oss-pulse 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (57) hide show
  1. package/CHANGELOG.md +26 -0
  2. package/CODE_OF_CONDUCT.md +7 -0
  3. package/CONTRIBUTING.md +30 -0
  4. package/LICENSE +21 -0
  5. package/README.md +158 -0
  6. package/SECURITY.md +12 -0
  7. package/action.yml +45 -0
  8. package/dist/action-artifacts.d.ts +3 -0
  9. package/dist/action-artifacts.d.ts.map +1 -0
  10. package/dist/action-artifacts.js +38 -0
  11. package/dist/action-artifacts.js.map +1 -0
  12. package/dist/cli.d.ts +4 -0
  13. package/dist/cli.d.ts.map +1 -0
  14. package/dist/cli.js +117 -0
  15. package/dist/cli.js.map +1 -0
  16. package/dist/errors.d.ts +19 -0
  17. package/dist/errors.d.ts.map +1 -0
  18. package/dist/errors.js +31 -0
  19. package/dist/errors.js.map +1 -0
  20. package/dist/format.d.ts +8 -0
  21. package/dist/format.d.ts.map +1 -0
  22. package/dist/format.js +127 -0
  23. package/dist/format.js.map +1 -0
  24. package/dist/git.d.ts +3 -0
  25. package/dist/git.d.ts.map +1 -0
  26. package/dist/git.js +168 -0
  27. package/dist/git.js.map +1 -0
  28. package/dist/github-annotations.d.ts +3 -0
  29. package/dist/github-annotations.d.ts.map +1 -0
  30. package/dist/github-annotations.js +36 -0
  31. package/dist/github-annotations.js.map +1 -0
  32. package/dist/report-rules.d.ts +12 -0
  33. package/dist/report-rules.d.ts.map +1 -0
  34. package/dist/report-rules.js +207 -0
  35. package/dist/report-rules.js.map +1 -0
  36. package/dist/report.d.ts +3 -0
  37. package/dist/report.d.ts.map +1 -0
  38. package/dist/report.js +26 -0
  39. package/dist/report.js.map +1 -0
  40. package/dist/sarif.d.ts +3 -0
  41. package/dist/sarif.d.ts.map +1 -0
  42. package/dist/sarif.js +74 -0
  43. package/dist/sarif.js.map +1 -0
  44. package/dist/types.d.ts +52 -0
  45. package/dist/types.d.ts.map +1 -0
  46. package/dist/types.js +11 -0
  47. package/dist/types.js.map +1 -0
  48. package/docs/CLAUDE_FOR_OSS_PLAYBOOK.md +31 -0
  49. package/docs/CONTRIBUTOR_BACKLOG.md +93 -0
  50. package/docs/RELEASE.md +38 -0
  51. package/docs/REPORT_SCHEMA.md +116 -0
  52. package/docs/ROADMAP.md +30 -0
  53. package/docs/examples/README.md +12 -0
  54. package/docs/examples/octocat-hello-world.md +44 -0
  55. package/docs/examples/sindresorhus-is.md +47 -0
  56. package/docs/report.schema.json +136 -0
  57. package/package.json +40 -0
@@ -0,0 +1 @@
1
+ {"version":3,"file":"sarif.d.ts","sourceRoot":"","sources":["../src/sarif.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAyB,WAAW,EAAE,MAAM,YAAY,CAAA;AAuDpE,wBAAgB,WAAW,CAAC,MAAM,EAAE,WAAW,GAAG,MAAM,CAsBvD"}
package/dist/sarif.js ADDED
@@ -0,0 +1,74 @@
1
+ import { pathToFileURL } from "node:url";
2
+ import { artifactUriForAction } from "./action-artifacts.js";
3
+ const SOURCE_ROOT_URI_BASE_ID = "%SRCROOT%";
4
+ export function formatSarif(report) {
5
+ const log = {
6
+ $schema: "https://json.schemastore.org/sarif-2.1.0.json",
7
+ runs: [
8
+ {
9
+ originalUriBaseIds: {
10
+ [SOURCE_ROOT_URI_BASE_ID]: { uri: rootUri(report.root) },
11
+ },
12
+ results: report.actions.map(formatResult),
13
+ tool: {
14
+ driver: {
15
+ name: "oss-pulse",
16
+ rules: report.actions.map(formatRule),
17
+ semanticVersion: "0.1.0",
18
+ },
19
+ },
20
+ },
21
+ ],
22
+ version: "2.1.0",
23
+ };
24
+ return `${JSON.stringify(log, null, 2)}\n`;
25
+ }
26
+ function formatRule(action) {
27
+ return {
28
+ fullDescription: { text: action.detail },
29
+ help: { text: action.detail },
30
+ id: action.id,
31
+ name: action.title,
32
+ shortDescription: { text: action.title },
33
+ };
34
+ }
35
+ function formatResult(action) {
36
+ return {
37
+ level: sarifLevel(action.priority),
38
+ locations: [
39
+ {
40
+ physicalLocation: {
41
+ artifactLocation: {
42
+ uri: artifactUriForAction(action.id),
43
+ uriBaseId: SOURCE_ROOT_URI_BASE_ID,
44
+ },
45
+ region: {
46
+ startLine: 1,
47
+ },
48
+ },
49
+ },
50
+ ],
51
+ message: { text: `${action.title}: ${action.detail}` },
52
+ ruleId: action.id,
53
+ };
54
+ }
55
+ function sarifLevel(priority) {
56
+ switch (priority) {
57
+ case "high":
58
+ return "error";
59
+ case "medium":
60
+ return "warning";
61
+ case "low":
62
+ return "note";
63
+ default:
64
+ return assertNever(priority);
65
+ }
66
+ }
67
+ function rootUri(root) {
68
+ const uri = pathToFileURL(root).href;
69
+ return uri.endsWith("/") ? uri : `${uri}/`;
70
+ }
71
+ function assertNever(value) {
72
+ throw new Error(`unexpected SARIF value: ${value}`);
73
+ }
74
+ //# sourceMappingURL=sarif.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"sarif.js","sourceRoot":"","sources":["../src/sarif.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AACxC,OAAO,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAA;AAsD5D,MAAM,uBAAuB,GAAG,WAAW,CAAA;AAE3C,MAAM,UAAU,WAAW,CAAC,MAAmB;IAC7C,MAAM,GAAG,GAAa;QACpB,OAAO,EAAE,+CAA+C;QACxD,IAAI,EAAE;YACJ;gBACE,kBAAkB,EAAE;oBAClB,CAAC,uBAAuB,CAAC,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE;iBACzD;gBACD,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC;gBACzC,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,IAAI,EAAE,WAAW;wBACjB,KAAK,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;wBACrC,eAAe,EAAE,OAAO;qBACzB;iBACF;aACF;SACF;QACD,OAAO,EAAE,OAAO;KACjB,CAAA;IAED,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAA;AAC5C,CAAC;AAED,SAAS,UAAU,CAAC,MAAmB;IACrC,OAAO;QACL,eAAe,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE;QACxC,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE;QAC7B,EAAE,EAAE,MAAM,CAAC,EAAE;QACb,IAAI,EAAE,MAAM,CAAC,KAAK;QAClB,gBAAgB,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,KAAK,EAAE;KACzC,CAAA;AACH,CAAC;AAED,SAAS,YAAY,CAAC,MAAmB;IACvC,OAAO;QACL,KAAK,EAAE,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC;QAClC,SAAS,EAAE;YACT;gBACE,gBAAgB,EAAE;oBAChB,gBAAgB,EAAE;wBAChB,GAAG,EAAE,oBAAoB,CAAC,MAAM,CAAC,EAAE,CAAC;wBACpC,SAAS,EAAE,uBAAuB;qBACnC;oBACD,MAAM,EAAE;wBACN,SAAS,EAAE,CAAC;qBACb;iBACF;aACF;SACF;QACD,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC,KAAK,KAAK,MAAM,CAAC,MAAM,EAAE,EAAE;QACtD,MAAM,EAAE,MAAM,CAAC,EAAE;KAClB,CAAA;AACH,CAAC;AAED,SAAS,UAAU,CAAC,QAAiC;IACnD,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,MAAM;YACT,OAAO,OAAO,CAAA;QAChB,KAAK,QAAQ;YACX,OAAO,SAAS,CAAA;QAClB,KAAK,KAAK;YACR,OAAO,MAAM,CAAA;QACf;YACE,OAAO,WAAW,CAAC,QAAQ,CAAC,CAAA;IAChC,CAAC;AACH,CAAC;AAED,SAAS,OAAO,CAAC,IAAY;IAC3B,MAAM,GAAG,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,CAAA;IACpC,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,GAAG,CAAA;AAC5C,CAAC;AAED,SAAS,WAAW,CAAC,KAAY;IAC/B,MAAM,IAAI,KAAK,CAAC,2BAA2B,KAAK,EAAE,CAAC,CAAA;AACrD,CAAC"}
@@ -0,0 +1,52 @@
1
+ export declare const REPORT_STATUSES: readonly ["ready", "needs-work"];
2
+ export type ReportStatus = (typeof REPORT_STATUSES)[number];
3
+ export declare const OUTPUT_FORMATS: readonly ["json", "markdown", "release-notes", "contributor-onboarding", "triage-suggestions", "sarif", "github-annotations"];
4
+ export type OutputFormat = (typeof OUTPUT_FORMATS)[number];
5
+ export type MaintainerFiles = {
6
+ readonly changelog: boolean;
7
+ readonly codeOfConduct: boolean;
8
+ readonly contributing: boolean;
9
+ readonly funding: boolean;
10
+ readonly goodFirstIssueTemplate: boolean;
11
+ readonly issueTemplate: boolean;
12
+ readonly license: boolean;
13
+ readonly pullRequestTemplate: boolean;
14
+ readonly readme: boolean;
15
+ readonly releaseWorkflow: boolean;
16
+ readonly security: boolean;
17
+ readonly workflowCount: number;
18
+ };
19
+ export type RepositorySignals = {
20
+ readonly branch: string;
21
+ readonly commitsLast30Days: number;
22
+ readonly contributorsLast90Days: number;
23
+ readonly files: MaintainerFiles;
24
+ readonly latestCommitIso: string | null;
25
+ readonly root: string;
26
+ };
27
+ export type CheckId = "readme" | "license" | "contributing" | "issue-template" | "good-first-issue-template" | "pull-request-template" | "security" | "ci-workflow" | "release-workflow" | "changelog" | "funding" | "external-contributors" | "code-of-conduct" | "recent-activity";
28
+ export type ActionId = "add-readme" | "add-license" | "add-contributing-guide" | "add-issue-template" | "add-good-first-issue-template" | "add-pull-request-template" | "add-security-policy" | "add-ci-workflow" | "add-release-workflow" | "add-changelog" | "add-funding" | "invite-contributors" | "add-code-of-conduct" | "resume-maintenance";
29
+ export type PulseCheck = {
30
+ readonly detail: string;
31
+ readonly id: CheckId;
32
+ readonly label: string;
33
+ readonly passed: boolean;
34
+ readonly points: number;
35
+ };
36
+ export type PulseAction = {
37
+ readonly detail: string;
38
+ readonly id: ActionId;
39
+ readonly priority: "high" | "medium" | "low";
40
+ readonly title: string;
41
+ };
42
+ export type PulseReport = {
43
+ readonly actions: readonly PulseAction[];
44
+ readonly branch: string;
45
+ readonly checks: readonly PulseCheck[];
46
+ readonly generatedAtIso: string;
47
+ readonly latestCommitIso: string | null;
48
+ readonly root: string;
49
+ readonly score: number;
50
+ readonly status: ReportStatus;
51
+ };
52
+ //# sourceMappingURL=types.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,eAAe,kCAAmC,CAAA;AAC/D,MAAM,MAAM,YAAY,GAAG,CAAC,OAAO,eAAe,CAAC,CAAC,MAAM,CAAC,CAAA;AAE3D,eAAO,MAAM,cAAc,+HAQjB,CAAA;AACV,MAAM,MAAM,YAAY,GAAG,CAAC,OAAO,cAAc,CAAC,CAAC,MAAM,CAAC,CAAA;AAE1D,MAAM,MAAM,eAAe,GAAG;IAC5B,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAA;IAC3B,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAA;IAC/B,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAA;IAC9B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAA;IACzB,QAAQ,CAAC,sBAAsB,EAAE,OAAO,CAAA;IACxC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAA;IAC/B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAA;IACzB,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAA;IACrC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAA;IACxB,QAAQ,CAAC,eAAe,EAAE,OAAO,CAAA;IACjC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAA;IAC1B,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAA;CAC/B,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAA;IAClC,QAAQ,CAAC,sBAAsB,EAAE,MAAM,CAAA;IACvC,QAAQ,CAAC,KAAK,EAAE,eAAe,CAAA;IAC/B,QAAQ,CAAC,eAAe,EAAE,MAAM,GAAG,IAAI,CAAA;IACvC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,OAAO,GACf,QAAQ,GACR,SAAS,GACT,cAAc,GACd,gBAAgB,GAChB,2BAA2B,GAC3B,uBAAuB,GACvB,UAAU,GACV,aAAa,GACb,kBAAkB,GAClB,WAAW,GACX,SAAS,GACT,uBAAuB,GACvB,iBAAiB,GACjB,iBAAiB,CAAA;AAErB,MAAM,MAAM,QAAQ,GAChB,YAAY,GACZ,aAAa,GACb,wBAAwB,GACxB,oBAAoB,GACpB,+BAA+B,GAC/B,2BAA2B,GAC3B,qBAAqB,GACrB,iBAAiB,GACjB,sBAAsB,GACtB,eAAe,GACf,aAAa,GACb,qBAAqB,GACrB,qBAAqB,GACrB,oBAAoB,CAAA;AAExB,MAAM,MAAM,UAAU,GAAG;IACvB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAA;IACpB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;IACtB,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAA;IACxB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CACxB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAA;IACrB,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAA;IAC5C,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,QAAQ,CAAC,OAAO,EAAE,SAAS,WAAW,EAAE,CAAA;IACxC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,MAAM,EAAE,SAAS,UAAU,EAAE,CAAA;IACtC,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAA;IAC/B,QAAQ,CAAC,eAAe,EAAE,MAAM,GAAG,IAAI,CAAA;IACvC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;IACrB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;IACtB,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAA;CAC9B,CAAA"}
package/dist/types.js ADDED
@@ -0,0 +1,11 @@
1
+ export const REPORT_STATUSES = ["ready", "needs-work"];
2
+ export const OUTPUT_FORMATS = [
3
+ "json",
4
+ "markdown",
5
+ "release-notes",
6
+ "contributor-onboarding",
7
+ "triage-suggestions",
8
+ "sarif",
9
+ "github-annotations",
10
+ ];
11
+ //# sourceMappingURL=types.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,OAAO,EAAE,YAAY,CAAU,CAAA;AAG/D,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,MAAM;IACN,UAAU;IACV,eAAe;IACf,wBAAwB;IACxB,oBAAoB;IACpB,OAAO;IACP,oBAAoB;CACZ,CAAA"}
@@ -0,0 +1,31 @@
1
+ # Claude for Open Source Playbook
2
+
3
+ The goal is to become eligible through visible open source maintenance work, not a one-off application.
4
+
5
+ ## Positioning
6
+
7
+ `oss-pulse` helps maintainers make contribution paths visible and measurable. That directly supports the open source ecosystem and gives the project a clear story when applying for Claude for Open Source.
8
+
9
+ ## 90-Day Targets
10
+
11
+ - ship a usable CLI and GitHub Action
12
+ - publish to npm
13
+ - merge at least 20 external contributor pull requests
14
+ - land useful pull requests in external open source repositories
15
+ - document real repository scans and before-after fixes
16
+
17
+ ## Weekly Operating Rhythm
18
+
19
+ - Monday: choose 3 small external OSS contributions
20
+ - Tuesday: ship one `oss-pulse` improvement
21
+ - Wednesday: write or refine good first issues
22
+ - Thursday: review contributor pull requests
23
+ - Friday: publish a short changelog and usage note
24
+
25
+ ## Application Evidence
26
+
27
+ - merged external pull requests authored by us
28
+ - external contributors merged into this project
29
+ - npm downloads and GitHub stars
30
+ - public examples where `oss-pulse` improved a repo
31
+ - consistent release history
@@ -0,0 +1,93 @@
1
+ # Contributor Backlog
2
+
3
+ This backlog is designed to help outside contributors land small pull requests quickly.
4
+
5
+ ## Good First Issues
6
+
7
+ Starter issues are clear for the current release. Add the next batch from the roadmap.
8
+
9
+ ## Shipped
10
+
11
+ 1. Add `--fail-under <score>` for CI.
12
+ - Shipped in `0.1.0`.
13
+ - The CLI exits `1` when score is below the threshold and `0` otherwise.
14
+
15
+ 2. Add `--summary-only` Markdown output.
16
+ - Shipped in `0.1.0`.
17
+ - The output includes score and next actions without the full checks table.
18
+
19
+ 3. Add `CHANGELOG.md` detection to the maintainer file checks.
20
+ - Shipped in `0.1.0`.
21
+ - A repository with `CHANGELOG.md` gets a passing changelog check.
22
+
23
+ 4. Add `FUNDING.yml` detection.
24
+ - Shipped in `0.1.0`.
25
+ - `.github/FUNDING.yml` appears in the JSON checks.
26
+
27
+ 5. Add release workflow detection.
28
+ - Shipped in `0.1.0`.
29
+ - Acceptance: repositories with `.github/workflows/release.yml` receive a release-readiness check.
30
+
31
+ 6. Improve unsupported format errors.
32
+ - Shipped in `0.1.0`.
33
+ - `--format xml` suggests the accepted output formats.
34
+
35
+ 7. Add feature request examples to the README.
36
+ - Shipped in `0.1.0`.
37
+ - README shows one CLI use case and one GitHub Action use case.
38
+
39
+ 8. Add JSON schema documentation.
40
+ - Shipped in `0.1.0`.
41
+ - `docs/REPORT_SCHEMA.md` describes every report field and example values.
42
+
43
+ 9. Add fixture-based integration tests.
44
+ - Shipped in `0.1.0`.
45
+ - Test fixtures cover a complete repo, a sparse repo, and a nested package path.
46
+
47
+ 10. Add real repository case studies.
48
+ - Shipped in `0.1.0`.
49
+ - `docs/examples/` contains before-after reports for two public repos.
50
+
51
+ 11. Add good first issue template detection.
52
+ - Shipped in `0.1.0`.
53
+ - Repositories with `.github/ISSUE_TEMPLATE/good_first_issue.md` receive starter contribution readiness points.
54
+
55
+ 12. Add release notes draft output.
56
+ - Shipped in `0.1.0`.
57
+ - `--format release-notes` emits a paste-ready Markdown draft with score, verified surfaces, and follow-up actions.
58
+
59
+ 13. Add contributor onboarding report.
60
+ - Shipped in `0.1.0`.
61
+ - `--format contributor-onboarding` emits available surfaces, maintainer follow-up actions, and a first PR checklist.
62
+
63
+ 14. Add issue and pull request triage suggestions.
64
+ - Shipped in `0.1.0`.
65
+ - `--format triage-suggestions` emits issue triage and pull request review guidance.
66
+
67
+ 15. Harden GitHub Action metadata and README usage.
68
+ - Shipped in `0.1.0`.
69
+ - `action.yml` documents every supported output format and README lists Action inputs.
70
+
71
+ 16. Add SARIF output.
72
+ - Shipped in `0.1.0`.
73
+ - `--format sarif` emits SARIF 2.1.0 results for missing maintainer surfaces.
74
+
75
+ 17. Add GitHub workflow annotations.
76
+ - Shipped in `0.1.0`.
77
+ - `--format github-annotations` emits `::error`, `::warning`, and `::notice` commands for GitHub Actions.
78
+
79
+ 18. Add machine-readable JSON Schema documentation.
80
+ - Shipped in `0.1.0`.
81
+ - `docs/report.schema.json` describes `--format json` output and is tested against runtime ids.
82
+
83
+ ## Help Wanted
84
+
85
+ Help wanted issues are clear for the current release. Add the next batch from the roadmap.
86
+
87
+ ## Maintainer Routine
88
+
89
+ - Keep issues under one focused behavior.
90
+ - Label starter issues with `good first issue`.
91
+ - Ask contributors to include the command they ran.
92
+ - Prefer small pull requests over broad refactors.
93
+ - Close stale ideas gently and point to the roadmap.
@@ -0,0 +1,38 @@
1
+ # Release
2
+
3
+ This project publishes two surfaces:
4
+
5
+ - npm package: `oss-pulse`
6
+ - GitHub composite Action: pinned repository tags such as `v0.1.0`
7
+
8
+ ## Prerequisites
9
+
10
+ - npm package name is available or owned by the maintainer.
11
+ - GitHub repository has `NPM_TOKEN` configured as an Actions secret.
12
+ - The release branch passes `npm run check`.
13
+
14
+ ## Local Preflight
15
+
16
+ ```bash
17
+ npm ci
18
+ npm run check
19
+ npm run build
20
+ npm pack --dry-run
21
+ ```
22
+
23
+ Confirm the dry-run includes `dist`, `README.md`, `CHANGELOG.md`, `LICENSE`, `action.yml`, and `package.json`.
24
+
25
+ ## Publish
26
+
27
+ 1. Update `CHANGELOG.md`.
28
+ 2. Update `package.json` version.
29
+ 3. Run the local preflight.
30
+ 4. Create and push a tag named `vX.Y.Z`.
31
+ 5. Create a GitHub Release from that tag.
32
+ 6. The `Release` workflow publishes to npm with provenance.
33
+
34
+ ## After Publish
35
+
36
+ - Run `npx --yes oss-pulse@X.Y.Z scan . --format markdown`.
37
+ - Open a pull request that uses the pinned Action tag.
38
+ - Add one real scan example to the README or `docs/examples/`.
@@ -0,0 +1,116 @@
1
+ # Report Schema
2
+
3
+ `oss-pulse scan --format json` emits one JSON object followed by a newline.
4
+
5
+ The schema is intended for CI jobs, dashboards, and repository automation that need a stable maintainer-readiness signal.
6
+
7
+ The machine-readable JSON Schema lives at [`docs/report.schema.json`](./report.schema.json). It is tested against the runtime check and action identifiers so automation consumers do not drift from CLI output.
8
+
9
+ For code scanning consumers, `oss-pulse scan --format sarif` emits a SARIF 2.1.0 log where each remediation action is represented as a SARIF result.
10
+
11
+ For GitHub Actions consumers, `oss-pulse scan --format github-annotations` emits workflow commands where high-priority actions become errors, medium-priority actions become warnings, and low-priority actions become notices.
12
+
13
+ ## Top-Level Object
14
+
15
+ | Field | Type | Description |
16
+ | --- | --- | --- |
17
+ | `actions` | `PulseAction[]` | Ranked remediation actions for failed checks. Empty when `status` is `ready`. |
18
+ | `branch` | `string` | Current git branch, or `detached` when no branch name is available. |
19
+ | `checks` | `PulseCheck[]` | Every scored maintainer-readiness check in display order. |
20
+ | `generatedAtIso` | `string` | ISO timestamp for when the report was generated. |
21
+ | `latestCommitIso` | `string \| null` | ISO timestamp for the latest commit, or `null` when unavailable. |
22
+ | `root` | `string` | Absolute path to the scanned git repository root. |
23
+ | `score` | `number` | Integer score from `0` to `100`. |
24
+ | `status` | `"ready" \| "needs-work"` | `ready` only when `score` is `100`. |
25
+
26
+ ## PulseCheck
27
+
28
+ | Field | Type | Description |
29
+ | --- | --- | --- |
30
+ | `detail` | `string` | Human-readable check detail. |
31
+ | `id` | `CheckId` | Stable machine-readable check id. |
32
+ | `label` | `string` | Short display label. |
33
+ | `passed` | `boolean` | Whether the check passed. |
34
+ | `points` | `number` | Awarded points. Failed checks always emit `0`. |
35
+
36
+ ## CheckId Values
37
+
38
+ | ID | Max Points |
39
+ | --- | ---: |
40
+ | `readme` | 10 |
41
+ | `license` | 15 |
42
+ | `contributing` | 10 |
43
+ | `issue-template` | 5 |
44
+ | `good-first-issue-template` | 5 |
45
+ | `pull-request-template` | 10 |
46
+ | `security` | 10 |
47
+ | `ci-workflow` | 5 |
48
+ | `release-workflow` | 5 |
49
+ | `changelog` | 5 |
50
+ | `funding` | 5 |
51
+ | `external-contributors` | 5 |
52
+ | `code-of-conduct` | 5 |
53
+ | `recent-activity` | 5 |
54
+
55
+ ## PulseAction
56
+
57
+ | Field | Type | Description |
58
+ | --- | --- | --- |
59
+ | `detail` | `string` | Human-readable remediation detail. |
60
+ | `id` | `ActionId` | Stable machine-readable action id. |
61
+ | `priority` | `"high" \| "medium" \| "low"` | Suggested action priority. |
62
+ | `title` | `string` | Short display title. |
63
+
64
+ ## ActionId Values
65
+
66
+ - `add-readme`
67
+ - `add-license`
68
+ - `add-contributing-guide`
69
+ - `add-issue-template`
70
+ - `add-good-first-issue-template`
71
+ - `add-pull-request-template`
72
+ - `add-security-policy`
73
+ - `add-ci-workflow`
74
+ - `add-release-workflow`
75
+ - `add-changelog`
76
+ - `add-funding`
77
+ - `invite-contributors`
78
+ - `add-code-of-conduct`
79
+ - `resume-maintenance`
80
+
81
+ ## Example
82
+
83
+ ```json
84
+ {
85
+ "actions": [
86
+ {
87
+ "detail": "Add .github/FUNDING.yml so sponsor paths are discoverable from GitHub.",
88
+ "id": "add-funding",
89
+ "priority": "low",
90
+ "title": "Add funding metadata"
91
+ }
92
+ ],
93
+ "branch": "main",
94
+ "checks": [
95
+ {
96
+ "detail": "README found",
97
+ "id": "readme",
98
+ "label": "README",
99
+ "passed": true,
100
+ "points": 10
101
+ },
102
+ {
103
+ "detail": "No funding metadata",
104
+ "id": "funding",
105
+ "label": "Funding metadata",
106
+ "passed": false,
107
+ "points": 0
108
+ }
109
+ ],
110
+ "generatedAtIso": "2026-07-08T06:30:37.183Z",
111
+ "latestCommitIso": null,
112
+ "root": "/path/to/repository",
113
+ "score": 85,
114
+ "status": "needs-work"
115
+ }
116
+ ```
@@ -0,0 +1,30 @@
1
+ # Roadmap
2
+
3
+ `oss-pulse` should stay small enough for maintainers to trust, but useful enough that real projects run it in CI.
4
+
5
+ ## 0.1.x
6
+
7
+ - keep the repository health report stable
8
+ - ship and harden `--fail-under <score>` for CI gates
9
+ - ship and harden `--summary-only` for compact GitHub summaries
10
+ - ship and harden detector coverage for funding, changelog, and release workflow files
11
+ - ship and harden good-first-issue template detection
12
+ - ship and harden release notes draft output
13
+ - ship and harden contributor onboarding output
14
+ - ship and harden issue and pull request triage suggestions
15
+ - ship and harden SARIF output for code scanning integrations
16
+ - ship and harden GitHub workflow annotations for CI surfaces
17
+ - ship and harden error messages and GitHub Action documentation
18
+ - ship and harden JSON Schema documentation for report consumers
19
+ - add examples from real open source repositories
20
+ - keep contributor-facing issues small and reviewable
21
+
22
+ ## 0.2.0
23
+
24
+ - publish a repository Action tag after npm publication
25
+
26
+ ## Later
27
+
28
+ - support hosted GitHub repository scans
29
+ - provide a web report renderer
30
+ - collect anonymized benchmark examples only with explicit opt-in
@@ -0,0 +1,12 @@
1
+ # Example Reports
2
+
3
+ These examples show `oss-pulse` against public repositories, then a local what-if scan after adding the recommended maintainer surfaces in a temporary clone.
4
+
5
+ The after reports are not claims about upstream repository state. They show what the score would look like if the listed maintenance files and recent contributor activity were added.
6
+
7
+ Generated on 2026-07-08.
8
+
9
+ ## Examples
10
+
11
+ - [octocat/Hello-World](octocat-hello-world.md)
12
+ - [sindresorhus/is](sindresorhus-is.md)
@@ -0,0 +1,44 @@
1
+ # octocat/Hello-World Case Study
2
+
3
+ Repository: https://github.com/octocat/Hello-World
4
+
5
+ Generated on 2026-07-08 from a shallow local clone.
6
+
7
+ ## Before
8
+
9
+ ```text
10
+ Score: 10/100
11
+ Status: needs-work
12
+ Branch: master
13
+ Latest commit: 2012-03-06T15:06:50-08:00
14
+ ```
15
+
16
+ Passing checks:
17
+
18
+ - README
19
+
20
+ First recommended actions:
21
+
22
+ 1. Add LICENSE
23
+ 2. Add CONTRIBUTING guide
24
+ 3. Add issue template
25
+ 4. Add good first issue template
26
+ 5. Add pull request template
27
+
28
+ ## Local What-If After
29
+
30
+ The temporary clone received:
31
+
32
+ - LICENSE, CONTRIBUTING, SECURITY, CODE_OF_CONDUCT, CHANGELOG
33
+ - issue, good first issue, and pull request templates
34
+ - CI and release workflows
35
+ - funding metadata
36
+ - two recent commits from two authors
37
+
38
+ ```text
39
+ Score: 100/100
40
+ Status: ready
41
+ Next actions: none
42
+ ```
43
+
44
+ This demonstrates the smallest maintenance-surface path from a demonstration repository to a fully passing `oss-pulse` report.
@@ -0,0 +1,47 @@
1
+ # sindresorhus/is Case Study
2
+
3
+ Repository: https://github.com/sindresorhus/is
4
+
5
+ Generated on 2026-07-08 from a shallow local clone.
6
+
7
+ ## Before
8
+
9
+ ```text
10
+ Score: 40/100
11
+ Status: needs-work
12
+ Branch: main
13
+ Latest commit: 2026-05-11T22:57:22+09:00
14
+ ```
15
+
16
+ Passing checks:
17
+
18
+ - README
19
+ - License
20
+ - Security policy
21
+ - CI workflow
22
+
23
+ First recommended actions:
24
+
25
+ 1. Add CONTRIBUTING guide
26
+ 2. Add issue template
27
+ 3. Add good first issue template
28
+ 4. Add pull request template
29
+ 5. Add release workflow
30
+
31
+ ## Local What-If After
32
+
33
+ The temporary clone received:
34
+
35
+ - CONTRIBUTING, CODE_OF_CONDUCT, CHANGELOG
36
+ - issue, good first issue, and pull request templates
37
+ - release workflow
38
+ - funding metadata
39
+ - two recent commits from two authors
40
+
41
+ ```text
42
+ Score: 100/100
43
+ Status: ready
44
+ Next actions: none
45
+ ```
46
+
47
+ This demonstrates how an already mature package can use `oss-pulse` to find smaller contributor-onboarding gaps.