sort-package-json - npm Package Compare versions

Comparing version 1.56.0 to 1.56.1

cli.js

 #!/usr/bin/env node
-import fs from 'node:fs'
-import { globbySync } from 'globby'
-import sortPackageJson from './index.js'
+const fs = require('fs')
+const globby = require('globby')
+const sortPackageJson = require('.')
 
@@ -17,3 +17,3 @@ const isCheckFlag = (argument) => argument === '--check' || argument === '-c'
 
-const files = globbySync(patterns)
+const files = globby.sync(patterns)
 
@@ -20,0 +20,0 @@ if (files.length === 0) {

index.js

@@ -1,6 +0,6 @@
-import sortObjectKeys from 'sort-object-keys'
-import detectIndent from 'detect-indent'
-import { detectNewlineGraceful as detectNewline } from 'detect-newline'
-import gitHooks from 'git-hooks-list'
-import isPlainObject from 'is-plain-obj'
+const sortObjectKeys = require('sort-object-keys')
+const detectIndent = require('detect-indent')
+const detectNewline = require('detect-newline').graceful
+const gitHooks = require('git-hooks-list')
+const isPlainObject = require('is-plain-obj')
 
@@ -369,3 +369,5 @@ const hasOwnProperty = (object, property) =>
 
-export default sortPackageJson
-export { defaultSortOrder as sortOrder }
+module.exports = sortPackageJson
+module.exports.sortPackageJson = sortPackageJson
+module.exports.sortOrder = defaultSortOrder
+module.exports.default = sortPackageJson

package.json

 {
   "name": "sort-package-json",
-  "version": "1.56.0",
+  "version": "1.56.1",
   "description": "Sort an Object or package.json based on the well-known package.json keys",
@@ -20,4 +20,3 @@ "keywords": [
   "author": "Keith Cirkel <npm@keithcirkel.co.uk> (http://keithcirkel.co.uk/)",
-  "type": "module",
-  "exports": "./index.js",
+  "main": "index.js",
   "types": "index.d.ts",
@@ -32,3 +31,2 @@ "bin": "cli.js",
     "lint": "eslint .",
-    "prepare": "husky install",
     "semantic-release": "semantic-release",
@@ -40,2 +38,8 @@ "sort-package-json": "node cli.js package.json --check",
   },
+  "husky": {
+    "hooks": {
+      "pre-commit": "npm t && lint-staged",
+      "commit-msg": "commitlint -E HUSKY_GIT_PARAMS"
+    }
+  },
   "commitlint": {
@@ -72,33 +76,32 @@ "extends": [
   "dependencies": {
-    "detect-indent": "^7.0.0",
-    "detect-newline": "^4.0.0",
-    "git-hooks-list": "^3.0.0",
-    "globby": "^13.1.1",
-    "is-plain-obj": "^4.0.0",
+    "detect-indent": "^6.0.0",
+    "detect-newline": "3.1.0",
+    "git-hooks-list": "1.0.3",
+    "globby": "10.0.0",
+    "is-plain-obj": "2.1.0",
     "sort-object-keys": "^1.1.3"
   },
   "devDependencies": {
-    "@commitlint/cli": "^16.2.3",
-    "@commitlint/config-conventional": "^16.2.1",
-    "ava": "^4.1.0",
-    "del": "^6.0.0",
-    "dot-prop": "^7.2.0",
-    "dtslint": "^3.4.2",
-    "eslint": "^7.32.0",
+    "@commitlint/cli": "8.3.5",
+    "@commitlint/config-conventional": "8.3.4",
+    "ava": "4.1.0",
+    "del": "5.1.0",
+    "dot-prop": "^5.2.0",
+    "dtslint": "^4.0.5",
+    "eslint": "^8.12.0",
     "eslint-config-prettier": "^8.5.0",
-    "eslint-config-standard": "^16.0.3",
+    "eslint-config-standard": "^17.0.0-1",
     "eslint-plugin-import": "^2.25.4",
-    "eslint-plugin-n": "^15.1.0",
+    "eslint-plugin-n": "^14.0.0",
     "eslint-plugin-prettier": "^4.0.0",
-    "eslint-plugin-promise": "^5.2.0",
-    "husky": "^7.0.0",
-    "lint-staged": "^12.3.7",
-    "make-dir": "^3.1.0",
+    "eslint-plugin-promise": "^6.0.0",
+    "husky": "^4.2.3",
+    "lint-staged": "^10.0.8",
+    "make-dir": "3.0.2",
     "nyc": "^15.0.0",
     "prettier": "^2.6.2",
-    "resolve": "^1.22.0",
-    "semantic-release": "^19.0.2",
-    "tempy": "^2.0.0",
-    "typescript": "^4.6.3"
+    "semantic-release": "17.0.5",
+    "tempy": "0.4.0",
+    "typescript": "^4.0.5"
   }
 }

README.md

@@ -90,3 +90,3 @@ # Sort Package.json
 ```js
-import sortPackageJson from 'sort-package-json'
+const sortPackageJson = require('sort-package-json')
 
@@ -232,3 +232,3 @@ const packageJsonString = `{
 
-The lack of configuration here is a feature, not a bug. The intent of this tool is that a user can open a package json and always expect to see keys in a particular order. If we add a configuration for this tool, then that promise is broken, as users will first need to look at the configuration for each project to learn the ways in which this tool will change the `package.json`. The structure of the `package.json` should always be predictable & deterministic from project to project. I think the _reason_ why this project is well used is because it is not another "tool" you have to set up with yet another JSON file and more cruft in your project to support it. You run a command and it does what it says on the tin.
+The lack of configuration here is a feature, not a bug. The intent of this tool is that a user can open a package json and always expect to see keys in a particular order. If we add a configuration for this tool, then that promise is broken, as users will first need to look at the configuration for each project to learn the ways in which this tool will change the `package.json`. The structure of the `package.json` should always be predictable & deterministic from project to project. I think the _reason_ why this project is well used is because it is not another "tool" you have to set up with yet another JSON file and more cruft in your project to support it. You run a command and it does what it says on the tin. 
 
@@ -240,1 +240,2 @@ A lot of people who ask for configuration cite the use case that they simply don't like the given order that exists and want to make sweeping changes. To me this seems far better suited to simply making a fork of this project as then you can go far further than specifying configuration.
 Well, it's nice to have the keys of a package.json in a well sorted order. Almost everyone would agree having "name" at the top of a package.json is sensible (rather than sorted alphabetically or somewhere silly like the bottom), so why not the rest of the package.json?
+

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

23293

increased by0.62%

Dev dependency count

21

decreased by-4.55%

Lines of code

437

increased by0.46%

Number of lines in readme file

239

increased by0.42%

Worsened metrics

Number of low supply chain risk alerts

1

increased byInfinity%

Is type module

No

Dependency changes

• + Added@types/glob@7.2.0(transitive)

• + Added@types/minimatch@5.1.2(transitive)

• + Added@types/node@22.9.0(transitive)

• + Addedarray-union@2.1.0(transitive)

• + Addedbalanced-match@1.0.2(transitive)

• + Addedbrace-expansion@1.1.11(transitive)

• + Addedconcat-map@0.0.1(transitive)

• + Addeddetect-indent@6.1.0(transitive)

• + Addeddetect-newline@3.1.0(transitive)

• + Addedfs.realpath@1.0.0(transitive)

• + Addedgit-hooks-list@1.0.3(transitive)

• + Addedglob@7.2.3(transitive)

• + Addedglobby@10.0.0(transitive)

• + Addedinflight@1.0.6(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedis-plain-obj@2.1.0(transitive)

• + Addedminimatch@3.1.2(transitive)

• + Addedonce@1.4.0(transitive)

• + Addedpath-is-absolute@1.0.1(transitive)

• + Addedslash@3.0.0(transitive)

• + Addedundici-types@6.19.8(transitive)

• + Addedwrappy@1.0.2(transitive)

• - Removeddetect-indent@7.0.1(transitive)

• - Removeddetect-newline@4.0.1(transitive)

• - Removedgit-hooks-list@3.1.0(transitive)

• - Removedglobby@13.2.2(transitive)

• - Removedis-plain-obj@4.1.0(transitive)

• - Removedslash@4.0.0(transitive)

• Updateddetect-indent@^6.0.0

• Updateddetect-newline@3.1.0

• Updatedgit-hooks-list@1.0.3

• Updatedglobby@10.0.0

• Updatedis-plain-obj@2.1.0