npm - prodlint - Versions diffs - 0.6.0 → 0.7.1 - Mend

prodlint 0.6.0 → 0.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/action.yml CHANGED Viewed

@@ -1,152 +1,152 @@
-name: 'Prodlint'
-description: 'The linter for vibe-coded apps — catch what AI coding tools miss'
-branding:
-  icon: 'shield'
-  color: 'green'
-inputs:
-  path:
-    description: 'Path to scan (default: current directory)'
-    required: false
-    default: '.'
-  threshold:
-    description: 'Minimum score to pass (0-100). Fails the check if score is below this.'
-    required: false
-    default: '0'
-  ignore:
-    description: 'Glob patterns to ignore (comma-separated)'
-    required: false
-    default: ''
-  comment:
-    description: 'Post a PR comment with results (true/false)'
-    required: false
-    default: 'true'
-outputs:
-  score:
-    description: 'Overall prodlint score (0-100)'
-    value: ${{ steps.scan.outputs.score }}
-  critical:
-    description: 'Number of critical findings'
-    value: ${{ steps.scan.outputs.critical }}
-runs:
-  using: 'composite'
-  steps:
-    - name: Setup Node.js
-      uses: actions/setup-node@v4
-      with:
-        node-version: '20'
-    - name: Run prodlint
-      id: scan
-      shell: bash
-      env:
-        INPUT_PATH: ${{ inputs.path }}
-        INPUT_IGNORE: ${{ inputs.ignore }}
-      run: |
-        CMD_ARGS=("$INPUT_PATH" "--json")
-        if [ -n "$INPUT_IGNORE" ]; then
-          IFS=',' read -ra PATTERNS <<< "$INPUT_IGNORE"
-          for p in "${PATTERNS[@]}"; do
-            trimmed=$(echo "$p" | xargs)
-            CMD_ARGS+=("--ignore" "$trimmed")
-          done
-        fi
-        OUTPUT=$(npx -y prodlint@latest "${CMD_ARGS[@]}" 2>&1) || true
-        SCORE=$(echo "$OUTPUT" | node -e "
-          const d = JSON.parse(require('fs').readFileSync(0, 'utf8'));
-          console.log(Number(d.overallScore) || 0);
-        " 2>/dev/null || echo "0")
-        SCORE=$(echo "$SCORE" | tr -cd '0-9')
-        CRITICAL=$(echo "$OUTPUT" | node -e "
-          const d = JSON.parse(require('fs').readFileSync(0, 'utf8'));
-          console.log(Number(d.summary.critical) || 0);
-        " 2>/dev/null || echo "0")
-        CRITICAL=$(echo "$CRITICAL" | tr -cd '0-9')
-        echo "score=${SCORE:-0}" >> "$GITHUB_OUTPUT"
-        echo "critical=${CRITICAL:-0}" >> "$GITHUB_OUTPUT"
-        echo "$OUTPUT" > /tmp/prodlint-result.json
-    - name: Generate comment body
-      if: inputs.comment == 'true' && github.event_name == 'pull_request'
-      id: comment
-      shell: bash
-      env:
-        SCAN_SCORE: ${{ steps.scan.outputs.score }}
-        INPUT_THRESHOLD: ${{ inputs.threshold }}
-      run: |
-        SCORE="$SCAN_SCORE"
-        THRESHOLD="$INPUT_THRESHOLD"
-        if [ "$SCORE" -ge 80 ]; then
-          EMOJI="✅"
-          COLOR="brightgreen"
-        elif [ "$SCORE" -ge 60 ]; then
-          EMOJI="⚠️"
-          COLOR="yellow"
-        else
-          EMOJI="🚨"
-          COLOR="red"
-        fi
-        # Build comment from JSON with markdown sanitization
-        TMPFILE=$(mktemp "${RUNNER_TEMP:-/tmp}/prodlint-comment-XXXXXX.md")
-        node -e "
-          const fs = require('fs');
-          const d = JSON.parse(fs.readFileSync('/tmp/prodlint-result.json', 'utf8'));
-          const esc = s => String(s).replace(/[[\]()\\*_\`<>]/g, c => '\\\\' + c);
-          const lines = [];
-          lines.push('## ' + '$EMOJI' + ' Prodlint Score: **' + d.overallScore + '/100**');
-          lines.push('');
-          lines.push('| Category | Score | Issues |');
-          lines.push('|----------|-------|--------|');
-          for (const c of d.categoryScores) {
-            const icon = c.score >= 80 ? '🟢' : c.score >= 60 ? '🟡' : '🔴';
-            lines.push('| ' + icon + ' ' + esc(c.category) + ' | ' + c.score + '/100 | ' + c.findingCount + ' |');
-          }
-          if (d.summary.critical > 0) {
-            lines.push('');
-            lines.push('### Critical Issues');
-            lines.push('');
-            const crits = d.findings.filter(f => f.severity === 'critical');
-            for (const f of crits.slice(0, 10)) {
-              lines.push('- \`' + esc(f.ruleId) + '\` \`' + esc(f.file) + ':' + f.line + '\` — ' + esc(f.message));
-            }
-            if (crits.length > 10) {
-              lines.push('- ...and ' + (crits.length - 10) + ' more');
-            }
-          }
-          lines.push('');
-          lines.push('---');
-          lines.push('*Scanned ' + d.filesScanned + ' files in ' + d.scanDurationMs + 'ms · [prodlint](https://prodlint.com)*');
-          fs.writeFileSync('$TMPFILE', lines.join('\n'));
-        "
-        # Use the generated file for the comment step
-        cp "$TMPFILE" /tmp/prodlint-comment.md
-    - name: Post PR comment
-      if: inputs.comment == 'true' && github.event_name == 'pull_request'
-      uses: marocchino/sticky-pull-request-comment@v2
-      with:
-        header: prodlint
-        path: /tmp/prodlint-comment.md
-    - name: Check threshold
-      if: inputs.threshold != '0'
-      shell: bash
-      env:
-        SCAN_SCORE: ${{ steps.scan.outputs.score }}
-        INPUT_THRESHOLD: ${{ inputs.threshold }}
-      run: |
-        SCORE="$SCAN_SCORE"
-        THRESHOLD="$INPUT_THRESHOLD"
-        if [ "$SCORE" -lt "$THRESHOLD" ]; then
-          echo "::error::Prodlint score ($SCORE) is below threshold ($THRESHOLD)"
-          exit 1
-        fi
+name: 'Prodlint'
+description: 'The linter for vibe-coded apps — catch what AI coding tools miss'
+branding:
+  icon: 'shield'
+  color: 'green'
+inputs:
+  path:
+    description: 'Path to scan (default: current directory)'
+    required: false
+    default: '.'
+  threshold:
+    description: 'Minimum score to pass (0-100). Fails the check if score is below this.'
+    required: false
+    default: '0'
+  ignore:
+    description: 'Glob patterns to ignore (comma-separated)'
+    required: false
+    default: ''
+  comment:
+    description: 'Post a PR comment with results (true/false)'
+    required: false
+    default: 'true'
+outputs:
+  score:
+    description: 'Overall prodlint score (0-100)'
+    value: ${{ steps.scan.outputs.score }}
+  critical:
+    description: 'Number of critical findings'
+    value: ${{ steps.scan.outputs.critical }}
+runs:
+  using: 'composite'
+  steps:
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '20'
+    - name: Run prodlint
+      id: scan
+      shell: bash
+      env:
+        INPUT_PATH: ${{ inputs.path }}
+        INPUT_IGNORE: ${{ inputs.ignore }}
+      run: |
+        CMD_ARGS=("$INPUT_PATH" "--json")
+        if [ -n "$INPUT_IGNORE" ]; then
+          IFS=',' read -ra PATTERNS <<< "$INPUT_IGNORE"
+          for p in "${PATTERNS[@]}"; do
+            trimmed=$(echo "$p" | xargs)
+            CMD_ARGS+=("--ignore" "$trimmed")
+          done
+        fi
+        OUTPUT=$(npx -y prodlint@latest "${CMD_ARGS[@]}" 2>&1) || true
+        SCORE=$(echo "$OUTPUT" | node -e "
+          const d = JSON.parse(require('fs').readFileSync(0, 'utf8'));
+          console.log(Number(d.overallScore) || 0);
+        " 2>/dev/null || echo "0")
+        SCORE=$(echo "$SCORE" | tr -cd '0-9')
+        CRITICAL=$(echo "$OUTPUT" | node -e "
+          const d = JSON.parse(require('fs').readFileSync(0, 'utf8'));
+          console.log(Number(d.summary.critical) || 0);
+        " 2>/dev/null || echo "0")
+        CRITICAL=$(echo "$CRITICAL" | tr -cd '0-9')
+        echo "score=${SCORE:-0}" >> "$GITHUB_OUTPUT"
+        echo "critical=${CRITICAL:-0}" >> "$GITHUB_OUTPUT"
+        echo "$OUTPUT" > /tmp/prodlint-result.json
+    - name: Generate comment body
+      if: inputs.comment == 'true' && github.event_name == 'pull_request'
+      id: comment
+      shell: bash
+      env:
+        SCAN_SCORE: ${{ steps.scan.outputs.score }}
+        INPUT_THRESHOLD: ${{ inputs.threshold }}
+      run: |
+        SCORE="$SCAN_SCORE"
+        THRESHOLD="$INPUT_THRESHOLD"
+        if [ "$SCORE" -ge 80 ]; then
+          EMOJI="✅"
+          COLOR="brightgreen"
+        elif [ "$SCORE" -ge 60 ]; then
+          EMOJI="⚠️"
+          COLOR="yellow"
+        else
+          EMOJI="🚨"
+          COLOR="red"
+        fi
+        # Build comment from JSON with markdown sanitization
+        TMPFILE=$(mktemp "${RUNNER_TEMP:-/tmp}/prodlint-comment-XXXXXX.md")
+        node -e "
+          const fs = require('fs');
+          const d = JSON.parse(fs.readFileSync('/tmp/prodlint-result.json', 'utf8'));
+          const esc = s => String(s).replace(/[[\]()\\*_\`<>]/g, c => '\\\\' + c);
+          const lines = [];
+          lines.push('## ' + '$EMOJI' + ' Prodlint Score: **' + d.overallScore + '/100**');
+          lines.push('');
+          lines.push('| Category | Score | Issues |');
+          lines.push('|----------|-------|--------|');
+          for (const c of d.categoryScores) {
+            const icon = c.score >= 80 ? '🟢' : c.score >= 60 ? '🟡' : '🔴';
+            lines.push('| ' + icon + ' ' + esc(c.category) + ' | ' + c.score + '/100 | ' + c.findingCount + ' |');
+          }
+          if (d.summary.critical > 0) {
+            lines.push('');
+            lines.push('### Critical Issues');
+            lines.push('');
+            const crits = d.findings.filter(f => f.severity === 'critical');
+            for (const f of crits.slice(0, 10)) {
+              lines.push('- \`' + esc(f.ruleId) + '\` \`' + esc(f.file) + ':' + f.line + '\` — ' + esc(f.message));
+            }
+            if (crits.length > 10) {
+              lines.push('- ...and ' + (crits.length - 10) + ' more');
+            }
+          }
+          lines.push('');
+          lines.push('---');
+          lines.push('*Scanned ' + d.filesScanned + ' files in ' + d.scanDurationMs + 'ms · [prodlint](https://prodlint.com)*');
+          fs.writeFileSync('$TMPFILE', lines.join('\n'));
+        "
+        # Use the generated file for the comment step
+        cp "$TMPFILE" /tmp/prodlint-comment.md
+    - name: Post PR comment
+      if: inputs.comment == 'true' && github.event_name == 'pull_request'
+      uses: marocchino/sticky-pull-request-comment@v2
+      with:
+        header: prodlint
+        path: /tmp/prodlint-comment.md
+    - name: Check threshold
+      if: inputs.threshold != '0'
+      shell: bash
+      env:
+        SCAN_SCORE: ${{ steps.scan.outputs.score }}
+        INPUT_THRESHOLD: ${{ inputs.threshold }}
+      run: |
+        SCORE="$SCAN_SCORE"
+        THRESHOLD="$INPUT_THRESHOLD"
+        if [ "$SCORE" -lt "$THRESHOLD" ]; then
+          echo "::error::Prodlint score ($SCORE) is below threshold ($THRESHOLD)"
+          exit 1
+        fi