npq 2.5.3 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. package/.github/workflows/main.yml +1 -1
  2. package/.husky/commit-msg +4 -0
  3. package/.husky/post-merge +4 -0
  4. package/.husky/pre-commit +4 -0
  5. package/.husky/pre-push +4 -0
  6. package/__tests__/__fixtures__/test.marshall.js +7 -7
  7. package/__tests__/marshalls.classMethods.test.js +9 -9
  8. package/__tests__/marshalls.provenance.test.js +3 -6
  9. package/__tests__/marshalls.repo.test.js +4 -7
  10. package/__tests__/marshalls.signatures.test.js +2 -6
  11. package/__tests__/marshalls.tasks.test.js +2 -2
  12. package/__tests__/packageManager.test.js +1 -1
  13. package/__tests__/packageRepoUtils.test.js +6 -8
  14. package/lib/cliCommons.js +2 -2
  15. package/lib/helpers/cliSupportHandler.js +2 -6
  16. package/lib/helpers/packageRepoUtils.js +9 -10
  17. package/lib/marshall.js +11 -11
  18. package/lib/marshalls/age.marshall.js +3 -3
  19. package/lib/marshalls/author.marshall.js +4 -4
  20. package/lib/marshalls/baseMarshall.js +7 -7
  21. package/lib/marshalls/downloads.marshall.js +3 -3
  22. package/lib/marshalls/expiredDomains.marshall.js +7 -7
  23. package/lib/marshalls/index.js +11 -21
  24. package/lib/marshalls/license.marshall.js +3 -3
  25. package/lib/marshalls/provenance.marshall.js +6 -7
  26. package/lib/marshalls/readme.marshall.js +3 -3
  27. package/lib/marshalls/repo.marshall.js +4 -5
  28. package/lib/marshalls/scripts.marshall.js +5 -5
  29. package/lib/marshalls/signatures.marshall.js +5 -6
  30. package/lib/marshalls/snyk.marshall.js +8 -9
  31. package/lib/packageManager.js +4 -4
  32. package/package.json +39 -55
  33. package/scripts/postinstall.js +4 -4
  34. package/scripts/scriptHelpers.js +3 -2
@@ -52,7 +52,7 @@ jobs:
52
52
  - name: install dependencies
53
53
  run: npm ci --ignore-engines --ignore-scripts
54
54
  - name: release
55
- run: npm run semantic-release
55
+ run: npx semantic-release
56
56
  env:
57
57
  GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
58
58
  NPM_TOKEN: ${{secrets.NPM_TOKEN}}
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env sh
2
+ . "$(dirname -- "$0")/_/husky.sh"
3
+
4
+ npx commitlint --edit $1
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env sh
2
+ . "$(dirname -- "$0")/_/husky.sh"
3
+
4
+ npm install
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env sh
2
+ . "$(dirname -- "$0")/_/husky.sh"
3
+
4
+ npx lint-staged
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env sh
2
+ . "$(dirname -- "$0")/_/husky.sh"
3
+
4
+ npm run lint && npm run test
@@ -5,16 +5,16 @@ const BaseMarshall = require('../../lib/marshalls/baseMarshall')
5
5
  const MARSHALL_NAME = 'test.marshall'
6
6
 
7
7
  class TestMarshall extends BaseMarshall {
8
- constructor (options) {
8
+ constructor(options) {
9
9
  super(options)
10
10
  this.name = MARSHALL_NAME
11
11
  }
12
12
 
13
- title () {
13
+ title() {
14
14
  return 'A test marshall'
15
15
  }
16
16
 
17
- run (ctx, task) {
17
+ run(ctx, task) {
18
18
  const tasks = ctx.pkgs.reduce((prevPkg, currPkg) => {
19
19
  return prevPkg.concat(this.mockCheck(currPkg, ctx, task))
20
20
  }, [])
@@ -22,7 +22,7 @@ class TestMarshall extends BaseMarshall {
22
22
  return Promise.all(tasks)
23
23
  }
24
24
 
25
- mockCheck (pkg, ctx, task) {
25
+ mockCheck(pkg, ctx, task) {
26
26
  return this.validateSomething(pkg)
27
27
  .then(() => {
28
28
  const data = 'mock data check'
@@ -33,13 +33,13 @@ class TestMarshall extends BaseMarshall {
33
33
  })
34
34
  .catch((err) => {
35
35
  this.setMessage({
36
- pkg: pkg,
36
+ pkg,
37
37
  message: err.message
38
38
  })
39
39
  })
40
40
  }
41
41
 
42
- validateSomething (pkg) {
42
+ validateSomething(pkg) {
43
43
  if (pkg === 'express' || pkg === 'semver') {
44
44
  return Promise.resolve()
45
45
  } else {
@@ -47,7 +47,7 @@ class TestMarshall extends BaseMarshall {
47
47
  }
48
48
  }
49
49
 
50
- validate (pkg) {
50
+ validate(pkg) {
51
51
  if (pkg === 'express' || pkg === 'semver') {
52
52
  return Promise.resolve('validation-result')
53
53
  } else {
@@ -2,15 +2,15 @@ beforeEach(() => {
2
2
  jest.resetModules()
3
3
  })
4
4
 
5
+ jest.mock('glob', () => {
6
+ return {
7
+ glob: jest.fn().mockResolvedValue(['file1', 'file2'])
8
+ }
9
+ })
10
+
5
11
  test('collecting marshalls resolves with files array', async () => {
6
12
  const marshalls = require('../lib/marshalls')
7
13
 
8
- jest.mock('glob', () => {
9
- return jest.fn((pattern, options, callback) => {
10
- return callback(null, ['file1', 'file2'])
11
- })
12
- })
13
-
14
14
  const marshallFiles = await marshalls.collectMarshalls()
15
15
  expect(marshallFiles).toEqual(['file1', 'file2'])
16
16
  })
@@ -19,9 +19,9 @@ test('collecting marshalls resolves with error if unable to process files', () =
19
19
  const marshalls = require('../lib/marshalls')
20
20
 
21
21
  jest.mock('glob', () => {
22
- return jest.fn((pattern, options, callback) => {
23
- return callback(new Error('some error'), null)
24
- })
22
+ return {
23
+ glob: jest.fn().mockRejectedValue(new Error('error'))
24
+ }
25
25
  })
26
26
 
27
27
  expect(marshalls.collectMarshalls()).rejects.toEqual(expect.any(Error))
@@ -1,7 +1,4 @@
1
1
  jest.mock('pacote')
2
- jest.mock('node-fetch')
3
-
4
- const fetch = require('node-fetch')
5
2
 
6
3
  const ProvenanceMarshall = require('../lib/marshalls/provenance.marshall')
7
4
  const pacote = require('pacote')
@@ -40,7 +37,7 @@ describe('Provenance test suites', () => {
40
37
  ]
41
38
  })
42
39
  }
43
- fetch.mockImplementationOnce(() => Promise.resolve(mockResponse))
40
+ global.fetch = jest.fn().mockImplementationOnce(() => Promise.resolve(mockResponse))
44
41
 
45
42
  pacote.manifest = jest.fn().mockResolvedValue({
46
43
  name: 'packageName',
@@ -114,7 +111,7 @@ describe('Provenance test suites', () => {
114
111
  ]
115
112
  })
116
113
  }
117
- fetch.mockImplementationOnce(() => Promise.resolve(mockResponse))
114
+ global.fetch = jest.fn().mockImplementationOnce(() => Promise.resolve(mockResponse))
118
115
 
119
116
  const pkg = {
120
117
  packageName: 'packageName',
@@ -166,7 +163,7 @@ describe('Provenance test suites', () => {
166
163
  ]
167
164
  })
168
165
  }
169
- fetch.mockImplementationOnce(() => Promise.resolve(mockResponse))
166
+ global.fetch = jest.fn().mockImplementationOnce(() => Promise.resolve(mockResponse))
170
167
 
171
168
  const pkg = {
172
169
  packageName: 'packageName',
@@ -1,7 +1,4 @@
1
1
  const RepoMarshall = require('../lib/marshalls/repo.marshall')
2
- const fetch = require('node-fetch')
3
-
4
- jest.mock('node-fetch')
5
2
 
6
3
  const testMarshall = new RepoMarshall({
7
4
  packageRepoUtils: {
@@ -81,7 +78,7 @@ describe('Repo test suites', () => {
81
78
  })
82
79
 
83
80
  test('throws the right error when the repository url does not exist', async () => {
84
- fetch.mockImplementationOnce(() => Promise.reject(new Error('error')))
81
+ global.fetch = jest.fn().mockImplementationOnce(() => Promise.reject(new Error('error')))
85
82
 
86
83
  await expect(testMarshall.validate(fullPkgData)).rejects.toThrow(
87
84
  'no valid repository is associated with the package'
@@ -89,7 +86,7 @@ describe('Repo test suites', () => {
89
86
  })
90
87
 
91
88
  test('throws the right error when the repository url is unreachable', async () => {
92
- fetch.mockImplementationOnce(() => Promise.reject(new Error('error')))
89
+ global.fetch = jest.fn().mockImplementationOnce(() => Promise.reject(new Error('error')))
93
90
 
94
91
  fullPkgData.packageName.versions['1.0.0'].repository.url =
95
92
  'https://dsfsdfsdfs.abcdeugwecwekjasda.com/'
@@ -99,7 +96,7 @@ describe('Repo test suites', () => {
99
96
  })
100
97
 
101
98
  test('throws the right error when the homepage url does not exist', async () => {
102
- fetch.mockImplementationOnce(() => Promise.reject(new Error('error')))
99
+ global.fetch = jest.fn().mockImplementationOnce(() => Promise.reject(new Error('error')))
103
100
 
104
101
  const pkgData = {
105
102
  packageName: {
@@ -121,7 +118,7 @@ describe('Repo test suites', () => {
121
118
  })
122
119
 
123
120
  test('does not throw any errors if the url exists', async () => {
124
- fetch.mockImplementationOnce(() => Promise.resolve('success'))
121
+ global.fetch = jest.fn().mockImplementationOnce(() => Promise.resolve('success'))
125
122
 
126
123
  fullPkgData.packageName.versions['1.0.0'].repository.url = 'https://google.com'
127
124
  await expect(testMarshall.validate(fullPkgData)).resolves.toEqual(expect.anything())
@@ -9,10 +9,6 @@ jest.mock('pacote', () => {
9
9
  }
10
10
  })
11
11
 
12
- jest.mock('node-fetch')
13
-
14
- const fetch = require('node-fetch')
15
-
16
12
  const SignaturesMarshall = require('../lib/marshalls/signatures.marshall')
17
13
  const pacote = require('pacote')
18
14
 
@@ -50,7 +46,7 @@ describe('Signature test suites', () => {
50
46
  ]
51
47
  })
52
48
  }
53
- fetch.mockImplementationOnce(() => Promise.resolve(mockResponse))
49
+ global.fetch = jest.fn().mockImplementationOnce(() => Promise.resolve(mockResponse))
54
50
 
55
51
  const testMarshall = new SignaturesMarshall({
56
52
  packageRepoUtils: {
@@ -107,7 +103,7 @@ describe('Signature test suites', () => {
107
103
  ]
108
104
  })
109
105
  }
110
- fetch.mockImplementationOnce(() => Promise.resolve(mockResponse))
106
+ global.fetch = jest.fn().mockImplementationOnce(() => Promise.resolve(mockResponse))
111
107
 
112
108
  // the manifest() method should throw an error
113
109
  // in this jest mock to simulate a problem:
@@ -2,7 +2,7 @@ const path = require('path')
2
2
  const marshalls = require('../lib/marshalls')
3
3
 
4
4
  const PackageRepoUtilsMock = class Fake {
5
- getPackageInfo () {
5
+ getPackageInfo() {
6
6
  return Promise.resolve(true)
7
7
  }
8
8
  }
@@ -53,6 +53,6 @@ test('running marshall tasks fails', async () => {
53
53
 
54
54
  await expect(marshalls.tasks(config)).rejects.toMatchObject({
55
55
  message: 'Something went wrong',
56
- context: context
56
+ context
57
57
  })
58
58
  })
@@ -1,5 +1,5 @@
1
1
  const packageManager = require('../lib/packageManager')
2
- // eslint-disable-next-line security/detect-child-process
2
+
3
3
  const childProcess = require('child_process')
4
4
 
5
5
  jest.mock('child_process', () => {
@@ -1,8 +1,6 @@
1
1
  const PackageRepoUtils = require('../lib/helpers/packageRepoUtils')
2
- const fetch = require('node-fetch')
3
2
 
4
- jest.mock('node-fetch')
5
- fetch.mockImplementation(() =>
3
+ global.fetch = jest.fn().mockImplementation(() =>
6
4
  Promise.resolve({
7
5
  json: () => require('./mocks/registryPackageOk.mock.json')
8
6
  })
@@ -64,7 +62,7 @@ test('repo utils retrieves package README information', async () => {
64
62
 
65
63
  test('repo utils retrieves package latest version as null if not exists', async () => {
66
64
  const PackageRepoUtils = require('../lib/helpers/packageRepoUtils')
67
- fetch.mockReturnValue(
65
+ global.fetch = jest.fn().mockImplementation(() =>
68
66
  Promise.resolve({
69
67
  json: () => require('./mocks/registryPackageUnpublished.mock.json')
70
68
  })
@@ -78,7 +76,7 @@ test('repo utils retrieves package latest version as null if not exists', async
78
76
 
79
77
  test('repo utils retrieves package download count', async () => {
80
78
  const PackageRepoUtils = require('../lib/helpers/packageRepoUtils')
81
- fetch.mockReturnValue(
79
+ global.fetch = jest.fn().mockImplementation(() =>
82
80
  Promise.resolve({
83
81
  json: () => ({
84
82
  downloads: 1950,
@@ -97,7 +95,7 @@ test('repo utils retrieves package download count', async () => {
97
95
 
98
96
  test('repo utils retrieves package README information even when not available', async () => {
99
97
  const PackageRepoUtils = require('../lib/helpers/packageRepoUtils')
100
- fetch.mockReturnValue(
98
+ global.fetch = jest.fn().mockImplementation(() =>
101
99
  Promise.resolve({
102
100
  json: () => require('./mocks/registryPackageUnpublished.mock.json')
103
101
  })
@@ -111,7 +109,7 @@ test('repo utils retrieves package README information even when not available',
111
109
 
112
110
  test('repo utils retrieves package LICENSE information', async () => {
113
111
  const PackageRepoUtils = require('../lib/helpers/packageRepoUtils')
114
- fetch.mockReturnValue(
112
+ global.fetch = jest.fn().mockImplementation(() =>
115
113
  Promise.resolve({
116
114
  json: () => require('./mocks/registryPackageOk.mock.json')
117
115
  })
@@ -125,7 +123,7 @@ test('repo utils retrieves package LICENSE information', async () => {
125
123
 
126
124
  test('repo utils parses package version', async () => {
127
125
  const PackageRepoUtils = require('../lib/helpers/packageRepoUtils')
128
- fetch.mockReturnValue(
126
+ global.fetch = jest.fn().mockImplementation(() =>
129
127
  Promise.resolve({
130
128
  json: () => require('./mocks/registryPackageOk.mock.json')
131
129
  })
package/lib/cliCommons.js CHANGED
@@ -1,6 +1,6 @@
1
1
  const npa = require('npm-package-arg')
2
2
  class cliCommons {
3
- static getInstallCommand () {
3
+ static getInstallCommand() {
4
4
  return {
5
5
  command: 'install [package...]',
6
6
  aliases: [
@@ -31,7 +31,7 @@ class cliCommons {
31
31
  }
32
32
  }
33
33
 
34
- static getOptions () {
34
+ static getOptions() {
35
35
  return {
36
36
  P: {
37
37
  alias: ['save-prod', 'peer'],
@@ -1,18 +1,14 @@
1
1
  'use strict'
2
2
 
3
- const chalk = require('chalk')
3
+ const color = require('kleur')
4
4
  // eslint-disable-next-line security/detect-child-process
5
5
  const childProcess = require('child_process')
6
6
  const semver = require('semver')
7
- const updateNotifier = require('update-notifier')
8
- const pkg = require('../../package.json')
9
7
 
10
8
  const DEFAULT_PKGMGR = process.env.NPQ_PKG_MGR || 'npm'
11
9
 
12
10
  const nodeVersion = process.versions.node
13
11
 
14
- updateNotifier({ pkg }).notify()
15
-
16
12
  module.exports.isEnvSupport = function () {
17
13
  if (!semver.satisfies(nodeVersion, '>=7.6.0')) {
18
14
  return false
@@ -23,7 +19,7 @@ module.exports.isEnvSupport = function () {
23
19
 
24
20
  module.exports.noSupportError = function (failFast) {
25
21
  // eslint-disable-next-line no-console
26
- console.error(chalk.red('error:'), 'npq suppressed due to old node version')
22
+ console.error(color.red('error:'), 'npq suppressed due to old node version')
27
23
 
28
24
  if (failFast === true) {
29
25
  process.exit(-1)
@@ -1,22 +1,21 @@
1
1
  'use strict'
2
2
 
3
- const fetch = require('node-fetch')
4
3
  const semver = require('semver')
5
4
  const NPM_REGISTRY = 'http://registry.npmjs.org'
6
5
  const NPM_REGISTRY_API = 'https://api.npmjs.org'
7
6
 
8
7
  class PackageRepoUtils {
9
- constructor (options = {}) {
8
+ constructor(options = {}) {
10
9
  this.registryUrl = options.registryUrl ? options.registryUrl : NPM_REGISTRY
11
10
  this.registryApiUrl = options.registryApiUrl ? options.registryApiUrl : NPM_REGISTRY_API
12
11
  this.pkgInfoCache = {}
13
12
  }
14
13
 
15
- formatPackageForUrl (pkg) {
14
+ formatPackageForUrl(pkg) {
16
15
  return pkg.replace(/\//g, '%2F')
17
16
  }
18
17
 
19
- getPackageInfo (pkg) {
18
+ getPackageInfo(pkg) {
20
19
  if (this.pkgInfoCache[pkg]) {
21
20
  return Promise.resolve(this.pkgInfoCache[pkg])
22
21
  } else {
@@ -29,27 +28,27 @@ class PackageRepoUtils {
29
28
  }
30
29
  }
31
30
 
32
- getLatestVersion (pkg) {
31
+ getLatestVersion(pkg) {
33
32
  return this.getPackageInfo(pkg).then((data) => {
34
- return data['dist-tags'] && data['dist-tags']['latest'] ? data['dist-tags']['latest'] : null
33
+ return data['dist-tags'] && data['dist-tags'].latest ? data['dist-tags'].latest : null
35
34
  })
36
35
  }
37
36
 
38
- getDownloadInfo (pkg) {
37
+ getDownloadInfo(pkg) {
39
38
  return fetch(`${this.registryApiUrl}/downloads/point/last-month/${pkg}`)
40
39
  .then((response) => response.json())
41
40
  .then(({ downloads }) => downloads)
42
41
  }
43
42
 
44
- getReadmeInfo (pkg) {
43
+ getReadmeInfo(pkg) {
45
44
  return this.getPackageInfo(pkg).then(({ readme }) => readme)
46
45
  }
47
46
 
48
- getLicenseInfo (pkg) {
47
+ getLicenseInfo(pkg) {
49
48
  return this.getPackageInfo(pkg).then(({ license }) => license)
50
49
  }
51
50
 
52
- parsePackageVersion (version) {
51
+ parsePackageVersion(version) {
53
52
  return semver.coerce(version)
54
53
  }
55
54
  }
package/lib/marshall.js CHANGED
@@ -1,7 +1,7 @@
1
1
  /* eslint-disable no-console */
2
2
  'use strict'
3
3
 
4
- const chalk = require('chalk')
4
+ const color = require('kleur')
5
5
 
6
6
  const Marshalls = require('./marshalls')
7
7
  const PackageRepoUtils = require('./helpers/packageRepoUtils')
@@ -12,12 +12,12 @@ const MESSAGE_TYPE = {
12
12
  }
13
13
 
14
14
  class Marshall {
15
- constructor (options = {}) {
15
+ constructor(options = {}) {
16
16
  this.pkgs = options ? options.pkgs : null
17
17
  this.packageRepoUtils = new PackageRepoUtils()
18
18
  }
19
19
 
20
- process () {
20
+ process() {
21
21
  // nothing to do? move on
22
22
  if (!this.pkgs) {
23
23
  return Promise.resolve()
@@ -37,7 +37,7 @@ class Marshall {
37
37
  })
38
38
  }
39
39
 
40
- createPackageVersionMaps (packages) {
40
+ createPackageVersionMaps(packages) {
41
41
  const packageVersionMapping = packages.reduce((prev, curr) => {
42
42
  const versionSymbolPosition = curr.lastIndexOf('@')
43
43
  const versionPosition =
@@ -57,7 +57,7 @@ class Marshall {
57
57
  return packageVersionMapping
58
58
  }
59
59
 
60
- report (marshalls) {
60
+ report(marshalls) {
61
61
  const messages = this.collectPackageMessages(marshalls)
62
62
 
63
63
  if (!messages) {
@@ -67,13 +67,13 @@ class Marshall {
67
67
  console.log('Detected possible issues with the following packages:')
68
68
  for (const packageName in messages) {
69
69
  const packageMessages = messages[packageName]
70
- console.log(` [${chalk.red(packageName)}]`)
70
+ console.log(` [${color.red(packageName)}]`)
71
71
 
72
72
  packageMessages.forEach((message) => {
73
73
  if (message.type === MESSAGE_TYPE.ERROR) {
74
- console.log(` - ${chalk.red(message.text)}`)
74
+ console.log(` - ${color.red(message.text)}`)
75
75
  } else {
76
- console.log(` - ${chalk.yellow(message.text)}`)
76
+ console.log(` - ${color.yellow(message.text)}`)
77
77
  }
78
78
  })
79
79
  }
@@ -81,7 +81,7 @@ class Marshall {
81
81
  return { error: true, data: messages }
82
82
  }
83
83
 
84
- collectPackageMessages (marshalls) {
84
+ collectPackageMessages(marshalls) {
85
85
  const allPackageMessages = {}
86
86
  for (const key in marshalls) {
87
87
  this.prepareMessages(allPackageMessages, marshalls[key].errors)
@@ -91,7 +91,7 @@ class Marshall {
91
91
  return allPackageMessages
92
92
  }
93
93
 
94
- prepareMessages (allPackageMessages, messages, isWarning) {
94
+ prepareMessages(allPackageMessages, messages, isWarning) {
95
95
  if (Array.isArray(messages) && messages.length > 0) {
96
96
  messages.forEach((msg) => {
97
97
  this.appendPackageMessage(allPackageMessages, msg.pkg, {
@@ -102,7 +102,7 @@ class Marshall {
102
102
  }
103
103
  }
104
104
 
105
- appendPackageMessage (packages, packageName, packageMessage) {
105
+ appendPackageMessage(packages, packageName, packageMessage) {
106
106
  packages[packageName]
107
107
  ? packages[packageName].push(packageMessage)
108
108
  : (packages[packageName] = [packageMessage])
@@ -6,16 +6,16 @@ const MARSHALL_NAME = 'age'
6
6
  const PACKAGE_AGE_THRESHOLD = 22 // specified in days
7
7
 
8
8
  class Marshall extends BaseMarshall {
9
- constructor (options) {
9
+ constructor(options) {
10
10
  super(options)
11
11
  this.name = MARSHALL_NAME
12
12
  }
13
13
 
14
- title () {
14
+ title() {
15
15
  return 'Checking package maturity'
16
16
  }
17
17
 
18
- validate (pkg) {
18
+ validate(pkg) {
19
19
  return this.packageRepoUtils.getPackageInfo(pkg.packageName).then((data) => {
20
20
  if (data && data.time && data.time.created) {
21
21
  const pkgCreatedDate = data.time.created
@@ -7,19 +7,19 @@ const Warning = require('../helpers/warning')
7
7
  const MARSHALL_NAME = 'author'
8
8
 
9
9
  class Marshall extends BaseMarshall {
10
- constructor (options) {
10
+ constructor(options) {
11
11
  super(options)
12
12
  this.name = MARSHALL_NAME
13
13
  }
14
14
 
15
- title () {
15
+ title() {
16
16
  return 'Identifying package author...'
17
17
  }
18
18
 
19
- validate (pkg) {
19
+ validate(pkg) {
20
20
  return this.packageRepoUtils.getPackageInfo(pkg.packageName).then((data) => {
21
21
  const lastVersionData =
22
- data.versions && data['dist-tags'] && data.versions[data['dist-tags']['latest']]
22
+ data.versions && data['dist-tags'] && data.versions[data['dist-tags'].latest]
23
23
 
24
24
  const hasAuthorEmail =
25
25
  (lastVersionData &&
@@ -3,11 +3,11 @@
3
3
  const Warning = require('../helpers/warning')
4
4
 
5
5
  class BaseMarshall {
6
- constructor (options) {
6
+ constructor(options) {
7
7
  this.packageRepoUtils = options.packageRepoUtils
8
8
  }
9
9
 
10
- init (ctx, task) {
10
+ init(ctx, task) {
11
11
  this.ctx = ctx
12
12
  this.task = task
13
13
 
@@ -19,7 +19,7 @@ class BaseMarshall {
19
19
  }
20
20
  }
21
21
 
22
- run (ctx, task) {
22
+ run(ctx, task) {
23
23
  const tasks = ctx.pkgs.reduce((prevPkg, currPkg) => {
24
24
  return prevPkg.concat(this.checkPackage(currPkg, ctx, task))
25
25
  }, [])
@@ -27,7 +27,7 @@ class BaseMarshall {
27
27
  return Promise.all(tasks)
28
28
  }
29
29
 
30
- checkPackage (pkg, ctx, task) {
30
+ checkPackage(pkg, ctx, task) {
31
31
  return this.validate(pkg)
32
32
  .then((data) => {
33
33
  task.output = `querying ${pkg.packageString}...`
@@ -47,13 +47,13 @@ class BaseMarshall {
47
47
  })
48
48
  }
49
49
 
50
- isEnabled () {
50
+ isEnabled() {
51
51
  const isMarshallSilent = process.env[`MARSHALL_DISABLE_${this.name.toUpperCase()}`] || false
52
52
 
53
53
  return !isMarshallSilent
54
54
  }
55
55
 
56
- setMessage (msg, isWarning) {
56
+ setMessage(msg, isWarning) {
57
57
  const messages = isWarning
58
58
  ? this.ctx.marshalls[this.name].warnings
59
59
  : this.ctx.marshalls[this.name].errors
@@ -64,7 +64,7 @@ class BaseMarshall {
64
64
  })
65
65
  }
66
66
 
67
- handleMessages () {
67
+ handleMessages() {
68
68
  const errors = this.ctx.marshalls[this.name].errors
69
69
  const warnings = this.ctx.marshalls[this.name].warnings
70
70
  if ((errors && errors.length) || (warnings && warnings.length)) {
@@ -6,16 +6,16 @@ const MARSHALL_NAME = 'downloads'
6
6
  const DOWNLOAD_COUNT_THRESHOLD = 20 // threshold per month
7
7
 
8
8
  class Marshall extends BaseMarshall {
9
- constructor (options) {
9
+ constructor(options) {
10
10
  super(options)
11
11
  this.name = MARSHALL_NAME
12
12
  }
13
13
 
14
- title () {
14
+ title() {
15
15
  return 'Checking package download popularity'
16
16
  }
17
17
 
18
- validate (pkg) {
18
+ validate(pkg) {
19
19
  return this.packageRepoUtils.getDownloadInfo(pkg.packageName).then((downloadCount) => {
20
20
  if (downloadCount < DOWNLOAD_COUNT_THRESHOLD) {
21
21
  throw new Error(
@@ -6,25 +6,25 @@ const dns = require('dns').promises
6
6
  const MARSHALL_NAME = 'maintainers_expired_emails'
7
7
 
8
8
  class Marshall extends BaseMarshall {
9
- constructor (options) {
9
+ constructor(options) {
10
10
  super(options)
11
11
  this.name = MARSHALL_NAME
12
12
  }
13
13
 
14
- title () {
14
+ title() {
15
15
  return 'Detecting expired domains for authors account...'
16
16
  }
17
17
 
18
- validate (pkg) {
18
+ validate(pkg) {
19
19
  return this.packageRepoUtils
20
20
  .getPackageInfo(pkg.packageName)
21
21
  .then((data) => {
22
22
  const lastVersionData =
23
- data.versions && data['dist-tags'] && data.versions[data['dist-tags']['latest']]
23
+ data.versions && data['dist-tags'] && data.versions[data['dist-tags'].latest]
24
24
 
25
- let maintainersAccounts = lastVersionData && lastVersionData.maintainers
25
+ const maintainersAccounts = lastVersionData && lastVersionData.maintainers
26
26
 
27
- let testEmails = []
27
+ const testEmails = []
28
28
  for (const maintainerInfo of maintainersAccounts) {
29
29
  const maintainerEmail = maintainerInfo.email
30
30
  const emailDomain = maintainerEmail.split('@')[1]
@@ -34,7 +34,7 @@ class Marshall extends BaseMarshall {
34
34
  return Promise.all(testEmails)
35
35
  })
36
36
  .catch((error) => {
37
- let emailHostname = error.hostname ? error.hostname : '<unknown>'
37
+ const emailHostname = error.hostname ? error.hostname : '<unknown>'
38
38
  throw new Error(
39
39
  'Unable to resolve domain for maintainer e-mail, could be an expired account: ' +
40
40
  emailHostname
@@ -1,29 +1,19 @@
1
1
  'use strict'
2
2
 
3
3
  const Listr = require('listr')
4
- const glob = require('glob')
4
+ const { glob } = require('glob')
5
5
 
6
6
  class Marshalls {
7
- static collectMarshalls () {
8
- return new Promise((resolve, reject) => {
9
- glob(
10
- this.GLOB_MARSHALLS,
11
- {
12
- cwd: __dirname,
13
- absolute: true
14
- },
15
- (err, files) => {
16
- if (err) {
17
- reject(err)
18
- }
19
-
20
- resolve(files)
21
- }
22
- )
7
+ static async collectMarshalls() {
8
+ const files = await glob(this.GLOB_MARSHALLS, {
9
+ cwd: __dirname,
10
+ absolute: true
23
11
  })
12
+
13
+ return files
24
14
  }
25
15
 
26
- static buildMarshallTasks (marshalls, config) {
16
+ static buildMarshallTasks(marshalls, config) {
27
17
  if (!marshalls || !Array.isArray(marshalls) || marshalls.length === 0) {
28
18
  return Promise.reject(new Error('unable to collect marshalls, or no marshalls found'))
29
19
  }
@@ -46,7 +36,7 @@ class Marshalls {
46
36
  return new Listr(marshallTasks, { exitOnError: false, concurrent: true })
47
37
  }
48
38
 
49
- static tasks (options) {
39
+ static tasks(options) {
50
40
  return Marshalls.warmUpPackagesCache(options)
51
41
  .then(() => Marshalls.collectMarshalls())
52
42
  .then((marshalls) => {
@@ -59,7 +49,7 @@ class Marshalls {
59
49
  })
60
50
  }
61
51
 
62
- static warmUpPackagesCache (options) {
52
+ static warmUpPackagesCache(options) {
63
53
  const fetchPackagesInfoPromises = []
64
54
  options.pkgs.forEach((packageMeta) => {
65
55
  fetchPackagesInfoPromises.push(
@@ -70,7 +60,7 @@ class Marshalls {
70
60
  return Promise.all(fetchPackagesInfoPromises)
71
61
  }
72
62
 
73
- static runTasks (tasks, options) {
63
+ static runTasks(tasks, options) {
74
64
  return tasks.run({
75
65
  pkgs: options.pkgs,
76
66
  marshalls: {}
@@ -5,16 +5,16 @@ const BaseMarshall = require('./baseMarshall')
5
5
  const MARSHALL_NAME = 'license'
6
6
 
7
7
  class Marshall extends BaseMarshall {
8
- constructor (options) {
8
+ constructor(options) {
9
9
  super(options)
10
10
  this.name = MARSHALL_NAME
11
11
  }
12
12
 
13
- title () {
13
+ title() {
14
14
  return 'Checking availability of a LICENSE'
15
15
  }
16
16
 
17
- validate (pkg) {
17
+ validate(pkg) {
18
18
  return this.packageRepoUtils.getLicenseInfo(pkg.packageName).then((licenseContents) => {
19
19
  if (!licenseContents || licenseContents === 'ERROR: No LICENSE data found!') {
20
20
  throw new Error('package has no LICENSE file available')
@@ -1,23 +1,22 @@
1
1
  'use strict'
2
2
 
3
3
  const BaseMarshall = require('./baseMarshall')
4
- const fetch = require('node-fetch')
5
4
  const pacote = require('pacote')
6
5
  const Warning = require('../helpers/warning')
7
6
 
8
7
  const MARSHALL_NAME = 'provenance'
9
8
 
10
9
  class Marshall extends BaseMarshall {
11
- constructor (options) {
10
+ constructor(options) {
12
11
  super(options)
13
12
  this.name = MARSHALL_NAME
14
13
  }
15
14
 
16
- title () {
15
+ title() {
17
16
  return 'Verifying package provenance'
18
17
  }
19
18
 
20
- validate (pkg) {
19
+ validate(pkg) {
21
20
  const validationMetadata = {}
22
21
 
23
22
  return this.packageRepoUtils
@@ -26,7 +25,7 @@ class Marshall extends BaseMarshall {
26
25
  const packageName = packageInfo.name
27
26
  const packageVersion =
28
27
  pkg.packageVersion === 'latest'
29
- ? packageInfo['dist-tags'] && packageInfo['dist-tags']['latest']
28
+ ? packageInfo['dist-tags'] && packageInfo['dist-tags'].latest
30
29
  : this.packageRepoUtils.parsePackageVersion(pkg.packageVersion).version
31
30
 
32
31
  validationMetadata.name = packageName
@@ -42,7 +41,7 @@ class Marshall extends BaseMarshall {
42
41
  verifyAttestations: true,
43
42
  registry: 'https://registry.npmjs.org',
44
43
 
45
- [`//registry.npmjs.org/:_keys`]: keys
44
+ '//registry.npmjs.org/:_keys': keys
46
45
  })
47
46
  })
48
47
  .then((metadata) => {
@@ -58,7 +57,7 @@ class Marshall extends BaseMarshall {
58
57
  })
59
58
  }
60
59
 
61
- fetchRegistryKeys () {
60
+ fetchRegistryKeys() {
62
61
  const registryHost = 'https://registry.npmjs.org'
63
62
  const registryKeysEndpoint = '/-/npm/v1/keys'
64
63
 
@@ -5,16 +5,16 @@ const BaseMarshall = require('./baseMarshall')
5
5
  const MARSHALL_NAME = 'readme'
6
6
 
7
7
  class Marshall extends BaseMarshall {
8
- constructor (options) {
8
+ constructor(options) {
9
9
  super(options)
10
10
  this.name = MARSHALL_NAME
11
11
  }
12
12
 
13
- title () {
13
+ title() {
14
14
  return 'Checking availability of a README'
15
15
  }
16
16
 
17
- validate (pkg) {
17
+ validate(pkg) {
18
18
  return this.packageRepoUtils.getReadmeInfo(pkg.packageName).then((readmeContents) => {
19
19
  if (!readmeContents || readmeContents === 'ERROR: No README data found!') {
20
20
  throw new Error('package has no README file available')
@@ -1,21 +1,20 @@
1
1
  'use strict'
2
2
 
3
3
  const BaseMarshall = require('./baseMarshall')
4
- const fetch = require('node-fetch')
5
4
  const URL = require('url').URL
6
5
  const MARSHALL_NAME = 'repo'
7
6
 
8
7
  class Marshall extends BaseMarshall {
9
- constructor (options) {
8
+ constructor(options) {
10
9
  super(options)
11
10
  this.name = MARSHALL_NAME
12
11
  }
13
12
 
14
- title () {
13
+ title() {
15
14
  return 'Identifying package repository...'
16
15
  }
17
16
 
18
- validate (pkg) {
17
+ validate(pkg) {
19
18
  return this.packageRepoUtils.getPackageInfo(pkg.packageName).then((data) => {
20
19
  const lastVersionData =
21
20
  (data.versions &&
@@ -29,7 +28,7 @@ class Marshall extends BaseMarshall {
29
28
  urlStructure = new URL(lastVersionData.repository.url)
30
29
  urlOfGitRepository = new URL(`https://${urlStructure.host}${urlStructure.pathname}`)
31
30
  } catch (error) {
32
- throw new Error(`no valid repository is associated with the package`)
31
+ throw new Error('no valid repository is associated with the package')
33
32
  }
34
33
  return fetch(urlOfGitRepository.href).catch(() => {
35
34
  throw new Error(
@@ -5,20 +5,20 @@ const BaseMarshall = require('./baseMarshall')
5
5
  const MARSHALL_NAME = 'scripts'
6
6
 
7
7
  class Marshall extends BaseMarshall {
8
- constructor (options) {
8
+ constructor(options) {
9
9
  super(options)
10
10
  this.name = MARSHALL_NAME
11
11
  }
12
12
 
13
- title () {
13
+ title() {
14
14
  return 'Checking package for pre/post install scripts'
15
15
  }
16
16
 
17
- validate (pkg) {
17
+ validate(pkg) {
18
18
  return this.packageRepoUtils.getPackageInfo(pkg.packageName).then((data) => {
19
19
  const packageVersion =
20
20
  pkg.packageVersion === 'latest'
21
- ? data['dist-tags'] && data['dist-tags']['latest']
21
+ ? data['dist-tags'] && data['dist-tags'].latest
22
22
  : this.packageRepoUtils.parsePackageVersion(pkg.packageVersion).version
23
23
 
24
24
  if (!packageVersion) {
@@ -29,7 +29,7 @@ class Marshall extends BaseMarshall {
29
29
  data &&
30
30
  data.versions &&
31
31
  data.versions[packageVersion] &&
32
- data.versions[packageVersion]['scripts']
32
+ data.versions[packageVersion].scripts
33
33
 
34
34
  // blacklisted scripts due to possible malicious intent:
35
35
  const blacklistScripts = ['install', 'preinstall', 'postinstall']
@@ -1,22 +1,21 @@
1
1
  'use strict'
2
2
 
3
3
  const BaseMarshall = require('./baseMarshall')
4
- const fetch = require('node-fetch')
5
4
  const pacote = require('pacote')
6
5
 
7
6
  const MARSHALL_NAME = 'signatures'
8
7
 
9
8
  class Marshall extends BaseMarshall {
10
- constructor (options) {
9
+ constructor(options) {
11
10
  super(options)
12
11
  this.name = MARSHALL_NAME
13
12
  }
14
13
 
15
- title () {
14
+ title() {
16
15
  return 'Verifying registry signatures for package'
17
16
  }
18
17
 
19
- validate (pkg) {
18
+ validate(pkg) {
20
19
  // @TODO currently we're hardcoding the official npm registry
21
20
  // this should however allow for local proxies and other registries
22
21
  return this.fetchRegistryKeys()
@@ -25,7 +24,7 @@ class Marshall extends BaseMarshall {
25
24
  verifySignatures: true,
26
25
  registry: 'https://registry.npmjs.org',
27
26
 
28
- [`//registry.npmjs.org/:_keys`]: keys
27
+ '//registry.npmjs.org/:_keys': keys
29
28
  })
30
29
  })
31
30
  .then((metadata) => {
@@ -33,7 +32,7 @@ class Marshall extends BaseMarshall {
33
32
  })
34
33
  }
35
34
 
36
- fetchRegistryKeys () {
35
+ fetchRegistryKeys() {
37
36
  const registryHost = 'https://registry.npmjs.org'
38
37
  const registryKeysEndpoint = '/-/npm/v1/keys'
39
38
 
@@ -3,7 +3,6 @@
3
3
  const fs = require('fs')
4
4
  const os = require('os')
5
5
  const path = require('path')
6
- const fetch = require('node-fetch')
7
6
  const BaseMarshall = require('./baseMarshall')
8
7
 
9
8
  const MARSHALL_NAME = 'snyk'
@@ -14,18 +13,18 @@ const SNYK_API_TOKEN = process.env.SNYK_TOKEN
14
13
  const SNYK_CONFIG_FILE = '.config/configstore/snyk.json'
15
14
 
16
15
  class Marshall extends BaseMarshall {
17
- constructor (options) {
16
+ constructor(options) {
18
17
  super(options)
19
18
  this.name = MARSHALL_NAME
20
19
 
21
20
  this.snykApiToken = this.getSnykToken()
22
21
  }
23
22
 
24
- title () {
23
+ title() {
25
24
  return 'Checking for known vulnerabilities'
26
25
  }
27
26
 
28
- run (ctx, task) {
27
+ run(ctx, task) {
29
28
  const tasks = ctx.pkgs.reduce((prevPkg, currPkg) => {
30
29
  return prevPkg.concat(this.checkPackage(currPkg, ctx, task))
31
30
  }, [])
@@ -33,7 +32,7 @@ class Marshall extends BaseMarshall {
33
32
  return Promise.all(tasks)
34
33
  }
35
34
 
36
- validate (pkg) {
35
+ validate(pkg) {
37
36
  return Promise.resolve()
38
37
  .then(() => {
39
38
  if (!pkg.packageVersion || pkg.packageVersion === 'latest') {
@@ -60,7 +59,7 @@ class Marshall extends BaseMarshall {
60
59
  })
61
60
  }
62
61
 
63
- getSnykVulnInfoUnauthenticated ({ packageName, packageVersion }) {
62
+ getSnykVulnInfoUnauthenticated({ packageName, packageVersion }) {
64
63
  const url = encodeURI(`${SNYK_TEST_URL}/${packageName}/${packageVersion}?type=json`)
65
64
 
66
65
  return fetch(url)
@@ -77,7 +76,7 @@ class Marshall extends BaseMarshall {
77
76
  .catch(() => false)
78
77
  }
79
78
 
80
- getSnykVulnInfo ({ packageName, packageVersion } = {}) {
79
+ getSnykVulnInfo({ packageName, packageVersion } = {}) {
81
80
  if (!this.snykApiToken) {
82
81
  return this.getSnykVulnInfoUnauthenticated({ packageName, packageVersion })
83
82
  }
@@ -102,7 +101,7 @@ class Marshall extends BaseMarshall {
102
101
  .catch(() => false)
103
102
  }
104
103
 
105
- getSnykToken () {
104
+ getSnykToken() {
106
105
  if (SNYK_API_TOKEN) {
107
106
  return SNYK_API_TOKEN
108
107
  }
@@ -111,7 +110,7 @@ class Marshall extends BaseMarshall {
111
110
 
112
111
  try {
113
112
  if (fs.statSync(snykConfigPath)) {
114
- let snykConfig = require(snykConfigPath)
113
+ const snykConfig = require(snykConfigPath)
115
114
  if (snykConfig && snykConfig.api) {
116
115
  return snykConfig.api
117
116
  }
@@ -5,12 +5,12 @@ const childProcess = require('child_process')
5
5
  const DEFAULT_PKGMGR = 'npm'
6
6
 
7
7
  class packageManager {
8
- static process (packageManagerOption) {
8
+ static process(packageManagerOption) {
9
9
  const detectedPackageManager = packageManager.validatePackageManager(packageManagerOption)
10
10
  return packageManager.spawnPackageManager(detectedPackageManager)
11
11
  }
12
12
 
13
- static spawnPackageManager (packageManagerOption) {
13
+ static spawnPackageManager(packageManagerOption) {
14
14
  let args = []
15
15
 
16
16
  args = args.concat(process.argv.slice(2)).filter((item) => {
@@ -32,7 +32,7 @@ class packageManager {
32
32
  return Promise.resolve(child)
33
33
  }
34
34
 
35
- static validatePackageManager (packageManagerOption) {
35
+ static validatePackageManager(packageManagerOption) {
36
36
  if (!packageManagerOption) {
37
37
  packageManagerOption = packageManager.getDefaultPackageManager()
38
38
  }
@@ -44,7 +44,7 @@ class packageManager {
44
44
  return packageManagerOption
45
45
  }
46
46
 
47
- static getDefaultPackageManager () {
47
+ static getDefaultPackageManager() {
48
48
  return DEFAULT_PKGMGR
49
49
  }
50
50
  }
package/package.json CHANGED
@@ -1,13 +1,13 @@
1
1
  {
2
2
  "name": "npq",
3
- "version": "2.5.3",
3
+ "version": "3.0.0",
4
4
  "description": "marshall your npm/npm package installs with high quality and class 🎖",
5
5
  "bin": {
6
6
  "npq": "./bin/npq.js",
7
7
  "npq-hero": "./bin/npq-hero.js"
8
8
  },
9
9
  "scripts": {
10
- "lint": "standard --fix && eslint . --ignore-path .gitignore && npm run lint:lockfile",
10
+ "lint": "eslint . --ignore-path .gitignore && npm run lint:lockfile",
11
11
  "lint:lockfile": "lockfile-lint --path package-lock.json --type npm --validate-https --allowed-hosts npm npm",
12
12
  "test": "jest",
13
13
  "test:watch": "jest --watch",
@@ -17,9 +17,13 @@
17
17
  "docs": "npm run docs:code && npm run docs:api",
18
18
  "docs:api": "doxdox *.js --layout bootstrap --output docs/index.html",
19
19
  "docs:code": "docco *.js --output docs/code",
20
- "semantic-release": "semantic-release",
21
- "postinstall": "node scripts/postinstall.js",
22
- "preuninstall": "node scripts/preuninstall.js"
20
+ "semantic-release": "npx semantic-release",
21
+ "#postinstall": "node scripts/postinstall.js",
22
+ "#preuninstall": "node scripts/preuninstall.js",
23
+ "prepare": "husky install"
24
+ },
25
+ "engines": {
26
+ "node": ">=18"
23
27
  },
24
28
  "author": {
25
29
  "name": "Liran Tal",
@@ -35,32 +39,29 @@
35
39
  "access": "public"
36
40
  },
37
41
  "devDependencies": {
38
- "@babel/core": "^7.7.4",
39
- "@babel/plugin-transform-runtime": "^7.7.4",
40
- "@babel/preset-env": "^7.7.4",
41
- "@babel/runtime": "^7.7.4",
42
- "@babel/types": "^7.7.4",
43
- "@commitlint/cli": "^7.0.0",
44
- "@commitlint/config-angular": "^8.0.0",
45
- "commitizen": "^3.0.0",
46
- "cz-conventional-changelog": "^2.1.0",
47
- "eslint": "^5.0.0",
48
- "eslint-plugin-import": "^2.2.0",
49
- "eslint-plugin-node": "^8.0.0",
50
- "eslint-plugin-security": "^1.3.0",
51
- "husky": "^3.0.0",
52
- "jest": "^24.9.0",
53
- "lint-staged": "^13.1.0",
42
+ "@babel/core": "^7.23.0",
43
+ "@babel/plugin-transform-runtime": "^7.22.15",
44
+ "@babel/preset-env": "^7.22.20",
45
+ "@babel/runtime": "^7.23.1",
46
+ "@babel/types": "^7.23.0",
47
+ "@commitlint/cli": "^17.7.2",
48
+ "@commitlint/config-angular": "^17.7.0",
49
+ "commitizen": "^4.3.0",
50
+ "cz-conventional-changelog": "^3.3.0",
51
+ "eslint": "^8.50.0",
52
+ "eslint-plugin-import": "^2.28.1",
53
+ "eslint-plugin-node": "^11.1.0",
54
+ "eslint-plugin-security": "^1.7.1",
55
+ "husky": "^8.0.3",
56
+ "jest": "^29.7.0",
57
+ "lint-staged": "^14.0.1",
54
58
  "lockfile-lint": "^4.12.1",
55
- "opn-cli": "^4.0.0",
56
- "prettier": "^2.8.3",
57
- "semantic-release": "21.0.2",
58
- "standard": "^12.0.0"
59
+ "prettier": "^3.0.3"
59
60
  },
60
61
  "jest": {
61
62
  "testEnvironment": "node",
62
63
  "verbose": true,
63
- "notify": true,
64
+ "notify": false,
64
65
  "collectCoverage": true,
65
66
  "coverageThreshold": {
66
67
  "global": {
@@ -93,16 +94,6 @@
93
94
  "path": "./node_modules/cz-conventional-changelog"
94
95
  }
95
96
  },
96
- "husky": {
97
- "hooks": {
98
- "commit-msg": "commitlint --env HUSKY_GIT_PARAMS",
99
- "pre-commit": "lint-staged",
100
- "pre-push": "npm run lint && npm run test",
101
- "post-commit": "git status",
102
- "post-checkout": "git status",
103
- "post-merge": "npm install"
104
- }
105
- },
106
97
  "commitlint": {
107
98
  "extends": [
108
99
  "@commitlint/config-angular"
@@ -115,12 +106,6 @@
115
106
  "git add"
116
107
  ]
117
108
  },
118
- "standard": {
119
- "env": [
120
- "node",
121
- "jest"
122
- ]
123
- },
124
109
  "eslintConfig": {
125
110
  "env": {
126
111
  "node": true,
@@ -132,7 +117,8 @@
132
117
  "security"
133
118
  ],
134
119
  "extends": [
135
- "plugin:node/recommended"
120
+ "plugin:node/recommended",
121
+ "plugin:security/recommended"
136
122
  ],
137
123
  "rules": {
138
124
  "semi": "off",
@@ -154,14 +140,14 @@
154
140
  "node/no-unsupported-features/node-builtins": [
155
141
  "error",
156
142
  {
157
- "version": ">=10.6.0",
143
+ "version": ">=18.17.0",
158
144
  "ignores": []
159
145
  }
160
146
  ],
161
147
  "node/no-unsupported-features/es-syntax": [
162
148
  "error",
163
149
  {
164
- "version": ">=10.6.0",
150
+ "version": ">=18.17.0",
165
151
  "ignores": []
166
152
  }
167
153
  ]
@@ -183,17 +169,15 @@
183
169
  }
184
170
  },
185
171
  "dependencies": {
186
- "chalk": "^2.3.0",
187
- "glob": "^8.0.3",
188
- "inquirer": "^8.0.0",
189
- "listr": "^0.14.0",
190
- "node-fetch": "^2.6.7",
191
- "npm-package-arg": "^10.1.0",
172
+ "glob": "^10.3.10",
173
+ "inquirer": "^8.2.6",
174
+ "kleur": "^4.1.5",
175
+ "listr": "^0.14.3",
176
+ "npm-package-arg": "^11.0.1",
192
177
  "pacote": "^17.0.4",
193
- "semver": "^7.3.8",
194
- "update-notifier": "^5",
195
- "validator": "13.7.0",
196
- "yargs": "^17.6.2"
178
+ "semver": "^7.5.4",
179
+ "validator": "13.11.0",
180
+ "yargs": "^17.7.2"
197
181
  },
198
182
  "release": {
199
183
  "branches": [
@@ -1,5 +1,5 @@
1
1
  const fs = require('fs')
2
- const chalk = require('chalk')
2
+ const color = require('kleur')
3
3
  const inquirer = require('inquirer')
4
4
  const semver = require('semver')
5
5
 
@@ -42,17 +42,17 @@ const runPostInstall = async () => {
42
42
  message: `Do you want to add ${shellConfig.name} aliases for npm and yarn?`
43
43
  }
44
44
  ])
45
- if (answers['install']) {
45
+ if (answers.install) {
46
46
  // eslint-disable-next-line security/detect-non-literal-fs-filename
47
47
  await fs.promises.appendFile(shellConfig.profilePath, shellConfig.aliases)
48
- console.log(chalk.green('✔'), 'Reload your shell profile to use npq!')
48
+ console.log(color.green('✔'), 'Reload your shell profile to use npq!')
49
49
  }
50
50
  } catch (err) {
51
51
  if (err.isTtyError) {
52
52
  // Could not render inquirer prompt; abort auto-install
53
53
  return
54
54
  }
55
- console.error(chalk.red('Failed to add aliases: '), err)
55
+ console.error(color.red('Failed to add aliases: '), err)
56
56
  }
57
57
  }
58
58
 
@@ -43,13 +43,13 @@ module.exports.removeFromFile = async (profilePath, aliases) => {
43
43
  }
44
44
 
45
45
  module.exports.isRunningInYarn = () => {
46
- const execPath = process.env['npm_execpath'] || ''
46
+ const execPath = process.env.npm_execpath || ''
47
47
  const binaryName = execPath.split(path.sep).pop()
48
48
  return binaryName.toLowerCase().includes('yarn')
49
49
  }
50
50
 
51
51
  module.exports.getNpmVersion = () => {
52
- const npmData = process.env['npm_config_user_agent'] || '0.0.0'
52
+ const npmData = process.env.npm_config_user_agent || '0.0.0'
53
53
  const version = /npm\/(.*) node/.exec(npmData)[1]
54
54
  return semver.valid(version) ? version : '0.0.0'
55
55
  }
@@ -61,6 +61,7 @@ const getProfile = async (profilePath) => {
61
61
  return profileData
62
62
  } catch (err) {
63
63
  if (err && err.code === 'ENOENT') {
64
+ return null
64
65
  } else if (err) {
65
66
  throw err
66
67
  }