🚀 DAY 5 OF LAUNCH WEEK: Introducing Socket Firewall Enterprise.Learn more →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@backstage/plugin-todo-backend

Package Overview
Dependencies
Maintainers
3
Versions
902
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@backstage/plugin-todo-backend

A Backstage backend plugin that lets you browse TODO comments in your source code

Source
npmnpm
Version
0.0.0-nightly-20240403021132
Version published
Maintainers
3
Created
Source

@backstage/plugin-todo-backend

Backend for the @backstage/plugin-todo plugin. Assists in scanning for and listing // TODO comments in source code repositories.

Installation

Install the @backstage/plugin-todo-backend package in your backend packages, and then integrate the plugin using the following default setup for src/plugins/todo.ts:

import { Router } from 'express';
import { CatalogClient } from '@backstage/catalog-client';
import {
  createRouter,
  TodoReaderService,
  TodoScmReader,
} from '@backstage/plugin-todo-backend';
import { PluginEnvironment } from '../types';

export default async function createPlugin(
  env: PluginEnvironment,
): Promise<Router> {
  const todoReader = TodoScmReader.fromConfig(env.config, {
    logger: env.logger,
    reader: env.reader,
  });

  const catalogClient = new CatalogClient({
    discoveryApi: env.discovery,
  });

  const todoService = new TodoReaderService({
    todoReader,
    catalogClient,
  });

  return await createRouter({ todoService });
}

And then add to packages/backend/src/index.ts:

// In packages/backend/src/index.ts
import todo from './plugins/todo';
// ...
async function main() {
  // ...
  const todoEnv = useHotMemoize(module, () => createEnv('todo'));
  // ...
  apiRouter.use('/todo', await todo(todoEnv));

Scanned Files

The included TodoReaderService and TodoScmReader works by getting the entity source location from the catalog.

The location source code is determined automatically. In case of the source code of the component is not in the same place of the entity YAML file, you can explicitly set the value of the backstage.io/source-location annotation of the entity, and if that is missing it falls back to the backstage.io/managed-by-location annotation. Only url locations are currently supported, meaning locally configured file locations won't work. Also note that dot-files and folders are ignored.

Parser Configuration

The TodoScmReader accepts a TodoParser option, which can be used to configure your own parser. The default one is based on Leasot and supports a wide range of languages. You can add to the list of supported tags by configuring your own version of the built-in parser, for example:

import {
  TodoScmReader,
  createTodoParser,
} from '@backstage/plugin-todo-backend';

// ...

const todoReader = TodoScmReader.fromConfig(env.config, {
  logger: env.logger,
  reader: env.reader,
  parser: createTodoParser({
    additionalTags: ['NOTE', 'XXX'],
  }),
});

FAQs

Package last updated on 03 Apr 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Introducing Socket Firewall Enterprise: Flexible, Configurable Protection for Modern Package Ecosystems

Product

Introducing Socket Firewall Enterprise: Flexible, Configurable Protection for Modern Package Ecosystems

Socket Firewall Enterprise is now available with flexible deployment, configurable policies, and expanded language support.

By Bradley Meck Farias, Dale Bustad  -  Oct 24, 2025
Introducing GitHub Actions Scanning Support

Product

Introducing GitHub Actions Scanning Support

Detect malware, unsafe data flows, and license issues in GitHub Actions with Socket’s new workflow scanning support.

By Rakesh Chatrath, Greg Tystahl  -  Oct 23, 2025