwd = process.cwd();
+    const nodeModules = path.join(cwd, 'node_modules');
+    // Collect all installed packages from node_modules
+    const spinner = new Spinner('Scanning installed packages...').start();
+    const installed = [];
+    if (fs.existsSync(nodeModules)) {
+        for (const entry of fs.readdirSync(nodeModules, { withFileTypes: true })) {
+            // Handle scoped packages (@org)
+            if (entry.name.startsWith('@') && entry.isDirectory()) {
+                const scopeDir = path.join(nodeModules, entry.name);
+                for (const scoped of fs.readdirSync(scopeDir, { withFileTypes: true })) {
+                    const pkgJson = path.join(scopeDir, scoped.name, 'package.json');
+                    if (fs.existsSync(pkgJson)) {
+                        try {
+                            const pkg = JSON.parse(fs.readFileSync(pkgJson, 'utf8'));
+                            installed.push({ name: pkg.name, version: pkg.version });
+                        } catch { }
+                    }
+                }
+            } else if (entry.isDirectory() && !entry.name.startsWith('.')) {
+                const pkgJson = path.join(nodeModules, entry.name, 'package.json');
+                if (fs.existsSync(pkgJson)) {
+                    try {
+                        const pkg = JSON.parse(fs.readFileSync(pkgJson, 'utf8'));
+                        installed.push({ name: pkg.name, version: pkg.version });
+                    } catch { }
+                }
+            }
+        }
+    }
+    spinner.succeed(`Found ${installed.length} installed packages`);
+    const level = flags.level || config.auditLevel || 'moderate';
+    const auditSpinner = new Spinner('Fetching advisory database...').start();
+    const { vulnerabilities, stats, total, error } = await auditSec.audit(installed, { level });
+    auditSpinner.succeed('Audit complete');
+    auditSec.formatAuditResults({ vulnerabilities, stats, total, error });
+    if (total > 0) process.exitCode = 1;
+};

package/src/commands/config.js ADDED Viewed

@@ -0,0 +1,59 @@
+'use strict';
+const config = require('../utils/config');
+const logger = require('../utils/logger');
+module.exports = async function configCmd(args, flags) {
+    const [action, key, ...rest] = args;
+    const value = rest.join(' ');
+    switch (action) {
+        case 'get':
+            if (!key) { logger.error('Usage: jpm config get <key>'); process.exit(1); }
+            const val = config.get(key);
+            if (val === undefined) { logger.warn(`Key "${key}" not set`); }
+            else { logger.log(String(val)); }
+            break;
+        case 'set':
+            if (!key || value === '') { logger.error('Usage: jpm config set <key> <value>'); process.exit(1); }
+            const layer = flags.global ? 'user' : 'project';
+            config.set(key, value, layer);
+            logger.success(`Set ${key} = ${value} (${layer})`);
+            break;
+        case 'delete':
+        case 'del':
+            if (!key) { logger.error('Usage: jpm config delete <key>'); process.exit(1); }
+            config.delete(key, flags.global ? 'user' : 'project');
+            logger.success(`Deleted key: ${key}`);
+            break;
+        case 'list':
+        case 'ls': {
+            const all = config.list();
+            const rows = Object.entries(all).map(([k, v]) => ({ Key: k, Value: String(v) }));
+            logger.table(rows, ['Key', 'Value']);
+            break;
+        }
+        default:
+            logger.log(`
+${logger.c.bold('jpm config')} — manage configuration
+  ${logger.c.cyan('jpm config list')}            List all configuration values
+  ${logger.c.cyan('jpm config get <key>')}       Get a specific value
+  ${logger.c.cyan('jpm config set <key> <val>')} Set a value (project .jpmrc)
+  ${logger.c.cyan('jpm config delete <key>')}    Delete a key
+  ${logger.c.gray('Add --global to modify ~/.jpmrc instead of .jpmrc')}
+${logger.c.bold('Common keys:')}
+  registry          ${logger.c.gray('Registry URL (default: https://registry.npmjs.org/)')}
+  loglevel          ${logger.c.gray('Log level: silent|error|warn|info|verbose|debug')}
+  save-exact        ${logger.c.gray('Save exact versions (true/false)')}
+  audit-level       ${logger.c.gray('Minimum audit severity: low|moderate|high|critical')}
+  cache             ${logger.c.gray('Cache directory path')}
+`);
+    }
+};

package/src/commands/info.js ADDED Viewed

@@ -0,0 +1,78 @@
+'use strict';
+const registry = require('../core/registry');
+const semver = require('../utils/semver');
+const { Spinner } = require('../utils/progress');
+const logger = require('../utils/logger');
+module.exports = async function info(args, flags) {
+    if (!args.length) { logger.error('Usage: jpm info <package> [version]'); process.exit(1); }
+    let [pkgSpec] = args;
+    let name, version;
+    const lastAt = pkgSpec.lastIndexOf('@');
+    if (lastAt > 0) { name = pkgSpec.slice(0, lastAt); version = pkgSpec.slice(lastAt + 1); }
+    else { name = pkgSpec; version = 'latest'; }
+    const spinner = new Spinner(`Fetching info for ${name}...`).start();
+    let meta, latest, versions, tags;
+    try {
+        [meta, latest, versions, tags] = await Promise.all([
+            registry.getVersion(name, version),
+            registry.getLatest(name),
+            registry.getVersions(name),
+            registry.getDistTags(name),
+        ]);
+        spinner.succeed(`${name}@${meta.version}`);
+    } catch (err) {
+        spinner.fail(`Package "${name}" not found: ${err.message}`);
+        process.exit(1);
+    }
+    const c = logger.c;
+    logger.log('');
+    logger.log(`${c.bold(meta.name)} ${c.gray(`v${meta.version}`)}`);
+    if (meta.description) logger.log(meta.description);
+    logger.log('');
+    logger.log(`${c.cyan('latest')}      ${latest}`);
+    logger.log(`${c.cyan('license')}     ${meta.license || 'n/a'}`);
+    logger.log(`${c.cyan('author')}      ${typeof meta.author === 'object' ? meta.author.name : (meta.author || 'n/a')}`);
+    if (meta.homepage) logger.log(`${c.cyan('homepage')}    ${meta.homepage}`);
+    if (meta.repository?.url) logger.log(`${c.cyan('repository')}  ${meta.repository.url.replace('git+', '')}`);
+    // Keywords
+    if (meta.keywords?.length) {
+        logger.log(`${c.cyan('keywords')}    ${meta.keywords.slice(0, 10).join(', ')}`);
+    }
+    // Dist-tags
+    if (Object.keys(tags).length > 1) {
+        logger.log('');
+        logger.section('Tags');
+        for (const [tag, ver] of Object.entries(tags)) {
+            logger.log(`  ${tag.padEnd(12)} ${ver}`);
+        }
+    }
+    // Dependencies
+    const deps = meta.dependencies || {};
+    if (Object.keys(deps).length) {
+        logger.log('');
+        logger.section('Dependencies');
+        for (const [dep, range] of Object.entries(deps)) {
+            logger.log(`  ${c.cyan(dep.padEnd(30))} ${range}`);
+        }
+    }
+    // Recent versions
+    const recentVersions = semver.rsort(versions).slice(0, 10);
+    logger.log('');
+    logger.section(`Versions (latest 10 of ${versions.length})`);
+    logger.log('  ' + recentVersions.join('  '));
+    logger.log('');
+    logger.log(c.gray(`jpm install ${name}@${meta.version}`));
+};