dependency-lint - npm Package Compare versions

Comparing version 3.0.0 to 3.1.0

CHANGELOG.md

 # Changelog
 
+### 3.1.0 (2016-02-13)
+
+* check that each module listed in `package.json` is installed with the correct semantic version
+
+---
 ### 3.0.0 (2016-02-09)
@@ -4,0 +9,0 @@

dist/linter/index.js

 (function() {
-  var DependencyLinter, Linter, ListedModuleFinder, UsedModuleFinder, async, asyncHandlers;
+  var DependencyLinter, InstalledModuleValidater, Linter, UsedModuleFinder, _, fsExtra, path;
 
-  async = require('async');
+  _ = require('lodash');
 
-  asyncHandlers = require('async-handlers');
-
   DependencyLinter = require('./dependency_linter');
 
-  ListedModuleFinder = require('./listed_module_finder');
+  fsExtra = require('fs-extra');
 
+  InstalledModuleValidater = require('./installed_module_validator');
+
+  path = require('path');
+
   UsedModuleFinder = require('./used_module_finder');
@@ -17,3 +19,3 @@
       this.dependencyLinter = new DependencyLinter(config);
-      this.listedModuleFinder = new ListedModuleFinder;
+      this.installedModuleValidater = new InstalledModuleValidater;
       this.usedModuleFinder = new UsedModuleFinder(config);
@@ -23,16 +25,49 @@ }
     Linter.prototype.lint = function(dir, done) {
-      return async.parallel({
-        listedModules: (function(_this) {
-          return function(next) {
-            return _this.listedModuleFinder.find(dir, next);
-          };
-        })(this),
-        usedModules: (function(_this) {
-          return function(next) {
-            return _this.usedModuleFinder.find(dir, next);
-          };
-        })(this)
-      }, asyncHandlers.transform(this.dependencyLinter.lint, done));
+      return this.readPackageJson(dir, (function(_this) {
+        return function(err, packageJson) {
+          if (err) {
+            return done(err);
+          }
+          return _this.installedModuleValidater.validate({
+            dir: dir,
+            packageJson: packageJson
+          }, function(err) {
+            if (err) {
+              return done(err);
+            }
+            return _this.usedModuleFinder.find({
+              dir: dir,
+              packageJson: packageJson
+            }, function(err, usedModules) {
+              var listedModules, result;
+              if (err) {
+                return done(err);
+              }
+              listedModules = _this.getListedModules(packageJson);
+              result = _this.dependencyLinter.lint({
+                listedModules: listedModules,
+                usedModules: usedModules
+              });
+              return done(null, result);
+            });
+          });
+        };
+      })(this));
     };
 
+    Linter.prototype.readPackageJson = function(dir, done) {
+      var filePath;
+      filePath = path.join(dir, 'package.json');
+      return fsExtra.readJson(filePath, done);
+    };
+
+    Linter.prototype.getListedModules = function(packageJson) {
+      var result;
+      result = {};
+      ['dependencies', 'devDependencies'].forEach(function(value) {
+        return result[value] = _.keys(packageJson[value]);
+      });
+      return result;
+    };
+
     return Linter;
@@ -39,0 +74,0 @@

dist/linter/used_module_finder/executed_module_finder.js

@@ -23,12 +23,8 @@ (function() {
 
-    ExecutedModulesFinder.prototype.find = function(dir, done) {
-      var callback, dependencies, devDependencies, ref, scripts;
-      ref = require(path.join(dir, 'package.json')), scripts = ref.scripts, dependencies = ref.dependencies, devDependencies = ref.devDependencies;
-      if (!scripts) {
-        scripts = {};
-      }
+    ExecutedModulesFinder.prototype.find = function(arg, done) {
+      var callback, dir, packageJson, scripts;
+      dir = arg.dir, packageJson = arg.packageJson;
+      scripts = packageJson.scripts || {};
       callback = (function(_this) {
-        return function(arg) {
-          var _, moduleExecutables;
-          _ = arg[0], moduleExecutables = arg[1];
+        return function(moduleExecutables) {
           return _this.findModuleExecutableUsage({
@@ -40,44 +36,5 @@ moduleExecutables: moduleExecutables,
       })(this);
-      return async.parallel([
-        (function(_this) {
-          return function(next) {
-            var modulesListed;
-            modulesListed = _.keys(dependencies).concat(_.keys(devDependencies));
-            return _this.ensureAllModulesInstalled({
-              dir: dir,
-              modulesListed: modulesListed
-            }, next);
-          };
-        })(this), (function(_this) {
-          return function(next) {
-            return _this.getModuleExecutables(dir, next);
-          };
-        })(this)
-      ], asyncHandlers.transform(callback, done));
+      return this.getModuleExecutables(dir, asyncHandlers.transform(callback, done));
     };
 
-    ExecutedModulesFinder.prototype.ensureAllModulesInstalled = function(arg, done) {
-      var callback, dir, iterator, missing, modulesListed;
-      dir = arg.dir, modulesListed = arg.modulesListed;
-      missing = [];
-      iterator = function(moduleName, next) {
-        return fs.access(path.join(dir, 'node_modules', moduleName), function(err) {
-          if (err) {
-            missing.push(moduleName);
-          }
-          return next();
-        });
-      };
-      callback = function(err) {
-        if (err) {
-          return done(err);
-        }
-        if (missing.length === 0) {
-          return done();
-        }
-        return done(new Error("The following modules are listed in your `package.json` but are not installed.\n  " + (missing.join('\n  ')) + "\nAll modules need to be installed to properly check for the usage of a module's executables."));
-      };
-      return async.each(modulesListed, iterator, callback);
-    };
-
     ExecutedModulesFinder.prototype.findInScript = function(script, moduleExecutables) {
@@ -84,0 +41,0 @@ var executable, executables, i, len, moduleName, result;

dist/linter/used_module_finder/index.js

@@ -23,3 +23,5 @@ (function() {
 
-    UsedModuleFinder.prototype.find = function(dir, done) {
+    UsedModuleFinder.prototype.find = function(arg, done) {
+      var dir, packageJson;
+      dir = arg.dir, packageJson = arg.packageJson;
       return async.parallel([
@@ -32,3 +34,6 @@ (function(_this) {
           return function(next) {
-            return _this.executedModuleFinder.find(dir, next);
+            return _this.executedModuleFinder.find({
+              dir: dir,
+              packageJson: packageJson
+            }, next);
           };
@@ -35,0 +40,0 @@ })(this)

package.json

 {
   "name": "dependency-lint",
-  "version": "3.0.0",
+  "version": "3.1.0",
   "description": "Lints npm dependencies and devDependencies",
@@ -47,3 +47,3 @@ "main": "index.js",
     "gulp-coffee": "^2.3.1",
-    "mycha": "^1.0.0",
+    "mycha": "^2.0.0",
     "sinon": "^1.14.1",
@@ -60,6 +60,7 @@ "sinon-chai": "^2.8.0",
     "fs-extra": "^0.26.2",
-    "glob": "^6.0.1",
+    "glob": "^7.0.0",
     "js-yaml": "^3.3.1",
     "lodash": "^4.2.1",
-    "minimatch": "^3.0.0"
+    "minimatch": "^3.0.0",
+    "semver": "^5.1.0"
   },
@@ -66,0 +67,0 @@ "files": [

Fixed alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

40589

increased by7.02%

Number of package files

18

increased by5.88%

Lines of code

850

increased by9.68%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dependency count

11

increased by10%

Number of low supply chain risk alerts

9

increased by28.57%

Dependency changes

• + Addedsemver@^5.1.0

• + Addedsemver@5.7.2(transitive)

• - Removedglob@6.0.4(transitive)

• Updatedglob@^7.0.0