create-slinkity - npm Package Compare versions

Comparing version 1.0.0 to 1.0.1

cli.js

 #!/usr/bin/env node
-const init = require('initit')
- 
-const [ name ] = process.argv.slice(2)
-// user/repo/path
-const template = 'slinkity/slinkity-starter#chore-prep-for-npm-init/templates'
- 
-init({ name, template })
-  .then(res => {
-    process.exit(0)
+const path = require('path')
+const fs = require('fs')
+const { yellow, red } = require('kolorist')
+const prompts = require('prompts')
+
+const PKG = 'package.json'
+
+;(async () => {
+  let dest = process.argv[2]
+  const promptResponses = await prompts({
+    type: dest ? null : 'text',
+    name: 'dest',
+    message: 'What is your project called?',
+    initial: 'my-slinkity-site',
   })
-  .catch(err => {
-    console.log(err)
-    process.exit(1)
-  })
+  if (!dest) {
+    dest = promptResponses.dest
+  }
+  // if there's no dest provided as a CLI argument OR by a prompt,
+  // they must have ctrl + C'd out of the program
+  if (!dest) process.exit(0)
+
+  console.log('Copying files...')
+
+  const srcRoot = path.join(__dirname, 'templates/react')
+  const destRoot = path.join(process.cwd(), dest)
+  fs.mkdirSync(destRoot)
+
+  // Set package name based on project name
+  const pkg = require(path.join(srcRoot, PKG))
+  pkg.name = toValidPackageName(dest)
+  fs.writeFileSync(path.join(destRoot, PKG), JSON.stringify(pkg, null, 2))
+
+  // Copy all template files to dest
+  // TODO: add "plain" starter alongside "react"
+  const templateFilePaths = fs.readdirSync(srcRoot).filter(filePath => filePath !== PKG)
+  for (const templateFilePath of templateFilePaths) {
+    const src = path.join(srcRoot, templateFilePath)
+    const dest = path.join(destRoot, templateFilePath)
+    copy(src, dest)
+  }
+
+  console.log(`Welcome to your first ${yellow('Slinkity site!')}`)
+  console.log('Step 1: run these commands to install and serve locally 👇')
+  console.log(`yarn
+yarn start`)
+  console.log(`Step 2: ${red('have fun ❤️')}`)
+})()
+
+/**
+   * Util to copy file or file directory to dest
+   * Inspired by https://github.com/vitejs/vite/blob/main/packages/create-vite/index.js
+   * @param {string} src
+   * @param {string} dest
+   */
+ function copy(src, dest) {
+  const stat = fs.statSync(src)
+  if (stat.isDirectory()) {
+    copyDir(src, dest)
+  } else {
+    fs.copyFileSync(src, dest)
+  }
+}
+
+/**
+ * Util to copy file directory to test
+ * Inspired by https://github.com/vitejs/vite/blob/main/packages/create-vite/index.js
+ * @param {string} srcDir 
+ * @param {string} destDir 
+ */
+function copyDir(srcDir, destDir) {
+  fs.mkdirSync(destDir, { recursive: true })
+  for (const file of fs.readdirSync(srcDir)) {
+    const srcFile = path.resolve(srcDir, file)
+    const destFile = path.resolve(destDir, file)
+    copy(srcFile, destFile)
+  }
+}
+
+/**
+ * Util to convert a project name into a valid package name for a package.json
+ * Inspired by https://github.com/vitejs/vite/blob/main/packages/create-vite/index.js
+ * @param {string} projectName 
+ * @returns {string} A valid package name
+ */
+function toValidPackageName(projectName) {
+  return projectName
+    .trim()
+    .toLowerCase()
+    .replace(/\s+/g, '-')
+    .replace(/^[._]/, '')
+    .replace(/[^a-z0-9-~]+/g, '-')
+}

package.json

 {
   "name": "create-slinkity",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "The splendid starter to scaffold your Slinkity site.",
@@ -57,3 +57,4 @@ "main": "cli.js",
   "dependencies": {
-    "initit": "^1.0.0-2",
+    "kolorist": "^1.5.1",
+    "prompts": "^2.4.2",
     "react": "^17.0.2",
@@ -66,2 +67,2 @@ "react-dom": "^17.0.2"
   }
-}
+}

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 10 instances in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 10 instances in 1 package

Improved metrics

Total package byte prevSize

841860

increased by0.3%

Lines of code

176

increased by67.62%

Worsened metrics

Dependency count

4

increased by33.33%

Number of low supply chain risk alerts

2

increased byInfinity%

Number of medium supply chain risk alerts

11

increased by10%

Dependency changes

• + Addedkolorist@^1.5.1

• + Addedprompts@^2.4.2

• + Addedkleur@3.0.3(transitive)

• + Addedkolorist@1.8.0(transitive)

• + Addedprompts@2.4.2(transitive)

• + Addedsisteransi@1.0.5(transitive)

• - Removedinitit@^1.0.0-2

• - Removedarg@2.0.1(transitive)

• - Removedcross-spawn@6.0.6(transitive)

• - Removedfs-extra@6.0.1(transitive)

• - Removedgraceful-fs@4.2.11(transitive)

• - Removedinitit@1.0.0-2(transitive)

• - Removedisexe@2.0.0(transitive)

• - Removedjsonfile@4.0.0(transitive)

• - Removednice-try@1.0.5(transitive)

• - Removedpath-key@2.0.1(transitive)

• - Removedsemver@5.7.2(transitive)

• - Removedshebang-command@1.2.0(transitive)

• - Removedshebang-regex@1.0.0(transitive)

• - Removeduniversalify@0.1.2(transitive)

• - Removedwhich@1.3.1(transitive)