npmaargh 1.0.0 → 1.0.2

package/README.md

@@ -14,6 +14,15 @@ The report can be used to report blockers upstream or write more targeted
 
 ## Usage
 
+You can either install and run:
+
+```shell
+npm install --global npmaargh
+npmaargh [flags...] [target]
+```
+
+Or use `npx`:
+
 ```shell
 npx npmaargh [flags...] [target]
 ```
@@ -59,3 +68,10 @@ Let's unpack that report:
   tracker of `hello` is included to make it easy to report the blocker.
 - `world@0.1.0` is a transitive dependency of `hello@3.2.1`.
 - `# Need 1.1.1` indicates we need to bump it, because of a known vulnerability.
+
+## License
+
+This software is available under the `AGPL-3.0-or-later` license, see [LICENSE]
+for the full license text.
+
+[LICENSE]: ./LICENSE

package/index.js

@@ -64,12 +64,30 @@ Flags:
 
 /* -------------------------------------------------------------------------- */
 
+let subject = path.basename(wd);
+try {
+	const manifestPath = path.resolve(wd, "package.json");
+	const manifestRaw = await readFile(manifestPath);
+	const manifest = JSON.parse(manifestRaw);
+	subject = manifest.name || subject;
+} catch { }
+
+let version = "";
+try {
+	const { stdout } = await exec("git rev-parse --short HEAD", { cwd: wd });
+	version = `@${stdout.trim()}`;
+} catch { }
+
+/* -------------------------------------------------------------------------- */
+
 const npmListCache = new Map();
 async function npmList(subject) {
 	if (!npmListCache.has(subject)) {
 		async function fetch() {
 			const { stdout } = await exec(`npm list ${subject} --json`, { cwd: wd });
-			return JSON.parse(stdout);
+			const list = JSON.parse(stdout);
+			list.version = version.substring(1) || list.version || "1.0.0";
+			return list;
 		}
 
 		npmListCache.set(subject, fetch());
@@ -115,7 +133,7 @@ function prerelease(version) {
 /* -------------------------------------------------------------------------- */
 
 console.info("=== npm audit assistant ===");
-console.info(`I'm here to help audit '${path.basename(target)}'.`);
+console.info(`I'm here to help audit '${subject}${version}'.`);
 console.info("");
 
 console.info("=== setup ===");
@@ -131,7 +149,8 @@ try {
 	try {
 		await exec("npm install --ignore-scripts", { cwd: wd });
 	} catch (error) {
-		console.error("Failed to (re)install dependencies:", error);
+		stdout.write(`\rFailed to (re)install dependencies:\n`);
+		console.info(error);
 		exit(1);
 	}
 }
@@ -145,7 +164,7 @@ stdout.write("Obtaining audit report...");
 let npmAuditReport;
 try {
 	await exec("npm audit --json", { cwd: wd });
-	console.info("Nothing to audit.");
+	stdout.write("\rNothing to audit.        \n");
 	exit(0);
 } catch (error) {
 	npmAuditReport = JSON.parse(error.stdout);
@@ -153,7 +172,8 @@ try {
 
 const reportVersion = npmAuditReport.auditReportVersion;
 if (reportVersion !== 2) {
-	console.error("Unknown audit report version:", reportVersion);
+	stdout.write(`\rUnknown audit report version: ${reportVersion}\n`);
+	exit(1);
 }
 
 stdout.write("\rObtained audit report.   \n");
@@ -189,7 +209,7 @@ stdout.write("\rAnalyzed audit report.   \n");
 
 /* -------------------------------------------------------------------------- */
 
-const SELF = `<${path.basename(target)}>`;
+const SELF = `<${subject}>`;
 
 class Nothing {
 	toString() {
@@ -482,6 +502,8 @@ function pruneNoops(result) {
 }
 
 function print(result, gutter, level) {
+	result.name = result.name.replace(SELF, subject);
+
 	if (!level) {
 		function depth(obj, lvl) {
 			const length = obj.name.length + obj.version.length + lvl;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "npmaargh",
   "description": "The npm audit assistant",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "license": "AGPL-3.0-or-later",
   "repository": {
     "type": "git",
@@ -31,6 +31,10 @@
   ],
   "type": "module",
   "bin": "./index.js",
+  "engines": {
+    "node": ">=24",
+    "npm": ">=11"
+  },
   "dependencies": {
     "semver": "^7.3.8"
   }