ci-npm-update - npm Package Compare versions

Comparing version 0.8.0 to 0.9.0

lib/index.js

 "use strict";
 const shrink_wrap_1 = require("./shrink_wrap");
+const npm_config_1 = require("./npm_config");
 const Issue = require("./issue");
@@ -92,3 +93,4 @@ const github = require("./github");
     }).then((compareViewList) => {
-        const issue = Issue.createBody(compareViewList);
+        return Issue.createBody(compareViewList, npm_config_1.NpmConfig.readFromFile());
+    }).then((issue) => {
         console.log(issue);
@@ -95,0 +97,0 @@ console.log("");

lib/issue.d.ts

 import { GitHubCompareView } from "./compare_view";
-export declare function createBody(list: GitHubCompareView[]): string;
+import { NpmConfig } from "./npm_config";
+export declare function createBody(list: GitHubCompareView[], npmConfigPromise: Promise<NpmConfig>): Promise<string>;

lib/issue.js

 // to file an issue from a package info list
 "use strict";
 const SIGNATURE = "[ci-npm-update](https://github.com/gfx/ci-npm-update)";
-function createBody(list) {
-    let s = "## Updaing Dependencies\n\n";
-    list.forEach((p) => {
-        if (p.hasDiffUrl()) {
-            s += `* ${p.name}: [${p.getVersionRange()}](${p.getDiffUrl()})\n`;
+function createBody(list, npmConfigPromise) {
+    return npmConfigPromise.then((npmConfig) => {
+        const map = new Map();
+        list.forEach((item) => {
+            map.set(item.name, item);
+        });
+        let s = "";
+        const dependencyNames = Object.keys(npmConfig.dependencies);
+        if (dependencyNames.length !== 0) {
+            const head = "# Dependencies declared in package.json\n\n";
+            let section = "";
+            dependencyNames.forEach((name) => {
+                const compareView = map.get(name);
+                if (compareView) {
+                    section += compareViewToMarkdown(compareView);
+                    map.delete(name);
+                }
+            });
+            if (section) {
+                s += head + section;
+            }
         }
-        else if (p.hasRepositoryUrl()) {
-            s += `* ${p.name} ${p.getRepositoryUrl()}\n`;
+        const devDependencyNames = Object.keys(npmConfig.devDependencies);
+        if (devDependencyNames.length !== 0) {
+            const head = "# DevDependencies declared in package.json\n\n";
+            let section = "";
+            devDependencyNames.forEach((name) => {
+                const compareView = map.get(name);
+                if (compareView) {
+                    section += compareViewToMarkdown(compareView);
+                    map.delete(name);
+                }
+            });
+            if (section) {
+                s += head + section;
+            }
         }
+        if (map.size !== 0) {
+            const head = "## Dependencies not declared in package.json\n\n";
+            let section = "";
+            list.forEach((c) => {
+                const compareView = map.get(c.name);
+                if (compareView) {
+                    section += compareViewToMarkdown(compareView);
+                }
+            });
+            if (section) {
+                s += head + section;
+            }
+        }
+        s += "\n\n";
+        s += "Powered by " + SIGNATURE;
+        return s;
     });
-    s += "\n\n";
-    s += "Powered by " + SIGNATURE;
-    return s;
 }
 exports.createBody = createBody;
+function compareViewToMarkdown(c) {
+    if (c.hasDiffUrl()) {
+        return `* ${c.name}: [${c.getVersionRange()}](${c.getDiffUrl()})\n`;
+    }
+    else if (c.hasRepositoryUrl()) {
+        return `* ${c.name} ${c.getRepositoryUrl()}\n`;
+    }
+}
 //# sourceMappingURL=issue.js.map

lib/npm_config.d.ts

 export declare class NpmConfig {
+    static readFromFile(packageJsonFile?: string): Promise<NpmConfig>;
     static getFromRegistry(name: string, version: string): Promise<NpmConfig>;
@@ -9,6 +10,12 @@ name: string;
     };
-    dependencies: Map<string, string>;
-    devDependencies: Map<string, string>;
-    peerDependencies: Map<string, string>;
+    dependencies: {
+        string: string;
+    };
+    devDependencies: {
+        string: string;
+    };
+    peerDependencies: {
+        string: string;
+    };
     constructor(json: any);
 }

lib/npm_config.js

 "use strict";
 const request = require("request");
+const fs = require("fs");
 const REGISTRY_ENDPOINT = "http://registry.npmjs.org";
@@ -8,11 +9,23 @@ class NpmConfig {
         if (!this.dependencies) {
-            this.dependencies = new Map();
+            this.dependencies = {};
         }
         if (!this.devDependencies) {
-            this.devDependencies = new Map();
+            this.devDependencies = {};
         }
         if (!this.peerDependencies) {
-            this.peerDependencies = new Map();
+            this.peerDependencies = {};
         }
     }
+    static readFromFile(packageJsonFile = "package.json") {
+        return new Promise((resolve, reject) => {
+            fs.readFile(packageJsonFile, "utf8", (err, data) => {
+                if (err) {
+                    reject(err);
+                }
+                else {
+                    resolve(new NpmConfig(JSON.parse(data)));
+                }
+            });
+        });
+    }
     static getFromRegistry(name, version) {
@@ -19,0 +32,0 @@ return new Promise((resolve, _reject) => {

package.json

 {
   "name": "ci-npm-update",
-  "version": "0.8.0",
+  "version": "0.9.0",
   "description": "Keep NPM dependencies up-to-date with CI, providing version-to-version diff for each library",
@@ -5,0 +5,0 @@ "repository": {

README.md

 # ci-npm-update [![CircleCI](https://circleci.com/gh/gfx/ci-npm-update.svg?style=svg)](https://circleci.com/gh/gfx/ci-npm-update)
 
-This command keeps npm dependencies up-to-date with CI.
+This command keeps npm dependencies up-to-date, making pull-requests from CI.
 
+For example: https://github.com/gfx/ci-npm-update/pull/13
+
 # Usage
@@ -6,0 +8,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

145447

increased by261.68%

Number of package files

84

increased by189.66%

Lines of code

1764

increased by187.77%

Number of lines in readme file

67

increased by3.08%

Worsened metrics

Number of low supply chain risk alerts

13

increased by225%

Number of medium supply chain risk alerts

3

increased by50%

No dependency changes