remake - npm Package Compare versions

Comparing version 0.0.1 to 0.5.0

index.js

@@ -1,3 +0,64 @@
-module.exports = {
-    middleware: require('./lib/middleware')
-};
+const fs = require("fs");
+const path = require('path');
+const shell = require('shelljs');
+const program = require('commander');
+const ncp = require('ncp');
+const boxen = require('boxen');
+const chalk = require('chalk');
+const { getSuccessMessage } = require('./utils/get-success-message');
+const { getVariablesEnvFileText } = require('./utils/get-variables-env-file-text');
+const { version } = require('./package.json');
+let ncpOptions = {clobber: false, dereference: false, stopOnErr: true};
+let boxenOptions = {padding: 3, margin: 1, borderStyle: 'double', borderColor: 'green'};
+
+program.version("v" + version);
+
+program
+  .option('create <project-dir>', 'Generate a new Remake project');
+
+
+module.exports = () => {
+  program.parse(process.argv);
+
+  let projectDir = program.create;
+
+  if (projectDir) {
+
+    let bundlePath = path.join(__dirname, "bundle");
+    let newProjectDirPath = path.join(process.cwd(), projectDir);
+
+    if (fs.existsSync(newProjectDirPath)) {
+      console.log(chalk.bgRed("Error: Cannot write to a directory that already exists"));
+      return;
+    }
+
+    // STEP 1
+    console.log(chalk.bgGreen("(1/3) Creating new project"));
+
+    ncp(bundlePath, newProjectDirPath, ncpOptions, function (err) {
+
+      if (err) {
+        console.log(chalk.bgRed("Error: Couldn't create new project files"));
+        return;
+      }
+
+      // STEP 2
+      console.log(chalk.bgGreen("(2/3) Installing npm dependencies"));
+      shell.cd(newProjectDirPath);
+      shell.exec("npm install");
+
+      // STEP 3
+      console.log(chalk.bgGreen("(3/3) Setting up variables.env"));
+      fs.writeFile(path.join(newProjectDirPath, "variables.env"), getVariablesEnvFileText(), function (err) {
+        if (err) {
+          console.log(chalk.bgRed("Error: Couldn't create variables.env file"));
+          return;
+        }
+      
+        // SUCCESS!!
+        console.log(boxen(getSuccessMessage(projectDir), boxenOptions));
+      });
+
+    });
+  }
+}

package.json

 {
-    "author": "Manuel Stofer",
-    "name": "remake",
-    "description": "Make over http with auto reload",
-    "version": "0.0.1",
-    "repository": {
-        "type": "git"
-    },
-    "engines": {
-        "node": "*"
-    },
-    "dependencies": {
-            "connect": "*",
-            "underscore": "*",
-            "socket.io": "*",
-            "commander": "*"
-    },
-    "bin": {
-        "remake": "bin/remake.js"
-    },
-    "devDependencies": {},
-    "optionalDependencies": {}
+  "name": "remake",
+  "version": "0.5.0",
+  "description": "Generate a full-stack Remake web app",
+  "license": "MIT",
+  "homepage": "https://www.remaketheweb.com",
+  "repository": {
+    "type": "git",
+    "url": ""
+  },
+  "engines": {
+    "node": ">=8"
+  },
+  "keywords": [
+    "web app",
+    "generator",
+    "framework"
+  ],
+  "preferGlobal": true,
+  "bin": {
+    "remake": "bin/remake"
+  },
+  "scripts": {},
+  "devDependencies": {},
+  "dependencies": {
+    "boxen": "^4.1.0",
+    "chalk": "^2.4.2",
+    "commander": "^3.0.0",
+    "nanoid": "^2.0.3",
+    "ncp": "^2.0.0",
+    "shelljs": "^0.8.3"
+  }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

Wildcard dependency

Quality

Package has a dependency with a floating version range. This can cause issues if the dependency publishes a new major version.

Found 4 instances in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No License Found

License

(Experimental) License information could not be found.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

529507

increased by8830.8%

Number of package files

76

increased by590.91%

Number of low license alerts

0

decreased by-100%

Lines of code

13019

increased by15216.47%

Number of medium maintenance alerts

0

decreased by-100%

Number of low quality alerts

1

decreased by-50%

Number of medium quality alerts

1

decreased by-80%

Number of lines in readme file

53

increased by20.45%

Worsened metrics

Dependency count

6

increased by50%

Number of low maintenance alerts

2

increased by100%

Number of low supply chain risk alerts

5

increased by150%

Number of medium supply chain risk alerts

4

increased by100%

Dependency changes

• + Addedboxen@^4.1.0

• + Addedchalk@^2.4.2

• + Addednanoid@^2.0.3

• + Addedncp@^2.0.0

• + Addedshelljs@^0.8.3

• + Addedansi-align@3.0.1(transitive)

• + Addedansi-regex@5.0.1(transitive)

• + Addedansi-styles@3.2.14.3.0(transitive)

• + Addedbalanced-match@1.0.2(transitive)

• + Addedboxen@4.2.0(transitive)

• + Addedbrace-expansion@1.1.11(transitive)

• + Addedcamelcase@5.3.1(transitive)

• + Addedchalk@2.4.23.0.0(transitive)

• + Addedcli-boxes@2.2.1(transitive)

• + Addedcolor-convert@1.9.32.0.1(transitive)

• + Addedcolor-name@1.1.31.1.4(transitive)

• + Addedcommander@3.0.2(transitive)

• + Addedconcat-map@0.0.1(transitive)

• + Addedemoji-regex@8.0.0(transitive)

• + Addedescape-string-regexp@1.0.5(transitive)

• + Addedfs.realpath@1.0.0(transitive)

• + Addedfunction-bind@1.1.2(transitive)

• + Addedglob@7.2.3(transitive)

• + Addedhas-flag@3.0.04.0.0(transitive)

• + Addedhasown@2.0.2(transitive)

• + Addedinflight@1.0.6(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedinterpret@1.4.0(transitive)

• + Addedis-core-module@2.15.1(transitive)

• + Addedis-fullwidth-code-point@3.0.0(transitive)

• + Addedminimatch@3.1.2(transitive)

• + Addednanoid@2.1.11(transitive)

• + Addedncp@2.0.0(transitive)

• + Addedonce@1.4.0(transitive)

• + Addedpath-is-absolute@1.0.1(transitive)

• + Addedpath-parse@1.0.7(transitive)

• + Addedrechoir@0.6.2(transitive)

• + Addedresolve@1.22.8(transitive)

• + Addedshelljs@0.8.5(transitive)

• + Addedstring-width@4.2.3(transitive)

• + Addedstrip-ansi@6.0.1(transitive)

• + Addedsupports-color@5.5.07.2.0(transitive)

• + Addedsupports-preserve-symlinks-flag@1.0.0(transitive)

• + Addedterm-size@2.2.1(transitive)

• + Addedtype-fest@0.8.1(transitive)

• + Addedwidest-line@3.1.0(transitive)

• + Addedwrappy@1.0.2(transitive)

• - Removedconnect@*

• - Removedsocket.io@*

• - Removedunderscore@*

• - Removed@socket.io/component-emitter@3.1.2(transitive)

• - Removed@types/cookie@0.4.1(transitive)

• - Removed@types/cors@2.8.17(transitive)

• - Removed@types/node@22.9.0(transitive)

• - Removedaccepts@1.3.8(transitive)

• - Removedbase64id@2.0.0(transitive)

• - Removedcommander@12.1.0(transitive)

• - Removedconnect@3.7.0(transitive)

• - Removedcookie@0.7.2(transitive)

• - Removedcors@2.8.5(transitive)

• - Removeddebug@2.6.94.3.7(transitive)

• - Removedee-first@1.1.1(transitive)

• - Removedencodeurl@1.0.2(transitive)

• - Removedengine.io@6.6.2(transitive)

• - Removedengine.io-parser@5.2.3(transitive)

• - Removedescape-html@1.0.3(transitive)

• - Removedfinalhandler@1.1.2(transitive)

• - Removedmime-db@1.52.0(transitive)

• - Removedmime-types@2.1.35(transitive)

• - Removedms@2.0.02.1.3(transitive)

• - Removednegotiator@0.6.3(transitive)

• - Removedobject-assign@4.1.1(transitive)

• - Removedon-finished@2.3.0(transitive)

• - Removedparseurl@1.3.3(transitive)

• - Removedsocket.io@4.8.1(transitive)

• - Removedsocket.io-adapter@2.5.5(transitive)

• - Removedsocket.io-parser@4.2.4(transitive)

• - Removedstatuses@1.5.0(transitive)

• - Removedunderscore@1.13.7(transitive)

• - Removedundici-types@6.19.8(transitive)

• - Removedunpipe@1.0.0(transitive)

• - Removedutils-merge@1.0.1(transitive)

• - Removedvary@1.1.2(transitive)

• - Removedws@8.17.1(transitive)

• Updatedcommander@^3.0.0