coleslaw - npm Package Compare versions

Comparing version 0.0.0 to 0.0.1

package.json

 {
   "name": "coleslaw",
-  "version": "0.0.0",
+  "version": "0.0.1",
   "description": "",
   "main": "index.js",
+  "bin": {
+    "coleslaw": "./bin/coleslaw"
+  },
   "scripts": {
@@ -18,3 +21,14 @@ "test": "echo \"Error: no test specified\" && exit 1"
   },
-  "homepage": "https://github.com/justinmchase/coleslawjs#readme"
+  "homepage": "https://github.com/justinmchase/coleslawjs#readme",
+  "dependencies": {
+    "async": "^1.5.2",
+    "debug": "^2.2.0",
+    "ohm-js": "^0.10.0"
+  },
+  "devDependencies": {
+    "chai": "^3.5.0",
+    "gulp": "^3.9.1",
+    "mocha": "^2.4.5",
+    "sinon": "^1.17.4"
+  }
 }

README.md

@@ -1,1 +0,80 @@
-# coleslaw
+# Coleslaw
+
+Coleslaw is a Domain Specific Language (DSL) and related tools, for designing and creating Models.
+
+## Installing
+```bash
+$ npm install coleslaw --save
+```
+
+## Usage
+This library has 2 main apis:
+- Model compilation
+- Model building
+
+The compilation step converts your model code into into model definition objects. Next you pass these model definitions into builders.
+
+This library also contains the main Model builder.
+
+### Author a model
+```javascript
+// example.cls
+model Example {
+    field auto id eid: string
+    field name: string
+
+    validate eid: uuid
+    validate name: alphanum, required
+
+    authorize allow ? update
+
+    child tests: Test // 1:Many relationship with the Test model
+}
+
+module.exports = Example
+```
+
+The coleslaw language inherits from ecmascript 5. Which means that it _is_ ecmascript with the addition of the `model` statement.
+
+### Compile your model
+During your build process, or at runtime, you can compile a model into javascript which can then be `require`d or `eval`'d.
+```javascript
+var fs = require('fs')
+var path = require('path')
+var coleslaw = require('coleslaw')
+
+coleslaw.compile(fs.readFileSync(path.join(__dirname, 'example.cls'), 'utf8'), (err, code) => {
+    if (err) throw err
+    eval(code)
+})
+```
+
+The resulting code is a plain javascript object representing the model described. This model can be used by various coleslaw builders.
+
+### Build your model definitions into Models
+The default model builder can be used to generate Model instances from model defintions. Model instances have standard CRUD (create, retrieve, update, delete) functionality.
+
+```javascript
+model Example {
+    field value: string
+}
+
+var ExampleModel = coleslaw.build(Example, options) // Example is the model definition
+var instance = new ExampleModel({ value: 'test' })  // from an existing object
+instance.set('value', 'success')                    // update a field value
+instance.save()                                     // Calls dataAccess.update()
+```
+
+In this case we are using the `coleslaw.build` example to create a Model type from the Example model definition. Next we can create an instance of ExampleModel and do basic CRUD operations. The model keeps track of the state of the object.
+
+## Model features
+- fields
+- relationships
+- validation rules
+- authorization rules
+- access rules
+
+## Model Builders
+- [coleslaw-express](http://npmjs.org/package/coleslaw-express)
+- [coleslaw-dynamo](http://npmjs.org/package/coleslaw-dynamo)
+- [coleslaw-angular](http://npmjs.org/package/coleslaw-angular)

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

23997

increased by2333.77%

Number of package files

62

increased by1140%

Lines of code

224

increased byInfinity%

Number of lines in readme file

81

increased by8000%

Worsened metrics

Dependency count

3

increased byInfinity%

Dev dependency count

4

increased byInfinity%

Number of low supply chain risk alerts

3

increased byInfinity%

Number of medium supply chain risk alerts

3

increased by50%

Dependency changes

• + Addedasync@^1.5.2

• + Addeddebug@^2.2.0

• + Addedohm-js@^0.10.0

• + Addedasync@1.5.2(transitive)

• + Addedd@0.1.11.0.2(transitive)

• + Addeddebug@2.6.9(transitive)

• + Addedes5-ext@0.10.64(transitive)

• + Addedes6-iterator@2.0.3(transitive)

• + Addedes6-symbol@2.0.13.1.4(transitive)

• + Addedesniff@2.0.1(transitive)

• + Addedevent-emitter@0.3.5(transitive)

• + Addedext@1.7.0(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedis-buffer@1.1.6(transitive)

• + Addedms@2.0.0(transitive)

• + Addednext-tick@1.1.0(transitive)

• + Addedohm-js@0.10.0(transitive)

• + Addedtype@2.7.3(transitive)

• + Addedutil-extend@1.0.3(transitive)