Skip to content

Commit

Permalink
🏗 Manually check for exact npm versions (#33470)
Browse files Browse the repository at this point in the history 
* Manually check for exact npm versions

This is necessary for the Bento npm project, because we will be depending on a range of `preact` and `react`. What's different about `peerDependencies` is that they're chosen by the end user, and that's not us.

* fs-extra
  • Loading branch information
@jridgewell
jridgewell committed Mar 25, 2021
1 parent b9c61b0 commit 765860c
Show file tree
Hide file tree
Showing 3 changed files with 128 additions and 34 deletions.
44 changes: 32 additions & 12 deletions build-system/tasks/check-exact-versions.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,35 @@
*/
'use strict';

const fs = require('fs-extra');
const globby = require('globby');
const semver = require('semver');
const {cyan, green, red} = require('kleur/colors');
const {getStderr} = require('../common/exec');
const {gitDiffFileMaster} = require('../common/git');
const {log, logLocalDev, logWithoutTimestamp} = require('../common/logging');

const checkerExecutable = 'npx npm-exact-versions';
/**
* @param {string} file
* @return {boolean}
*/
function check(file) {
const json = fs.readJsonSync(file, 'utf8');

// We purposfully ignore peerDependencies here, because that's that's for the
// consumer to decide.
const keys = ['dependencies', 'devDependencies', 'optionalDependencies'];

for (const key of keys) {
const deps = json[key];
for (const dep in deps) {
const version = deps[dep];
if (!semver.clean(version)) {
return false;
}
}
}
return true;
}

/**
* Makes sure all package.json files in the repo use exact versions.
Expand All @@ -30,9 +52,14 @@ const checkerExecutable = 'npx npm-exact-versions';
async function checkExactVersions() {
const packageJsonFiles = globby.sync(['**/package.json', '!**/node_modules']);
packageJsonFiles.forEach((file) => {
const checkerCmd = `${checkerExecutable} --path ${file}`;
const err = getStderr(checkerCmd);
if (err) {
if (check(file)) {
logLocalDev(
green('SUCCESS:'),
'All packages in',
cyan(file),
'have exact versions.'
);
} else {
log(
red('ERROR:'),
'One or more packages in',
Expand All @@ -41,13 +68,6 @@ async function checkExactVersions() {
);
logWithoutTimestamp(gitDiffFileMaster(file));
throw new Error('Check failed');
} else {
logLocalDev(
green('SUCCESS:'),
'All packages in',
cyan(file),
'have exact versions.'
);
}
});
}
Expand Down
116 changes: 95 additions & 21 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,6 @@
"morgan": "1.10.0",
"multer": "1.4.2",
"node-fetch": "2.6.1",
"npm-exact-versions": "0.0.5",
"open": "8.0.2",
"plugin-error": "1.0.1",
"postcss": "8.2.7",
Expand All @@ -168,6 +167,7 @@
"request": "2.88.2",
"request-promise": "4.2.6",
"rocambole": "0.7.0",
"semver": "7.3.5",
"sinon": "9.2.4",
"sinon-chai": "3.5.0",
"sourcemap-codec": "1.4.8",
Expand Down

0 comments on commit 765860c

Please sign in to comment.