@atomist/sdm-pack-fingerprints

Dependencies

Maintainers

Versions

469

Alerts

File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

@atomist/sdm-pack-fingerprints

an Atomist SDM Extension Pack for fingerprinting code

4.0.4

latest

source

npm

Version published: 5 years ago

Weekly downloads: 92; increased by91.67%

Maintainers: 1

Install size: 15.3 MB

Created: 6 years ago

Weekly downloads

Readme

Source

@atomist/sdm-pack-fingerprints

Atomist software delivery machine (SDM) extension pack providing fingerprinting support.

See the Atomist documentation for more information on what SDMs are and what they can do for you using the Atomist API for software.

Features

This pack sets a goal to monitor all git pushes and trackes the following aspects:

leiningen project.clj files are monitored for updates to library dependencies and project version.
maven pom.xml files are monitored for updates to maven library dependencies and version coordinates.
npm package.json files are monitored for updates to module dependencies and package version changes.

This monitoring happens computing a set of fingerprints on every commit. The fingerprints that are computed depend on the type of project. We currently compute fingerprints for maven, clojure, and npm projects.

npm-project-deps, clojure-project-deps, and maven-project-deps
npm-project-coordinates, clojure-project-coordinates, maven-project-coordinates

When a new fingerprint is computed, we can drive interesting behaviors such as:

check whether a library is up to date with a set of team-wide goals and offer to push a PR if not
check whether a new version of a library is available and check whether consumers need to update to this new version

Usage

Make the following updates to your machine:

Add the imports and create a Goal to represent dependency fingerprinting

import { fingerprintSupport } from "@atomist/sdm-pack-fingerprints";
import { Fingerprint } from "@atomist/sdm";

// create a goal to fingerprint all new Pushes
export FingerprintGoal = new Fingerprint();

Enable the FingerprintGoal for some push rules. Normally, this is done as part of creating your machine:

    // there will usually be more than one Push rule here
    const sdm = createSoftwareDeliveryMachine({
            ...config
        },
        whenPushSatisfies(IsLein)
            .itMeans("fingerprint a clojure project")
            .setGoals(FingerprintGoal));

Add the pack to your new sdm definition:

There'll be some new imports:

import {
    fingerprintSupport,
    forFingerprints,
    renderDiffSnippet,
    depsFingerprints,
    logbackFingerprints,
    renderData,
    applyFingerprint,
    FP,
} from "@atomist/sdm-pack-fingerprints";

and then you'll have to add the extension pack to your machine definition:

    // add this pack to your SDM
    sdm.addExtensionPacks(
        fingerprintSupport(
            FingerprintGoal,
            async (p: GitProject) => {
                // COMPUTE fingerprints: called on every Push
                return depsFingerprints(p.baseDir);
            },
            async (p: GitProject, fp: FP) => {
                // APPLY fingerprint to Project (currently only through user actions in chat)
                return applyFingerprint(p.baseDir, fp);
            },
            {
                selector: forFingerprints("backpack-react-scripts"),
                handler: async (ctx, diff) => {
                    // HANDLE new fingerprint (even if it hasn't changed in this push)
                    return checkFingerprintTargets(ctx, diff);
                },
                diffHandler: async (ctx, diff) => {
                    // HANDLE new fingerprint (only when the fingerprint sha is updated)
                    return renderDiffSnippet(ctx, diff);
                },
            },
        ),
    )

In the example above, we have a module which computes a set of fingerprints on every Push (one of them is named backpack-react-scripts). The pack also notices if a newly computed fingerprint has either changed, or is different from a goal state. It will then present the user with options to do things like:

set new targets
update a project to be in sync with a target fingerprint
apply a fingerprint to a project for the first time
broadcast a message to all projects out of sync with the fingerprint

Support

General support questions should be discussed in the #support channel in the Atomist community Slack workspace.

If you find a problem, please create an issue.

Development

You will need to install node to build and test this project.

Build and test

Use the following package scripts to build, test, and perform other development tasks.

Command	Reason
`npm install`	install project dependencies
`npm run build`	compile, test, lint, and generate docs
`npm run lint`	run TSLint against the TypeScript
`npm run compile`	generate types from GraphQL and compile TypeScript
`npm test`	run tests
`npm run autotest`	run tests every time a file changes
`npm run clean`	remove files generated during build

Release

Releases are handled via the Atomist SDM. Just press the 'Approve' button in the Atomist dashboard or Slack.

Created by Atomist. Need Help? Join our Slack workspace.

Keywords

FAQs

What is @atomist/sdm-pack-fingerprints?

Is @atomist/sdm-pack-fingerprints popular?

Is @atomist/sdm-pack-fingerprints well maintained?

Last updated on 09 Aug 2019

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install