Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@backstage/plugin-todo-backend

Package Overview
Dependencies
Maintainers
3
Versions
902
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@backstage/plugin-todo-backend

A Backstage backend plugin that lets you browse TODO comments in your source code

Source
npmnpm
Version
0.0.0-nightly-20240406021000
Version published
Weekly downloads
285
106.52%
Maintainers
3
Weekly downloads
 
Created
Source

@backstage/plugin-todo-backend

Backend for the @backstage/plugin-todo plugin. Assists in scanning for and listing // TODO comments in source code repositories.

Installation

Install the @backstage/plugin-todo-backend package in your backend packages, and then integrate the plugin using the following default setup for src/plugins/todo.ts:

import { Router } from 'express';
import { CatalogClient } from '@backstage/catalog-client';
import {
  createRouter,
  TodoReaderService,
  TodoScmReader,
} from '@backstage/plugin-todo-backend';
import { PluginEnvironment } from '../types';

export default async function createPlugin(
  env: PluginEnvironment,
): Promise<Router> {
  const todoReader = TodoScmReader.fromConfig(env.config, {
    logger: env.logger,
    reader: env.reader,
  });

  const catalogClient = new CatalogClient({
    discoveryApi: env.discovery,
  });

  const todoService = new TodoReaderService({
    todoReader,
    catalogClient,
  });

  return await createRouter({ todoService });
}

And then add to packages/backend/src/index.ts:

// In packages/backend/src/index.ts
import todo from './plugins/todo';
// ...
async function main() {
  // ...
  const todoEnv = useHotMemoize(module, () => createEnv('todo'));
  // ...
  apiRouter.use('/todo', await todo(todoEnv));

Scanned Files

The included TodoReaderService and TodoScmReader works by getting the entity source location from the catalog.

The location source code is determined automatically. In case of the source code of the component is not in the same place of the entity YAML file, you can explicitly set the value of the backstage.io/source-location annotation of the entity, and if that is missing it falls back to the backstage.io/managed-by-location annotation. Only url locations are currently supported, meaning locally configured file locations won't work. Also note that dot-files and folders are ignored.

Parser Configuration

The TodoScmReader accepts a TodoParser option, which can be used to configure your own parser. The default one is based on Leasot and supports a wide range of languages. You can add to the list of supported tags by configuring your own version of the built-in parser, for example:

import {
  TodoScmReader,
  createTodoParser,
} from '@backstage/plugin-todo-backend';

// ...

const todoReader = TodoScmReader.fromConfig(env.config, {
  logger: env.logger,
  reader: env.reader,
  parser: createTodoParser({
    additionalTags: ['NOTE', 'XXX'],
  }),
});

FAQs

Package last updated on 06 Apr 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique

Research

Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique

A malicious package uses a QR code as steganography in an innovative technique.

By Olivia Brown  -  Sep 22, 2025