New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

repopo

Package Overview
Dependencies
Maintainers
0
Versions
4
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

repopo

Enforce policies on all or some of the files in a git repository.

  • 0.3.0
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
7
decreased by-50%
Maintainers
0
Weekly downloads
 
Created
Source

repopo - police the files in your git repo with extensible policies

repopo is a tool to apply policies to the files in your git repo. You can think of it as a sort of lint tool for any file in your git repo, with a straightforward way to write your own policies.

  • repopo - police the files in your git repo with extensible policies
  • Configuring policies
  • Included policies
  • Usage

Configuring policies

Repopo and its policies can be configured in a repopo.config.ts (or .cjs, or .mjs) file in the root of the repo. Using a TypeScript configuration file is recommended.

The policy config must export a default object of the type PolicyConfig.

Excluding files from policy check

By default, all files in the repo are checked. You can exclude files completely from the policy check by configuring the d excludeFiles setting. It should be an array of strings/regular expressions. Paths that match any of these expressions will be completely excluded from all policies.

You can exclude files from individual policies as well. To do this, set the excludePoliciesForFiles setting. It should be an object with keys that match policy names. The value is an array of strings/regular expressions. Paths that match any of these expressions will be excluded from that policy only.

Configuring individual policies

Individual policies can be configured using the policySettings setting. Use the policy name as the key, with the policy settings as the value.

Included policies

repopo includes the following policies. All of the included policies are enabled by default.

NoJsFileExtensions

The NoJsFileExtensions policy checks for JavaScript source files that just use the .js file extension. Such files may be interpreted by Node.js as either CommonJS or ESM based on the type field in the nearest package.json file. This can create unexpected behavior for JS files; changing the package.json nearest to one will change how the JS is processed by node. Using explicit file extensions reduces ambiguity and ensures a CJS file isn't suddenly treated like an ESM file.

PackageJsonProperties

The PackageJsonProperties policy is used to enforce fields in package.json files across the repo.

Configuration

The verbatim setting requires that all the configured fields in package.json match the values in the configuration.

import type { PolicyConfig } from "@tylerbu/repopo";
const config: PolicyConfig = {
	policySettings: {
		PackageJsonProperties: {
      // This setting will force all package.json files to contain these fields with the exact configured values.
			verbatim: {
				license: "MIT",
				author: "Tyler Butler <tyler@tylerbutler.com>",
				bugs: "https://github.com/tylerbutler/tools-monorepo/issues",
			}
		}
	}
};

PackageJsonRepoDirectoryProperty

A RepoPolicy that checks that the repository.directory property in package.json is set correctly. If the repository field is a string instead of an object the package will be ignored.

Usage

repopo check

Checks and applies policies to the files in the repository.

USAGE
  $ repopo check [-f] [--stdin] [-D <value>... | -d <value>] [-p <value>]

FLAGS
  -D, --excludePolicy=<value>...  Exclude policies by name. Can be specified multiple times to exclude multiple
                                  policies.
  -d, --policy=<value>            Filter policies to apply by <regex>. Only policies with a name matching the regex will
                                  be applied.
  -f, --fix                       Fix errors if possible.
  -p, --path=<value>              Filter file paths by <regex>.
      --stdin                     Read list of files from stdin.

See code: src/commands/check.ts

repopo list

Lists the policies configured to run.

USAGE
  $ repopo list [-D <value>... | -d <value>] [-p <value>]

FLAGS
  -D, --excludePolicy=<value>...  Exclude policies by name. Can be specified multiple times to exclude multiple
                                  policies.
  -d, --policy=<value>            Filter policies to apply by <regex>. Only policies with a name matching the regex will
                                  be applied.
  -p, --path=<value>              Filter file paths by <regex>.

See code: src/commands/list.ts

Keywords

FAQs

Package last updated on 07 Oct 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Oracle Drags Its Feet in the JavaScript Trademark Dispute

Security News

Oracle Drags Its Feet in the JavaScript Trademark Dispute

Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.

By Sarah Gooding  -  Feb 07, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc