@fast-check/packaged
Advanced tools
Utility package removing any files that will not be part of the final bundle
@fast-check/packagedUtility package removing any files that will not be part of the final bundle published to npm registry
When publishing packages to npm registry, it is quite easy to forget about some files. It also happens many times that we want somehow to check the packaged bundle in some of our tests but totally forget that some files have not been added to the bundle and so that the final user will actually never be able to run this code.
This package mostly try to prevent this issue. It can easily be used in monorepos to emulate the bundled package when used against other packages of the monorepo to make sure others do not depend on internals or non published stuff.
Run the following command at the root of your package to drop any file that will not make it in the final bundle published to npm.
# With npm
npx -p @fast-check/packaged packaged
# With pnpm
pnpm --package=@fast-check/packaged dlx packaged
# With yarn
yarn dlx -p @fast-check/packaged packaged
⚠️ You may want to try with --dry-run flag first to give it a try.
It also comes with some extra flags:
--dry-run: do not drop any file or directory from the file system and only print what would have been removed--keep-node-modules: keep the node_modules directory if any at the root of the directoryimport { computePublishedFiles, removeNonPublishedFiles } from '@fast-check/packaged';
// Compute the list of all files that would be part of the bundle
// if we attempted to publish the packge defined at .
const publishedFilesRoot = await computePublishedFiles('.');
// Compute the list of all files that would be part of the bundle
// if we attempted to publish the packge defined at ./sub-directory
const publishedFilesSubDirectory = await computePublishedFiles('./sub-directory');
// Run the deletion of unwanted files
const { kept, removed } = await removeNonPublishedFiles('.', { dryRun: false, keepNodeModules: false });
// kept and removed are arrays of strings
// they may contain files or directories
| @fast-check/packaged | node |
|---|---|
| 0.2.x | ≥16.14.0(3) |
| 0.1.x | ≥16.14.0(2) |
| 0.0.x | ≥14.17.0(1) |
pacote@^15.0.0 internally, we have to align with its requirements: ^14.17.0 || ^16.13.0 || >=18.0.0.pacote@^17.0.0: ^16.14.0 || >=18.0.0.pacote@^17.0.0 which is one of the dependencies of @npmcli/arborist.FAQs
Utility package removing any files that will not be part of the final bundle
We found that @fast-check/packaged demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Malicious update to @ctrl/tinycolor on npm is part of a supply-chain attack hitting 40+ packages across maintainers
Security News
pnpm's new minimumReleaseAge setting delays package updates to prevent supply chain attacks, with other tools like Taze and NCU following suit.
Security News
The Rust Security Response WG is warning of phishing emails from rustfoundation.dev targeting crates.io users.