normalize-package-data - npm Package Compare versions

Comparing version 0.0.1 to 0.0.3

lib/fixer.js

@@ -113,2 +113,16 @@ var semver = require("semver")
   }
+  
+, fixBugsField: function(data) {
+    var url
+    if (!data.bugs && data.repository && data.repository.url) {
+      url = data.repository.url
+      // inference below was taken from code for "npm bugs" command
+      if (url.match(/^(https?:\/\/|git(:\/\/|@))github.com/)) {
+        url = url.replace(/^git(@|:\/\/)/, "https://")
+                 .replace(/^https?:\/\/github.com:/, "https://github.com/")
+                 .replace(/\.git$/, '')+"/issues"
+        data.bugs = {url: url}
+      }
+    }    
+  }
 }
@@ -115,0 +129,0 @@

lib/normalize.js

@@ -7,3 +7,3 @@ module.exports = normalize
 var fieldsToFix = ['name','version','description','repository'
-                  ,'files','bin','man','keywords','readme']
+                  ,'files','bin','man','bugs','keywords','readme']
 var otherThingsToFix = ['dependencies','people']
@@ -10,0 +10,0 @@

package.json

 {
   "name": "normalize-package-data",
-  "version": "0.0.1",
+  "version": "0.0.3",
   "author": "Meryn Stol <merynstol@gmail.com>",
@@ -18,4 +18,5 @@ "description": "Normalizes data that can be found in package.json files.",
   "devDependencies": {
-    "tap": "~0.2.5"
+    "tap": "~0.2.5",
+    "underscore": "~1.4.4"
   }
 }

test/basic.js

@@ -1,45 +0,34 @@
-// vim: set softtabstop=16 shiftwidth=16:
 var tap = require("tap")
-var readJson = require("../")
+var normalize = require("../lib/normalize")
 var path = require("path")
 var fs = require("fs")
-var readme = fs.readFileSync(path.resolve(__dirname, "../README.md"), "utf8")
-var package = require("../package.json")
-var isGit
-try {
-                fs.readFileSync(path.resolve(__dirname, '../.git/HEAD'));
-                isGit = true
-} catch (e) {
-                isGit = false
-}
 
-console.error("basic test")
 tap.test("basic test", function (t) {
-                var p = path.resolve(__dirname, "../package.json")
-                readJson(p, function (er, data) {
-                                if (er) throw er;
-                                basic_(t, data)
-                })
+  var p = path.resolve(__dirname, "./fixtures/read-package-json.json")
+  fs.readFile (p, function (err, contents) {
+    if (err) throw err;
+    var originalData = JSON.parse(contents.toString())
+    var data = JSON.parse(contents.toString())
+    normalize(data)
+    t.ok(data)
+    verifyFields(t, data, originalData)
+    t.end()
+  })
 })
-function basic_ (t, data) {
-                t.ok(data)
-                t.equal(data.version, package.version)
-                t.equal(data._id, data.name + "@" + data.version)
-                t.equal(data.name, package.name)
-                t.type(data.author, "object")
-                t.equal(data.readme, readme)
-                t.deepEqual(data.scripts, package.scripts)
-                t.equal(data.main, package.main)
-                t.equal(data.readmeFilename, 'README.md')
 
-                if (isGit) t.similar(data.gitHead, /^[a-f0-9]{40}$/);
-
-                // optional deps are folded in.
-                t.deepEqual(data.optionalDependencies,
-                            package.optionalDependencies)
-                t.has(data.dependencies, package.optionalDependencies)
-                t.has(data.dependencies, package.dependencies)
-
-                t.deepEqual(data.devDependencies, package.devDependencies)
-                t.end()
+function verifyFields (t, normalized, original) {
+  t.equal(normalized.version, original.version, "Version field stays same")
+  t.equal(normalized._id, normalized.name + "@" + normalized.version, "It gets good id.")
+  t.equal(normalized.name, original.name, "Name statys same.")
+  t.type(normalized.author, "object", "author field becomes object")
+  t.deepEqual(normalized.scripts, original.scripts, "scripts field (object) stays same")
+  t.equal(normalized.main, original.main)
+  // optional deps are folded in.
+  t.deepEqual(normalized.optionalDependencies,
+              original.optionalDependencies)
+  t.has(normalized.dependencies, original.optionalDependencies, "opt depedencies are copied into dependencies")
+  t.has(normalized.dependencies, original.dependencies, "regular depedencies stay in place")
+  t.deepEqual(normalized.devDependencies, original.devDependencies)
+  t.type(normalized.bugs, "object", "bugs should become object")
+  t.equal(normalized.bugs.url, "https://github.com/isaacs/read-package-json/issues")
 }

Fixed alerts

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

5

decreased by-16.67%

Worsened metrics

Total package byte prevSize

13716

decreased by-12.21%

Dev dependency count

2

increased by100%

Number of package files

12

decreased by-7.69%

Lines of code

400

decreased by-14.71%

No dependency changes