diff --git a/README.md b/README.md index b5668edf6f2..c75a4436ce1 100644 --- a/README.md +++ b/README.md @@ -87,6 +87,7 @@ These GitHub repositories provide supplementary resources for Rush Stack: | [/libraries/lookup-by-path](./libraries/lookup-by-path/) | [![npm version](https://badge.fury.io/js/%40rushstack%2Flookup-by-path.svg)](https://badge.fury.io/js/%40rushstack%2Flookup-by-path) | [changelog](./libraries/lookup-by-path/CHANGELOG.md) | [@rushstack/lookup-by-path](https://www.npmjs.com/package/@rushstack/lookup-by-path) | | [/libraries/module-minifier](./libraries/module-minifier/) | [![npm version](https://badge.fury.io/js/%40rushstack%2Fmodule-minifier.svg)](https://badge.fury.io/js/%40rushstack%2Fmodule-minifier) | [changelog](./libraries/module-minifier/CHANGELOG.md) | [@rushstack/module-minifier](https://www.npmjs.com/package/@rushstack/module-minifier) | | [/libraries/node-core-library](./libraries/node-core-library/) | [![npm version](https://badge.fury.io/js/%40rushstack%2Fnode-core-library.svg)](https://badge.fury.io/js/%40rushstack%2Fnode-core-library) | [changelog](./libraries/node-core-library/CHANGELOG.md) | [@rushstack/node-core-library](https://www.npmjs.com/package/@rushstack/node-core-library) | +| [/libraries/npm-check-fork](./libraries/npm-check-fork/) | [![npm version](https://badge.fury.io/js/%40rushstack%2Fnpm-check-fork.svg)](https://badge.fury.io/js/%40rushstack%2Fnpm-check-fork) | [changelog](./libraries/npm-check-fork/CHANGELOG.md) | [@rushstack/npm-check-fork](https://www.npmjs.com/package/@rushstack/npm-check-fork) | | [/libraries/operation-graph](./libraries/operation-graph/) | [![npm version](https://badge.fury.io/js/%40rushstack%2Foperation-graph.svg)](https://badge.fury.io/js/%40rushstack%2Foperation-graph) | [changelog](./libraries/operation-graph/CHANGELOG.md) | [@rushstack/operation-graph](https://www.npmjs.com/package/@rushstack/operation-graph) | | [/libraries/package-deps-hash](./libraries/package-deps-hash/) | [![npm version](https://badge.fury.io/js/%40rushstack%2Fpackage-deps-hash.svg)](https://badge.fury.io/js/%40rushstack%2Fpackage-deps-hash) | [changelog](./libraries/package-deps-hash/CHANGELOG.md) | [@rushstack/package-deps-hash](https://www.npmjs.com/package/@rushstack/package-deps-hash) | | [/libraries/package-extractor](./libraries/package-extractor/) | [![npm version](https://badge.fury.io/js/%40rushstack%2Fpackage-extractor.svg)](https://badge.fury.io/js/%40rushstack%2Fpackage-extractor) | [changelog](./libraries/package-extractor/CHANGELOG.md) | [@rushstack/package-extractor](https://www.npmjs.com/package/@rushstack/package-extractor) | diff --git a/common/changes/@microsoft/rush/user-cmalonzo-npmaudit-fork-npm-check_2025-10-17-18-56.json b/common/changes/@microsoft/rush/user-cmalonzo-npmaudit-fork-npm-check_2025-10-17-18-56.json new file mode 100644 index 00000000000..c1d091e0ea8 --- /dev/null +++ b/common/changes/@microsoft/rush/user-cmalonzo-npmaudit-fork-npm-check_2025-10-17-18-56.json @@ -0,0 +1,10 @@ +{ + "changes": [ + { + "packageName": "@microsoft/rush", + "comment": "Fork npm-check to address npm audit CVE", + "type": "none" + } + ], + "packageName": "@microsoft/rush" +} \ No newline at end of file diff --git a/common/changes/@rushstack/npm-check-fork/user-cmalonzo-npmaudit-fork-npm-check_2025-10-17-23-03.json b/common/changes/@rushstack/npm-check-fork/user-cmalonzo-npmaudit-fork-npm-check_2025-10-17-23-03.json new file mode 100644 index 00000000000..5b1db784279 --- /dev/null +++ b/common/changes/@rushstack/npm-check-fork/user-cmalonzo-npmaudit-fork-npm-check_2025-10-17-23-03.json @@ -0,0 +1,10 @@ +{ + "changes": [ + { + "packageName": "@rushstack/npm-check-fork", + "comment": "Initial fork of npm-check", + "type": "minor" + } + ], + "packageName": "@rushstack/npm-check-fork" +} \ No newline at end of file diff --git a/common/config/rush/nonbrowser-approved-packages.json b/common/config/rush/nonbrowser-approved-packages.json index f4a71081795..90bf63302d7 100644 --- a/common/config/rush/nonbrowser-approved-packages.json +++ b/common/config/rush/nonbrowser-approved-packages.json @@ -270,6 +270,10 @@ "name": "@rushstack/node-core-library", "allowedCategories": [ "libraries", "tests", "vscode-extensions" ] }, + { + "name": "@rushstack/npm-check-fork", + "allowedCategories": [ "libraries" ] + }, { "name": "@rushstack/operation-graph", "allowedCategories": [ "libraries" ] @@ -658,6 +662,10 @@ "name": "git-repo-info", "allowedCategories": [ "libraries" ] }, + { + "name": "giturl", + "allowedCategories": [ "libraries" ] + }, { "name": "glob", "allowedCategories": [ "libraries", "vscode-extensions" ] @@ -874,6 +882,10 @@ "name": "package-extractor-test-03", "allowedCategories": [ "tests" ] }, + { + "name": "package-json", + "allowedCategories": [ "libraries" ] + }, { "name": "pnpm-sync-lib", "allowedCategories": [ "libraries" ] @@ -986,6 +998,10 @@ "name": "terser-webpack-plugin", "allowedCategories": [ "libraries", "tests" ] }, + { + "name": "throat", + "allowedCategories": [ "libraries" ] + }, { "name": "timsort", "allowedCategories": [ "libraries" ] diff --git a/common/config/subspaces/build-tests-subspace/pnpm-lock.yaml b/common/config/subspaces/build-tests-subspace/pnpm-lock.yaml index 18d149cd86b..0092b867cf9 100644 --- a/common/config/subspaces/build-tests-subspace/pnpm-lock.yaml +++ b/common/config/subspaces/build-tests-subspace/pnpm-lock.yaml @@ -3942,6 +3942,10 @@ packages: resolution: {integrity: sha512-qVDEXufVtYUzYqI5hoDUONh9GCEPi0n+e35KNDafdsNt9fPxB0nvFW/kFiw7W42wkg8TUyhBqb+t24yyaoc87A==} engines: {node: '>= 0.10.0'} + /giturl@2.0.0: + resolution: {integrity: sha512-FB0MmghWLcqsyrBZyqsLCNeS2kIzYymT34t/6BxM5R0/9Pxvj0K1eK25SBbwRHMjKMLgQ7nYqBSduF6XyfkgFg==} + engines: {node: '>= 14.17.0'} + /glob-escape@0.0.2: resolution: {integrity: sha512-L/cXYz8x7qer1HAyUQ+mbjcUsJVdpRxpAf7CwqHoNBs9vTpABlGfNN4tzkDxt+u3Z7ZncVyKlCNPtzb0R/7WbA==} engines: {node: '>= 0.10'} @@ -7978,6 +7982,16 @@ packages: resolve: 1.22.8 semver: 7.5.4 + file:../../../libraries/npm-check-fork: + resolution: {directory: ../../../libraries/npm-check-fork, type: directory} + name: '@rushstack/npm-check-fork' + dependencies: + giturl: 2.0.0 + lodash: 4.17.21 + package-json: 7.0.0 + semver: 7.5.4 + throat: 6.0.2 + file:../../../libraries/operation-graph(@types/node@20.17.19): resolution: {directory: ../../../libraries/operation-graph, type: directory} id: file:../../../libraries/operation-graph @@ -8051,6 +8065,7 @@ packages: '@rushstack/heft-config-file': file:../../../libraries/heft-config-file(@types/node@20.17.19) '@rushstack/lookup-by-path': file:../../../libraries/lookup-by-path(@types/node@20.17.19) '@rushstack/node-core-library': file:../../../libraries/node-core-library(@types/node@20.17.19) + '@rushstack/npm-check-fork': file:../../../libraries/npm-check-fork '@rushstack/package-deps-hash': file:../../../libraries/package-deps-hash(@types/node@20.17.19) '@rushstack/package-extractor': file:../../../libraries/package-extractor(@types/node@20.17.19) '@rushstack/rig-package': file:../../../libraries/rig-package diff --git a/common/config/subspaces/build-tests-subspace/repo-state.json b/common/config/subspaces/build-tests-subspace/repo-state.json index eed6a72da20..1e915afede2 100644 --- a/common/config/subspaces/build-tests-subspace/repo-state.json +++ b/common/config/subspaces/build-tests-subspace/repo-state.json @@ -1,6 +1,6 @@ // DO NOT MODIFY THIS FILE MANUALLY BUT DO COMMIT IT. It is generated and used by Rush. { - "pnpmShrinkwrapHash": "26e6eb2ac184c892057b5d9687143b690e088b75", + "pnpmShrinkwrapHash": "1dc2b69423ca353582cec8716410a0b8a8210aff", "preferredVersionsHash": "550b4cee0bef4e97db6c6aad726df5149d20e7d9", - "packageJsonInjectedDependenciesHash": "3622326a8ef09c6dd0846faf66ef2e04eabd1154" + "packageJsonInjectedDependenciesHash": "7bf222162008849ca931709cbaa90632d56766da" } diff --git a/common/config/subspaces/default/pnpm-lock.yaml b/common/config/subspaces/default/pnpm-lock.yaml index 3008c3b9ce2..9465e8c01d2 100644 --- a/common/config/subspaces/default/pnpm-lock.yaml +++ b/common/config/subspaces/default/pnpm-lock.yaml @@ -3559,6 +3559,40 @@ importers: specifier: ~9.37.0 version: 9.37.0(supports-color@8.1.1) + ../../../libraries/npm-check-fork: + dependencies: + giturl: + specifier: ^2.0.0 + version: 2.0.0 + lodash: + specifier: ~4.17.15 + version: 4.17.21 + package-json: + specifier: ^7 + version: 7.0.0 + semver: + specifier: ~7.5.4 + version: 7.5.4 + throat: + specifier: ^6.0.2 + version: 6.0.2 + devDependencies: + '@rushstack/heft': + specifier: workspace:* + version: link:../../apps/heft + '@types/lodash': + specifier: 4.14.116 + version: 4.14.116 + '@types/semver': + specifier: 7.5.0 + version: 7.5.0 + eslint: + specifier: ~9.37.0 + version: 9.37.0(supports-color@8.1.1) + local-node-rig: + specifier: workspace:* + version: link:../../rigs/local-node-rig + ../../../libraries/operation-graph: dependencies: '@rushstack/node-core-library': @@ -3712,6 +3746,9 @@ importers: '@rushstack/node-core-library': specifier: workspace:* version: link:../node-core-library + '@rushstack/npm-check-fork': + specifier: workspace:* + version: link:../npm-check-fork '@rushstack/package-deps-hash': specifier: workspace:* version: link:../package-deps-hash @@ -3769,9 +3806,6 @@ importers: js-yaml: specifier: ~4.1.0 version: 4.1.0 - npm-check: - specifier: ~6.0.1 - version: 6.0.1 npm-package-arg: specifier: ~6.1.0 version: 6.1.1 @@ -7707,12 +7741,6 @@ packages: dev: true optional: true - /@devexpress/error-stack-parser@2.0.6: - resolution: {integrity: sha512-fneVypElGUH6Be39mlRZeAu00pccTlf4oVuzf9xPJD1cdEqI8NyAiQua/EW7lZdrbMUbgyXcJmfKPefhYius3A==} - dependencies: - stackframe: 1.3.4 - dev: false - /@discoveryjs/json-ext@0.5.7: resolution: {integrity: sha512-dBVuXR082gk3jsFp7Rd/JI4kytwGHecnCoTtXFb7DB6CNHp4rg5k1bhg0nWdLGLnOV71lmDzGQaLMy8iPLY0pw==} engines: {node: '>=10.0.0'} @@ -14352,10 +14380,6 @@ packages: /@types/mime@3.0.4: resolution: {integrity: sha512-iJt33IQnVRkqeqC7PzBHPTC6fDlRNRW8vjrgqtScAhrmMwe8c4Eo7+fUGTa+XdWrpEgpyKWMYmi2dIwMAYRzPw==} - /@types/minimatch@3.0.5: - resolution: {integrity: sha512-Klz949h02Gz2uZCMGwDUSDS1YBlTdDDgbWHi+81l29tQALUtvz4rAYi5uoVhE5Lagoq6DeqAUlbrHvW/mXDgdQ==} - dev: false - /@types/minimatch@6.0.0: resolution: {integrity: sha512-zmPitbQ8+6zNutpwgcQuLcsEpn/Cj54Kbn7L5pX0Os5kdWplB7xPgEh/g+SWOB/qmows2gpuCaPyduq8ZZRnxA==} deprecated: This is a stub types definition. minimatch provides its own type definitions, so you do not need this installed. @@ -14363,10 +14387,6 @@ packages: minimatch: 10.0.3 dev: true - /@types/minimist@1.2.5: - resolution: {integrity: sha512-hov8bUuiLiyFPGyFPE1lwWhmzYbirOXQNNo40+y3zow8aFVTeyn3VWL0VFFfdNddA8S4Vf0Tc062rzyNr7Paag==} - dev: false - /@types/mocha@10.0.6: resolution: {integrity: sha512-dJvrYWxP/UcXm36Qn36fxhUKu8A/xMRXVT2cliFF1Z7UA9liG5Psj3ezNSZw+5puH2czDXRLcXQxf8JbJt0ejg==} dev: true @@ -14414,6 +14434,7 @@ packages: /@types/normalize-package-data@2.4.4: resolution: {integrity: sha512-37i+OaWTh9qeK4LSHPsyRC7NahnGotNuZvjLSgcPzblpHB3rrCJxAOgI5gCdKm7coonsaX1Of0ILiTcnZjbfxA==} + dev: true /@types/npm-package-arg@6.1.0: resolution: {integrity: sha512-vbt5fb0y1svMhu++1lwtKmZL76d0uPChFlw7kEzyUmTwfmpHRcFb8i0R8ElT69q/L+QLgK2hgECivIAvaEDwag==} @@ -15544,48 +15565,6 @@ packages: - supports-color dev: false - /@vue/compiler-core@3.4.21: - resolution: {integrity: sha512-MjXawxZf2SbZszLPYxaFCjxfibYrzr3eYbKxwpLR9EQN+oaziSu3qKVbwBERj1IFIB8OLUewxB5m/BFzi613og==} - dependencies: - '@babel/parser': 7.24.0 - '@vue/shared': 3.4.21 - entities: 4.5.0 - estree-walker: 2.0.2 - source-map-js: 1.1.0 - dev: false - - /@vue/compiler-dom@3.4.21: - resolution: {integrity: sha512-IZC6FKowtT1sl0CR5DpXSiEB5ayw75oT2bma1BEhV7RRR1+cfwLrxc2Z8Zq/RGFzJ8w5r9QtCOvTjQgdn0IKmA==} - dependencies: - '@vue/compiler-core': 3.4.21 - '@vue/shared': 3.4.21 - dev: false - - /@vue/compiler-sfc@3.4.21: - resolution: {integrity: sha512-me7epoTxYlY+2CUM7hy9PCDdpMPfIwrOvAXud2Upk10g4YLv9UBW7kL798TvMeDhPthkZ0CONNrK2GoeI1ODiQ==} - dependencies: - '@babel/parser': 7.24.0 - '@vue/compiler-core': 3.4.21 - '@vue/compiler-dom': 3.4.21 - '@vue/compiler-ssr': 3.4.21 - '@vue/shared': 3.4.21 - estree-walker: 2.0.2 - magic-string: 0.30.8 - postcss: 8.4.36 - source-map-js: 1.1.0 - dev: false - - /@vue/compiler-ssr@3.4.21: - resolution: {integrity: sha512-M5+9nI2lPpAsgXOGQobnIueVqc9sisBFexh5yMIMRAPYLa7+5wEJs8iqOZc1WAa9WQbx9GR2twgznU8LTIiZ4Q==} - dependencies: - '@vue/compiler-dom': 3.4.21 - '@vue/shared': 3.4.21 - dev: false - - /@vue/shared@3.4.21: - resolution: {integrity: sha512-PuJe7vDIi6VYSinuEbUIQgMIRZGgM8e4R+G+/dQTk0X1NEdvgvvgv7m+rfmDH1gZzyA1OjjoWskvHlfRNfQf3g==} - dev: false - /@webassemblyjs/ast@1.14.1: resolution: {integrity: sha512-nuBEDgQfm1ccRp/8bCQrx1frohyufl4JlbMMZ4P1wpeOfDhF6FQkxZJ1b/e+PLwr6X1Nhw6OLme5usuBWYBvuQ==} dependencies: @@ -16236,11 +16215,6 @@ packages: call-bound: 1.0.4 is-array-buffer: 3.0.5 - /array-differ@3.0.0: - resolution: {integrity: sha512-THtfYS6KtME/yIAhKjZ2ul7XI96lQGHRputJQHO80LAWQnuGP4iCIN8vdMRboGbIEYBwU33q8Tch1os2+X0kMg==} - engines: {node: '>=8'} - dev: false - /array-flatten@1.1.1: resolution: {integrity: sha512-PCVAQswWemu6UdxsDFFX/+gVeYqKAod3D3UVm91jHwynguOwAvYPhx8nNlM++NqRcK6CxxpUafjmhIdKiHibqg==} @@ -16279,6 +16253,7 @@ packages: /array-union@2.1.0: resolution: {integrity: sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw==} engines: {node: '>=8'} + dev: true /array-uniq@1.0.3: resolution: {integrity: sha512-MNha4BWQ6JbwhFhj03YK552f7cb3AzoE8SzeljgChvL1dl3IcvggXVz1DilzySZkCja+CXuZbdW7yATchWn8/Q==} @@ -16398,14 +16373,10 @@ packages: get-intrinsic: 1.3.0 is-array-buffer: 3.0.5 - /arrify@1.0.1: - resolution: {integrity: sha512-3CYzex9M9FGQjCGMGyi6/31c8GJbgb0qGyrx5HWxPd0aCwh4cB2YjMb2Xf9UuoogrMrlO9cTqnB5rI5GHZTcUA==} - engines: {node: '>=0.10.0'} - dev: false - /arrify@2.0.1: resolution: {integrity: sha512-3duEwti880xqi4eAMN8AyR4a0ByT90zoYdLlevfrvU43vb0YZwZVfxOgxWrLXXXpyugL0hNZc9G6BiB5B3nUug==} engines: {node: '>=8'} + dev: true /asap@2.0.6: resolution: {integrity: sha512-BSHWgDSAiKs50o2Re8ppvp3seVHXSRM44cdSsT9FfNEUUZLOGWVCsiWaRPWM1Znn+mqZ1OfVZ3z3DWEzSp7hRA==} @@ -17354,22 +17325,6 @@ packages: resolution: {integrity: sha512-HpX65o1Hnr9HH25ojC1YGs7HCQLq0GCOibSaWER0eNpgJ/Z1MZv2mTc7+xh6WOPxbRVcmgbv4hGU+uSQ/2xFZQ==} dev: true - /callsite-record@4.1.5: - resolution: {integrity: sha512-OqeheDucGKifjQRx524URgV4z4NaKjocGhygTptDea+DLROre4ZEecA4KXDq+P7qlGCohYVNOh3qr+y5XH5Ftg==} - dependencies: - '@devexpress/error-stack-parser': 2.0.6 - '@types/lodash': 4.14.116 - callsite: 1.0.0 - chalk: 2.4.2 - highlight-es: 1.0.3 - lodash: 4.17.21 - pinkie-promise: 2.0.1 - dev: false - - /callsite@1.0.0: - resolution: {integrity: sha512-0vdNRFXn5q+dtOqjfFtmtlI9N2eVZ7LMyEV2iKC5mEEFvSg/69Ml6b/WU2qF8W1nLRa0wiSrDT3Y5jOHZCwKPQ==} - dev: false - /callsites@3.1.0: resolution: {integrity: sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==} engines: {node: '>=6'} @@ -17385,15 +17340,6 @@ packages: engines: {node: '>= 6'} dev: true - /camelcase-keys@6.2.2: - resolution: {integrity: sha512-YrwaA0vEKazPBkn0ipTiMpSajYDSe+KjQfrjhcBMxJt/znbvlHd8Pw/Vamaz5EB4Wfhs3SUR3Z9mwRu/P3s3Yg==} - engines: {node: '>=8'} - dependencies: - camelcase: 5.3.1 - map-obj: 4.3.0 - quick-lru: 4.0.1 - dev: false - /camelcase@5.3.1: resolution: {integrity: sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==} engines: {node: '>=6'} @@ -17493,10 +17439,6 @@ packages: resolution: {integrity: sha512-mKKUkUbhPpQlCOfIuZkvSEgktjPFIsZKRRbC6KWVEMvlzblj3i3asQv5ODsrwt0N3pHAEvjP8KTQPHkp0+6jOg==} dev: true - /chardet@0.7.0: - resolution: {integrity: sha512-mT8iDcrh03qDGRRmoA2hmBJnxpllMR+0/0qlzjqZES6NdiWDcZkCNAk4rPFZ9Q85r27unkiNNg8ZOiwZXBHwcA==} - dev: false - /chardet@2.1.0: resolution: {integrity: sha512-bNFETTG/pM5ryzQ9Ad0lJOTa6HWD/YsScAR3EnCPZRPlQh77JocYktSHOUHelyhm8IARL+o4c4F1bP5KVOjiRA==} dev: false @@ -17698,6 +17640,7 @@ packages: string-width: 4.2.3 strip-ansi: 6.0.1 wrap-ansi: 7.0.0 + dev: true /cliui@8.0.1: resolution: {integrity: sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==} @@ -18541,17 +18484,10 @@ packages: deprecated: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info. dev: false - /decamelize-keys@1.1.1: - resolution: {integrity: sha512-WiPxgEirIV0/eIOMcnFBA3/IJZAZqKnwAwWyvvdi4lsr1WCN22nhdf/3db3DoZcUjTV2SqfzIwNyp6y2xs3nmg==} - engines: {node: '>=0.10.0'} - dependencies: - decamelize: 1.2.0 - map-obj: 1.0.1 - dev: false - /decamelize@1.2.0: resolution: {integrity: sha512-z2S+W9X73hAUUki+N+9Za2lBlun89zigOyGrsax+KUQ6wKW4ZoWpEYBkGhQjwAjjDCkWxhY0VKEhk8wzY7F5cA==} engines: {node: '>=0.10.0'} + dev: true /decamelize@4.0.0: resolution: {integrity: sha512-9iE1PgSik9HeIIw2JO94IidnE3eBoQrFJ3w7sFuzSX4DpmZ3v5sZpUiV5Swcf6mQEF+Y0ru8Neo+p+nyh2J+hQ==} @@ -18691,38 +18627,6 @@ packages: immer: 9.0.21 dev: true - /depcheck@1.4.7: - resolution: {integrity: sha512-1lklS/bV5chOxwNKA/2XUUk/hPORp8zihZsXflr8x0kLwmcZ9Y9BsS6Hs3ssvA+2wUVbG0U2Ciqvm1SokNjPkA==} - engines: {node: '>=10'} - hasBin: true - dependencies: - '@babel/parser': 7.24.0 - '@babel/traverse': 7.24.0 - '@vue/compiler-sfc': 3.4.21 - callsite: 1.0.0 - camelcase: 6.3.0 - cosmiconfig: 7.1.0 - debug: 4.4.0(supports-color@8.1.1) - deps-regex: 0.2.0 - findup-sync: 5.0.0 - ignore: 5.3.1 - is-core-module: 2.16.1 - js-yaml: 3.14.1 - json5: 2.2.3 - lodash: 4.17.21 - minimatch: 7.4.6 - multimatch: 5.0.0 - please-upgrade-node: 3.2.0 - readdirp: 3.6.0 - require-package-name: 2.0.1 - resolve: 1.22.8 - resolve-from: 5.0.0 - semver: 7.5.4 - yargs: 16.2.0 - transitivePeerDependencies: - - supports-color - dev: false - /depd@1.1.2: resolution: {integrity: sha512-7emPTl6Dpo6JRXOXjLRxck+FlLRX5847cLKEn00PLAgc3g2hTZZgr+e4c2v6QpSmLeFP3n5yUo7ft6avBK/5jQ==} engines: {node: '>= 0.6'} @@ -18742,10 +18646,6 @@ packages: semver: 7.5.4 dev: false - /deps-regex@0.2.0: - resolution: {integrity: sha512-PwuBojGMQAYbWkMXOY9Pd/NWCDNHVH12pnS7WHqZkTSeMESe4hwnKKRp0yR87g37113x4JPbo/oIvXY+s/f56Q==} - dev: false - /des.js@1.1.0: resolution: {integrity: sha512-r17GxjhUCjSRy8aiJpr8/UadFIzMzJGexI3Nmz4ADi9LYSFx4gTBp80+NaX/YsXWWLhpZ7v/v/ubEc/bCNfKwg==} dependencies: @@ -18766,11 +18666,6 @@ packages: repeat-string: 1.6.1 dev: true - /detect-file@1.0.0: - resolution: {integrity: sha512-DtCOLG98P007x7wiiOmfI0fi3eIKyWiLTGJ2MDnVi/E04lWGbf+JzrRHMm0rgIIZJGtHpKpbVgLWHrv8xXpc3Q==} - engines: {node: '>=0.10.0'} - dev: false - /detect-indent@6.1.0: resolution: {integrity: sha512-reYkTUJAZb9gUuZ2RvVCNhVHdg62RHnJ7WJl8ftMi4diZ6NWlciOzQN88pUhSELEwflJht4oQDv0F0BMlwaYtA==} engines: {node: '>=8'} @@ -18853,6 +18748,7 @@ packages: engines: {node: '>=8'} dependencies: path-type: 4.0.0 + dev: true /dns-packet@5.6.1: resolution: {integrity: sha512-l4gcSouhcgIKRvyy99RNVOgxXiicE+2jZoNmaNmZ6JXiGajBOJAesk1OBlJuM5k2c+eudGdLxDqXuPCKIj6kpw==} @@ -20612,10 +20508,6 @@ packages: - supports-color dev: true - /estree-walker@2.0.2: - resolution: {integrity: sha512-Rfkk/Mp/DL7JVje3u18FxFujQlTNR2q6QfMSMB7AvCBx91NGj/ba3kCfza0f6dVDbw7YlRf/nDrn7pQrCCyQ/w==} - dev: false - /esutils@2.0.3: resolution: {integrity: sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==} engines: {node: '>=0.10.0'} @@ -20708,13 +20600,6 @@ packages: dev: false optional: true - /expand-tilde@2.0.2: - resolution: {integrity: sha512-A5EmesHW6rfnZ9ysHQjPdJRni0SRar0tjtG5MNtm9n5TUvsYU8oozprtRD4AqHxcZWWlVuAmQo2nWKfN9oyjTw==} - engines: {node: '>=0.10.0'} - dependencies: - homedir-polyfill: 1.0.3 - dev: false - /expect@29.7.0: resolution: {integrity: sha512-2Zks0hf1VLFYI1kbh0I5jP3KHHyCHpkfyHBzsSXRFgl/Bg9mWYfMW8oD+PdMPlEwy5HNsR9JutYy6pMeOh61nw==} engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} @@ -20859,15 +20744,6 @@ packages: resolution: {integrity: sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==} dev: true - /external-editor@3.1.0: - resolution: {integrity: sha512-hMQ4CX1p1izmuLYyZqLMO/qGNw10wSv9QDCPfzXfyFrOaCSSoRfqE1Kf1s5an66J5JZC62NewG+mK49jOCtQew==} - engines: {node: '>=4'} - dependencies: - chardet: 0.7.0 - iconv-lite: 0.4.24 - tmp: 0.0.33 - dev: false - /extglob@2.0.4: resolution: {integrity: sha512-Nmb6QXkELsuBr24CJSkilo6UHHgbekK5UiZgfE6UHD3Eb27YC6oD+bhcT+tJ6cl8dmsgdQxnWlcry8ksBIBLpw==} engines: {node: '>=0.10.0'} @@ -21191,23 +21067,6 @@ packages: locate-path: 6.0.0 path-exists: 4.0.0 - /find-yarn-workspace-root2@1.2.16: - resolution: {integrity: sha512-hr6hb1w8ePMpPVUK39S4RlwJzi+xPLuVuG8XlwXU3KD5Yn3qgBWVfy3AzNlDhWvE1EORCE65/Qm26rFQt3VLVA==} - dependencies: - micromatch: 4.0.5 - pkg-dir: 4.2.0 - dev: false - - /findup-sync@5.0.0: - resolution: {integrity: sha512-MzwXju70AuyflbgeOhzvQWAvvQdo1XL0A9bVvlXsYcFEBM87WR4OakL4OfZq+QRmr+duJubio+UtNQCPsVESzQ==} - engines: {node: '>= 10.13.0'} - dependencies: - detect-file: 1.0.0 - is-glob: 4.0.3 - micromatch: 4.0.5 - resolve-dir: 1.0.1 - dev: false - /flat-cache@2.0.1: resolution: {integrity: sha512-LoQe6yDuUMDzQAEH8sgmh4Md6oZnc/7PjtwjNFSzveXqSHt6ka9fPBuso7IGf9Rz4uqnSnWiFH2B/zj24a5ReA==} engines: {node: '>=4'} @@ -21584,6 +21443,7 @@ packages: /get-caller-file@2.0.5: resolution: {integrity: sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==} engines: {node: 6.* || 8.* || >= 10.*} + dev: true /get-intrinsic@1.2.4: resolution: {integrity: sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==} @@ -21677,9 +21537,9 @@ packages: resolution: {integrity: sha512-wIh+gKBI9Nshz2o46B0B3f5k/W+WI9ZAv6y5Dn5WJ5SK1t0TnDimB4WE5rmTD05ZAIn8HALCZVmCsvj0w0v0lw==} dev: true - /giturl@1.0.3: - resolution: {integrity: sha512-qVDEXufVtYUzYqI5hoDUONh9GCEPi0n+e35KNDafdsNt9fPxB0nvFW/kFiw7W42wkg8TUyhBqb+t24yyaoc87A==} - engines: {node: '>= 0.10.0'} + /giturl@2.0.0: + resolution: {integrity: sha512-FB0MmghWLcqsyrBZyqsLCNeS2kIzYymT34t/6BxM5R0/9Pxvj0K1eK25SBbwRHMjKMLgQ7nYqBSduF6XyfkgFg==} + engines: {node: '>= 14.17.0'} dev: false /glob-escape@0.0.2: @@ -21773,42 +21633,6 @@ packages: dependencies: ini: 2.0.0 - /global-modules@1.0.0: - resolution: {integrity: sha512-sKzpEkf11GpOFuw0Zzjzmt4B4UZwjOcG757PPvrfhxcLFbq0wpsgpOqxpxtxFiCG4DtG93M6XRVbF2oGdev7bg==} - engines: {node: '>=0.10.0'} - dependencies: - global-prefix: 1.0.2 - is-windows: 1.0.2 - resolve-dir: 1.0.1 - dev: false - - /global-modules@2.0.0: - resolution: {integrity: sha512-NGbfmJBp9x8IxyJSd1P+otYK8vonoJactOogrVfFRIAEY1ukil8RSKDz2Yo7wh1oihl51l/r6W4epkeKJHqL8A==} - engines: {node: '>=6'} - dependencies: - global-prefix: 3.0.0 - dev: false - - /global-prefix@1.0.2: - resolution: {integrity: sha512-5lsx1NUDHtSjfg0eHlmYvZKv8/nVqX4ckFbM+FrGcQ+04KWcWFo9P5MxPZYSzUvyzmdTbI7Eix8Q4IbELDqzKg==} - engines: {node: '>=0.10.0'} - dependencies: - expand-tilde: 2.0.2 - homedir-polyfill: 1.0.3 - ini: 1.3.8 - is-windows: 1.0.2 - which: 1.3.1 - dev: false - - /global-prefix@3.0.0: - resolution: {integrity: sha512-awConJSVCHVGND6x3tmMaKcQvwXLhjdkmomy2W+Goaui8YPgYgXJZewhg3fWC+DlfqqQuWg8AwqjGTD2nAPVWg==} - engines: {node: '>=6'} - dependencies: - ini: 1.3.8 - kind-of: 6.0.3 - which: 1.3.1 - dev: false - /global@4.4.0: resolution: {integrity: sha512-wv/LAoHdRE3BeTGz53FAamhGlPLhlssK45usmGFThIi4XqnBmjKQ16u+RNbP7WvigRZDxUsM0J3gcQ5yicaL0w==} dependencies: @@ -21861,6 +21685,7 @@ packages: ignore: 5.3.1 merge2: 1.4.1 slash: 3.0.0 + dev: true /globby@9.2.0: resolution: {integrity: sha512-ollPHROa5mcxDEkwg6bPt3QbEf4pDQSNtd6JPL1YvOvAo/7/0VAm9TccUeoTmarjPw4pfUthSCqcyfNB1I3ZSg==} @@ -21940,11 +21765,6 @@ packages: uglify-js: 3.17.4 dev: true - /hard-rejection@2.1.0: - resolution: {integrity: sha512-VIZB+ibDhx7ObhAe7OVtoEbuP4h/MuOTHJ+J8h/eBXotJYl0fBgR72xDFCKgIh22OJZIOVNxBMWuhAr10r8HdA==} - engines: {node: '>=6'} - dev: false - /has-bigints@1.0.2: resolution: {integrity: sha512-tSvCKtBr9lkF0Ex0aQiP9N+OpV4zi2r/Nee5VkRDbaqv35RLYMzbwQfFSZZH0kR+Rd6302UJZ2p/bJCEoR3VoQ==} @@ -22120,14 +21940,6 @@ packages: resolution: {integrity: sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==} hasBin: true - /highlight-es@1.0.3: - resolution: {integrity: sha512-s/SIX6yp/5S1p8aC/NRDC1fwEb+myGIfp8/TzZz0rtAv8fzsdX7vGl3Q1TrXCsczFq8DI3CBFBCySPClfBSdbg==} - dependencies: - chalk: 2.4.2 - is-es2016-keyword: 1.0.0 - js-tokens: 3.0.2 - dev: false - /highlight.js@10.7.3: resolution: {integrity: sha512-tzcUFauisWKNHaRkN4Wjl/ZA07gENAjFl3J/c480dprkGTg5EQstgaNFqBfUqCq54kZRIEcreTsAgF/m2quD7A==} dev: true @@ -22150,13 +21962,6 @@ packages: dependencies: react-is: 16.13.1 - /homedir-polyfill@1.0.3: - resolution: {integrity: sha512-eSmmWE5bZTK2Nou4g0AI3zZ9rswp7GRKoKXS1BLUkvPviOqs4YTN1djQIqrXy9k5gEtdLPy86JjRwsNM9tnDcA==} - engines: {node: '>=0.10.0'} - dependencies: - parse-passwd: 1.0.0 - dev: false - /hosted-git-info@2.8.9: resolution: {integrity: sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw==} @@ -22552,6 +22357,7 @@ packages: /indent-string@4.0.0: resolution: {integrity: sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==} engines: {node: '>=8'} + dev: true /indent-string@5.0.0: resolution: {integrity: sha512-m6FAo/spmsW2Ab2fU35JTYwtOKa2yAwXSwgjSv1TJzh4Mh7mC3lzAOVLBprb72XsTrgkEIsl7YrFNAiDiRhIGg==} @@ -22588,25 +22394,6 @@ packages: resolution: {integrity: sha512-7NXolsK4CAS5+xvdj5OMMbI962hU/wvwoxk+LWR9Ek9bVtyuuYScDN6eS0rUm6TxApFpw7CX1o4uJzcd4AyD3Q==} dev: true - /inquirer@7.3.3: - resolution: {integrity: sha512-JG3eIAj5V9CwcGvuOmoo6LB9kbAYT8HXffUl6memuszlwDC/qvFAJw49XJ5NROSFNPxp3iQg1GqkFhaY/CR0IA==} - engines: {node: '>=8.0.0'} - dependencies: - ansi-escapes: 4.3.2 - chalk: 4.1.2 - cli-cursor: 3.1.0 - cli-width: 3.0.0 - external-editor: 3.1.0 - figures: 3.0.0 - lodash: 4.17.21 - mute-stream: 0.0.8 - run-async: 2.4.1 - rxjs: 6.6.7 - string-width: 4.2.3 - strip-ansi: 6.0.1 - through: 2.3.8 - dev: false - /inquirer@8.2.7: resolution: {integrity: sha512-UjOaSel/iddGZJ5xP/Eixh6dY1XghiBw4XK13rCCIJcJfyhhoul/7KhLLUGtebEj6GDYM6Vnx/mVsjx2L/mFIA==} engines: {node: '>=12.0.0'} @@ -22862,10 +22649,6 @@ packages: is-window: 1.0.2 dev: true - /is-es2016-keyword@1.0.0: - resolution: {integrity: sha512-JtZWPUwjdbQ1LIo9OSZ8MdkWEve198ors27vH+RzUUvZXXZkzXCxFnlUhzWYxy5IexQSRiXVw9j2q/tHMmkVYQ==} - dev: false - /is-extendable@0.1.1: resolution: {integrity: sha512-5BMULNob1vgFX6EjQw5izWDxrecWK9AM72rugNr0TFldMOi0fj6Jk+zeKIt0xGj4cEfQIJth4w3OKWOJ4f+AFw==} engines: {node: '>=0.10.0'} @@ -23002,11 +22785,6 @@ packages: resolution: {integrity: sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ==} engines: {node: '>=8'} - /is-plain-obj@1.1.0: - resolution: {integrity: sha512-yvkRyxmFKEOQ4pNXCmJG5AEQNlXJS5LaONXo5/cLdTZdWvsZ1ioJEonLGAosKlMWE8lwUy/bJzMjcw8az73+Fg==} - engines: {node: '>=0.10.0'} - dev: false - /is-plain-obj@2.1.0: resolution: {integrity: sha512-YWnfyRwxL/+SsrWYfOpUtz5b3YD+nyfkHvjbcanzk8zgyO4ASD67uVMRt8k5bM4lLMDnXfriRhOpemw+NfT1eA==} engines: {node: '>=8'} @@ -24007,10 +23785,6 @@ packages: engines: {node: '>= 0.8'} dev: true - /js-tokens@3.0.2: - resolution: {integrity: sha512-RjTcuD4xjtthQkaWH7dFlH85L+QaVtSoOyGdZ3g6HFhS9dFNDfLyqgm2NFe2X6cQpeFmt0452FJjFG5UameExg==} - dev: false - /js-tokens@4.0.0: resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==} @@ -24443,16 +24217,6 @@ packages: type-fest: 0.6.0 dev: false - /load-yaml-file@0.2.0: - resolution: {integrity: sha512-OfCBkGEw4nN6JLtgRidPX6QxjBQGQf72q3si2uvqyFEMbycSFFHwAZeXx6cJgFM9wmLrf9zBwCP3Ivqa+LLZPw==} - engines: {node: '>=6'} - dependencies: - graceful-fs: 4.2.11 - js-yaml: 3.14.1 - pify: 4.0.1 - strip-bom: 3.0.0 - dev: false - /loader-runner@2.4.0: resolution: {integrity: sha512-Jsmr89RcXGIwivFY21FcRrisYZfvLMTWx5kOLc+JTxtpBOG6xML0vzbc6SEQG2FO9/4Fc3wW4LVcB5DmGflaRw==} engines: {node: '>=4.3.0 <5.0.0 || >=5.10'} @@ -24646,13 +24410,6 @@ packages: dependencies: yallist: 4.0.0 - /magic-string@0.30.8: - resolution: {integrity: sha512-ISQTe55T2ao7XtlAStud6qwYPZjE4GK1S/BeVPus4jrq6JuOnQ00YKQC581RWhR122W7msZV263KzVeLoqidyQ==} - engines: {node: '>=12'} - dependencies: - '@jridgewell/sourcemap-codec': 1.4.15 - dev: false - /make-dir@2.1.0: resolution: {integrity: sha512-LS9X+dc8KLxXCb8dni79fLIIUA5VyZoyjSMCwTluaXA0o27cCK0bhXkpgw+sTXVpPy/lSO57ilRixqk0vDmtRA==} engines: {node: '>=6'} @@ -24711,16 +24468,6 @@ packages: resolution: {integrity: sha512-8y/eV9QQZCiyn1SprXSrCmqJN0yNRATe+PO8ztwqrvrbdRLA3eYJF0yaR0YayLWkMbsQSKWS9N2gPcGEc4UsZg==} engines: {node: '>=0.10.0'} - /map-obj@1.0.1: - resolution: {integrity: sha512-7N/q3lyZ+LVCp7PzuxrJr4KMbBE2hW7BT7YNia330OFxIf4d3r5zVpicP2650l7CPN6RM9zOJRl3NGpqSiw3Eg==} - engines: {node: '>=0.10.0'} - dev: false - - /map-obj@4.3.0: - resolution: {integrity: sha512-hdN1wVrZbb29eBGiGjJbeP8JbKjq1urkHJ/LIP/NY48MZ1QVXUsQBV1G1zvYFHn1XE06cwjBsOI2K3Ulnj1YXQ==} - engines: {node: '>=8'} - dev: false - /map-or-similar@1.5.0: resolution: {integrity: sha512-0aF7ZmVon1igznGI4VS30yugpduQW3y3GkcgGJOp7d8x8QrizhigUxjI/m2UojsXXto+jLAH3KSz+xOJTiORjg==} dev: true @@ -24859,24 +24606,6 @@ packages: errno: 0.1.8 readable-stream: 2.3.8 - /meow@9.0.0: - resolution: {integrity: sha512-+obSblOQmRhcyBt62furQqRAQpNyWXo8BuQ5bN7dG8wmwQ+vwHKp/rCFD4CrTP8CsDQD1sjoZ94K417XEUk8IQ==} - engines: {node: '>=10'} - dependencies: - '@types/minimist': 1.2.5 - camelcase-keys: 6.2.2 - decamelize: 1.2.0 - decamelize-keys: 1.1.1 - hard-rejection: 2.1.0 - minimist-options: 4.1.0 - normalize-package-data: 3.0.3 - read-pkg-up: 7.0.1 - redent: 3.0.0 - trim-newlines: 3.0.1 - type-fest: 0.18.1 - yargs-parser: 20.2.9 - dev: false - /merge-descriptors@1.0.3: resolution: {integrity: sha512-gaNvAS7TZ897/rVaZ0nMtAyxNyi/pdbjbAwUpFQpN70GqnVfOiXpeUUMKRBmzXaSQ8DdTX4/0ms62r2K+hE6mQ==} @@ -24991,6 +24720,7 @@ packages: /min-indent@1.0.1: resolution: {integrity: sha512-I9jwMn07Sy/IwOj3zVkVik2JTvgpaykDZEigL6Rx6N9LbMywwUSMtxET+7lVoDLLd3O3IXwJwvuuns8UB/HeAg==} engines: {node: '>=4'} + dev: true /mini-css-extract-plugin@2.5.3(webpack@5.98.0): resolution: {integrity: sha512-YseMB8cs8U/KCaAGQoqYmfUuhhGW0a9p9XvWXrxVOkE3/IiISTLw4ALNt7JR5B2eYauFM+PQGSbXMDmVbR7Tfw==} @@ -25033,13 +24763,6 @@ packages: brace-expansion: 2.0.1 dev: true - /minimatch@7.4.6: - resolution: {integrity: sha512-sBz8G/YjVniEz6lKPNpKxXwazJe4c19fEfV2GDMX6AjFz+MX9uDWIZW8XreVhkFW3fkIdTv/gxWr/Kks5FFAVw==} - engines: {node: '>=10'} - dependencies: - brace-expansion: 2.0.1 - dev: false - /minimatch@9.0.3: resolution: {integrity: sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==} engines: {node: '>=16 || 14 >=14.17'} @@ -25053,15 +24776,6 @@ packages: dependencies: brace-expansion: 2.0.1 - /minimist-options@4.1.0: - resolution: {integrity: sha512-Q4r8ghd80yhO/0j1O3B2BjweX3fiHg9cdOwjJd2J76Q135c+NDxGCqdYKQ1SKBuFfgWbAUzBfvYjPUEeNgqN1A==} - engines: {node: '>= 6'} - dependencies: - arrify: 1.0.1 - is-plain-obj: 1.1.0 - kind-of: 6.0.3 - dev: false - /minimist@1.2.8: resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==} @@ -25232,17 +24946,6 @@ packages: thunky: 1.1.0 dev: false - /multimatch@5.0.0: - resolution: {integrity: sha512-ypMKuglUrZUD99Tk2bUQ+xNQj43lPEfAeX2o9cTteAmShXy2VHDJpuwu1o0xqoKCt9jLVAvwyFKdLTPXKAfJyA==} - engines: {node: '>=10'} - dependencies: - '@types/minimatch': 3.0.5 - array-differ: 3.0.0 - array-union: 2.1.0 - arrify: 2.0.1 - minimatch: 3.1.2 - dev: false - /mute-stream@0.0.8: resolution: {integrity: sha512-nnbWWOkoWyUsTjKrhgD0dcz22mdkSnpYqbEjIm2nhwhuxlSkpywJmBo8h0ZqJdkp73mb90SssHkN4rsRaBAfAA==} dev: false @@ -25354,12 +25057,6 @@ packages: minimatch: 3.1.2 dev: true - /node-emoji@1.11.0: - resolution: {integrity: sha512-wo2DpQkQp7Sjm2A0cq+sN7EHKO6Sl0ctXeBdFZrL9T9+UywORbufTcTZxom8YqpLQt/FqNMUkOpkZrJVYSKD3A==} - dependencies: - lodash: 4.17.21 - dev: false - /node-fetch@2.6.7: resolution: {integrity: sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==} engines: {node: 4.x || >=6.0.0} @@ -25483,42 +25180,6 @@ packages: npm-normalize-package-bin: 1.0.1 dev: false - /npm-check@6.0.1: - resolution: {integrity: sha512-tlEhXU3689VLUHYEZTS/BC61vfeN2xSSZwoWDT6WLuenZTpDmGmNT5mtl15erTR0/A15ldK06/NEKg9jYJ9OTQ==} - engines: {node: '>=10.9.0'} - hasBin: true - dependencies: - callsite-record: 4.1.5 - chalk: 4.1.2 - co: 4.6.0 - depcheck: 1.4.7 - execa: 5.1.1 - giturl: 1.0.3 - global-modules: 2.0.0 - globby: 11.1.0 - inquirer: 7.3.3 - is-ci: 2.0.0 - lodash: 4.17.21 - meow: 9.0.0 - minimatch: 3.1.2 - node-emoji: 1.11.0 - ora: 5.4.1 - package-json: 7.0.0 - path-exists: 4.0.0 - pkg-dir: 5.0.0 - preferred-pm: 3.1.3 - rc-config-loader: 4.1.3 - semver: 7.5.4 - semver-diff: 3.1.1 - strip-ansi: 6.0.1 - text-table: 0.2.0 - throat: 6.0.2 - update-notifier: 5.1.0 - xtend: 4.0.2 - transitivePeerDependencies: - - supports-color - dev: false - /npm-normalize-package-bin@1.0.1: resolution: {integrity: sha512-EPfafl6JL5/rU+ot6P3gRSCpPDW5VmIzX959Ob1+ySFUuuYHWHekXpwdUZcKP5C+DS4GEtdJluwBjnsNDl+fSA==} dev: false @@ -26023,11 +25684,6 @@ packages: json-parse-even-better-errors: 2.3.1 lines-and-columns: 1.2.4 - /parse-passwd@1.0.0: - resolution: {integrity: sha512-1Y1A//QUXEZK7YKz+rD9WydcE1+EuPr6ZBgKecAB8tmoW6UFv0NREVJe1p+jRxtThkcbbKkfwIbWJe/IeE6m2Q==} - engines: {node: '>=0.10.0'} - dev: false - /parse-semver@1.1.1: resolution: {integrity: sha512-Eg1OuNntBMH0ojvEKSrvDSnwLmvVuUOSdylH/pSCPNMIspLlweJyIWXCE+k/5hm3cj/EBUYwmWkjhBALNP4LXQ==} dependencies: @@ -26171,18 +25827,6 @@ packages: resolution: {integrity: sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==} engines: {node: '>=6'} - /pinkie-promise@2.0.1: - resolution: {integrity: sha512-0Gni6D4UcLTbv9c57DfxDGdr41XfgUjqWZu492f0cIGr16zDU06BWP/RAEvOuo7CQ0CNjHaLlM59YJJFm3NWlw==} - engines: {node: '>=0.10.0'} - dependencies: - pinkie: 2.0.4 - dev: false - - /pinkie@2.0.4: - resolution: {integrity: sha512-MnUuEycAemtSaeFSjXKW/aroV7akBbY+Sv+RkyqFjgAe73F+MR0TBWKBRDkmfWq/HiFmdavfZ1G7h4SPZXaCSg==} - engines: {node: '>=0.10.0'} - dev: false - /pino-std-serializers@3.2.0: resolution: {integrity: sha512-EqX4pwDPrt3MuOAAUBMU0Tk5kR/YcCM5fNPEzgCO2zJ5HfX0vbiH9HbJglnyeQsN96Kznae6MWD47pZB5avTrg==} dev: false @@ -26220,12 +25864,14 @@ packages: engines: {node: '>=8'} dependencies: find-up: 4.1.0 + dev: true /pkg-dir@5.0.0: resolution: {integrity: sha512-NPE8TDbzl/3YQYY7CSS228s3g2ollTFnc+Qi3tqmqJp9Vg2ovUpixcJEo2HJScN2Ez+kEaal6y70c0ehqJBJeA==} engines: {node: '>=10'} dependencies: find-up: 5.0.0 + dev: true /pkg-up@3.1.0: resolution: {integrity: sha512-nDywThFk1i4BQK4twPQ6TA4RT8bDY96yeuCVBWL3ePARCiEKDRSrNGbFIgUJpLp+XeIR65v8ra7WuJOFUBtkMA==} @@ -26234,12 +25880,6 @@ packages: find-up: 3.0.0 dev: true - /please-upgrade-node@3.2.0: - resolution: {integrity: sha512-gQR3WpIgNIKwBMVLkpMUeR3e1/E1y42bqDQZfql+kDeXd8COYfM8PQA4X6y7a8u9Ua9FHmsrrmirW2vHs45hWg==} - dependencies: - semver-compare: 1.0.0 - dev: false - /pnp-webpack-plugin@1.6.4(typescript@5.8.2): resolution: {integrity: sha512-7Wjy+9E3WwLOEL30D+m8TSTF7qJJUJLONBnwQp0518siuMxUQUbgZwssaFX+QKlZkjHZcw/IpZCt/H0srrntSg==} engines: {node: '>=6'} @@ -26738,16 +26378,6 @@ packages: dev: false optional: true - /preferred-pm@3.1.3: - resolution: {integrity: sha512-MkXsENfftWSRpzCzImcp4FRsCc3y1opwB73CfCNWyzMqArju2CrlMHlqB7VexKiPEOjGMbttv1r9fSCn5S610w==} - engines: {node: '>=10'} - dependencies: - find-up: 5.0.0 - find-yarn-workspace-root2: 1.2.16 - path-exists: 4.0.0 - which-pm: 2.0.0 - dev: false - /prelude-ls@1.2.1: resolution: {integrity: sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==} engines: {node: '>= 0.8.0'} @@ -27039,11 +26669,6 @@ packages: resolution: {integrity: sha512-tYC1Q1hgyRuHgloV/YXs2w15unPVh8qfu/qCTfhTYamaw7fyhumKa2yGpdSo87vY32rIclj+4fWYQXUMs9EHvg==} dev: false - /quick-lru@4.0.1: - resolution: {integrity: sha512-ARhCpm70fzdcvNQfPoy49IaanKkTlRWF2JMzqhcJbhSFRZv7nPTvZJdcY7301IPmvW+/p0RgIWnQDLJxifsQ7g==} - engines: {node: '>=8'} - dev: false - /quick-lru@5.1.1: resolution: {integrity: sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA==} engines: {node: '>=10'} @@ -27101,17 +26726,6 @@ packages: webpack: 4.47.0 dev: true - /rc-config-loader@4.1.3: - resolution: {integrity: sha512-kD7FqML7l800i6pS6pvLyIE2ncbk9Du8Q0gp/4hMPhJU6ZxApkoLcGD8ZeqgiAlfwZ6BlETq6qqe+12DUL207w==} - dependencies: - debug: 4.4.0(supports-color@8.1.1) - js-yaml: 4.1.0 - json5: 2.2.3 - require-from-string: 2.0.2 - transitivePeerDependencies: - - supports-color - dev: false - /rc@1.2.8: resolution: {integrity: sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==} hasBin: true @@ -27422,6 +27036,7 @@ packages: find-up: 4.1.0 read-pkg: 5.2.0 type-fest: 0.8.1 + dev: true /read-pkg@5.2.0: resolution: {integrity: sha512-Ug69mNOpfvKDAc2Q8DRpMjjzdtrnv9HcSMX+4VsZxD1aZ6ZzrIE7rlzXBtWTyhULSMKg076AW6WR5iZpD0JiOg==} @@ -27431,6 +27046,7 @@ packages: normalize-package-data: 2.5.0 parse-json: 5.2.0 type-fest: 0.6.0 + dev: true /read-yaml-file@2.1.0: resolution: {integrity: sha512-UkRNRIwnhG+y7hpqnycCL/xbTk7+ia9VuVTC0S+zVbwd65DI9eUpRMfsWIGrCWxTU/mi+JW8cHQCrv+zfCbEPQ==} @@ -27532,14 +27148,6 @@ packages: resolve: 1.22.8 dev: true - /redent@3.0.0: - resolution: {integrity: sha512-6tDA8g98We0zd0GvVeMT9arEOnTw9qM03L9cJXaCjrip1OO764RDBLBfrB4cwzNGDj5OA5ioymC9GkizgWJDUg==} - engines: {node: '>=8'} - dependencies: - indent-string: 4.0.0 - strip-indent: 3.0.0 - dev: false - /redux-thunk@2.4.2(redux@4.2.1): resolution: {integrity: sha512-+P3TjtnP0k/FEjcBL5FZpoovtvrTNT/UXd4/sluaSyrURlSlhLSzEdfsTBW7WsKB6yPvgd7q/iZPICFjW4o57Q==} peerDependencies: @@ -27766,6 +27374,7 @@ packages: /require-directory@2.1.1: resolution: {integrity: sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==} engines: {node: '>=0.10.0'} + dev: true /require-from-string@2.0.2: resolution: {integrity: sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==} @@ -27775,10 +27384,6 @@ packages: resolution: {integrity: sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==} dev: true - /require-package-name@2.0.1: - resolution: {integrity: sha512-uuoJ1hU/k6M0779t3VMVIYpb2VMJk05cehCaABFhXaibcbvfgR8wKiozLjVFSzJPmQMRqIcO0HMyTFqfV09V6Q==} - dev: false - /requires-port@1.0.0: resolution: {integrity: sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ==} @@ -27796,14 +27401,6 @@ packages: resolve-from: 5.0.0 dev: true - /resolve-dir@1.0.1: - resolution: {integrity: sha512-R7uiTjECzvOsWSfdM0QKFNBVFcK27aHOUwdvK53BcW8zqnGdYp0Fbj82cy54+2A4P2tFM22J5kRfe1R+lM/1yg==} - engines: {node: '>=0.10.0'} - dependencies: - expand-tilde: 2.0.2 - global-modules: 1.0.0 - dev: false - /resolve-from@4.0.0: resolution: {integrity: sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==} engines: {node: '>=4'} @@ -28388,10 +27985,6 @@ packages: node-forge: 1.3.1 dev: false - /semver-compare@1.0.0: - resolution: {integrity: sha512-YM3/ITh2MJ5MtzaM429anh+x2jiLVjqILF4m4oyQB18W7Ggea7BfqdH/wGMK7dDiMghv/6WG7znWMwUDzJiXow==} - dev: false - /semver-diff@3.1.1: resolution: {integrity: sha512-GX0Ix/CJcHyB8c4ykpHGIAvLyOwOobtM/8d+TQkAd81/bEjgPHrfba41Vpesr7jX/t8Uh+R3EX9eAS5be+jQYg==} engines: {node: '>=8'} @@ -29015,6 +28608,7 @@ packages: /stackframe@1.3.4: resolution: {integrity: sha512-oeVtt7eWQS+Na6F//S4kJ2K2VbRlS9D43mAlMyVpVWovy9o+jfgH8O9agzANzaiLjclA0oYzUXEM4PurhSUChw==} + dev: true /state-toggle@1.0.3: resolution: {integrity: sha512-d/5Z4/2iiCnHw6Xzghyhb+GcmF89bxwgXG60wjIiZaxnymbyOmI8Hk4VqHXiVVp6u2ysaskFfXg3ekCj4WNftQ==} @@ -29298,6 +28892,7 @@ packages: engines: {node: '>=8'} dependencies: min-indent: 1.0.1 + dev: true /strip-json-comments@2.0.1: resolution: {integrity: sha512-4gB8na07fecVVkOI6Rs4e7T6NOTki5EmL7TUduTs6bu3EdnSycntVJ4re8kgZA+wx9IueI2Y11bfbgwtzuE0KQ==} @@ -29659,6 +29254,7 @@ packages: /text-table@0.2.0: resolution: {integrity: sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==} + dev: true /thenify-all@1.6.0: resolution: {integrity: sha512-RNxQH/qI8/t3thXJDwcstUO4zeqo64+Uy/+sNVRBx4Xn2OX+OZ9oP+iJnNFqplFra2ZUVeKCSa2oVWi3T4uVmA==} @@ -29729,13 +29325,6 @@ packages: picomatch: 4.0.2 dev: false - /tmp@0.0.33: - resolution: {integrity: sha512-jRCJlojKnZ3addtTOjdIqoRuPEKBvNXcGYqzO6zWZX8KfKEpnGY5jfggJQ3EjKuu8D4bJRr0y+cYJFmYbImXGw==} - engines: {node: '>=0.6.0'} - dependencies: - os-tmpdir: 1.0.2 - dev: false - /tmp@0.2.3: resolution: {integrity: sha512-nZD7m9iCPC5g0pYmcaxogYKggSfLsdxl8of3Q/oIbqCqLLIO9IAF0GWjX1z9NZRHPiXv8Wex4yDCaZsgEw0Y8w==} engines: {node: '>=14.14'} @@ -29822,11 +29411,6 @@ packages: dependencies: tslib: 2.8.1 - /trim-newlines@3.0.1: - resolution: {integrity: sha512-c1PTsA3tYrIsLGkJkzHF+w9F2EyxfXGo4UyJc4pFL++FMjnq0HJS69T3M7d//gKrFKwy429bouPescbjecU+Zw==} - engines: {node: '>=8'} - dev: false - /trim-trailing-lines@1.1.4: resolution: {integrity: sha512-rjUWSqnfTNrjbB9NQWfPMH/xRK1deHeGsHoVfpxJ++XeYXE0d6B1En37AHfw3jtfTU7dzMzZL2jjpe8Qb5gLIQ==} dev: true @@ -30074,11 +29658,6 @@ packages: resolution: {integrity: sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==} engines: {node: '>=4'} - /type-fest@0.18.1: - resolution: {integrity: sha512-OIAYXk8+ISY+qTOwkHtKqzAuxchoMiD9Udx+FSGQDuiRR+PJKJHc2NJAXlbhkGwTt/4/nKZxELY1w3ReWOL8mw==} - engines: {node: '>=10'} - dev: false - /type-fest@0.20.2: resolution: {integrity: sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==} engines: {node: '>=10'} @@ -30094,6 +29673,7 @@ packages: /type-fest@0.8.1: resolution: {integrity: sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA==} engines: {node: '>=8'} + dev: true /type-fest@2.19.0: resolution: {integrity: sha512-RAH822pAdBgcNMAfWnCBU3CFZcfZ/i1eZjwFU/dsLKumyuuP3niueg2UAukXYF0E2AAoc82ZSSf9J0WQBinzHA==} @@ -31248,14 +30828,6 @@ packages: resolution: {integrity: sha512-iBdZ57RDvnOR9AGBhML2vFZf7h8vmBjhoaZqODJBFWHVtKkDmKuHai3cx5PgVMrX5YDNp27AofYbAwctSS+vhQ==} dev: true - /which-pm@2.0.0: - resolution: {integrity: sha512-Lhs9Pmyph0p5n5Z3mVnN0yWcbQYUAD7rbQUiMsQxOJ3T57k7RFe35SUwWMf7dsbDZks1uOmw4AecB/JMDj3v/w==} - engines: {node: '>=8.15'} - dependencies: - load-yaml-file: 0.2.0 - path-exists: 4.0.0 - dev: false - /which-typed-array@1.1.15: resolution: {integrity: sha512-oV0jmFtUky6CXfkqehVvBP/LSWJ2sy4vWMioiENyJLePrBO/yKyV9OyJySfAKosh+RYkIl5zJCNZ8/4JncrpdA==} engines: {node: '>= 0.4'} @@ -31283,6 +30855,7 @@ packages: hasBin: true dependencies: isexe: 2.0.0 + dev: true /which@2.0.2: resolution: {integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==} @@ -31495,6 +31068,7 @@ packages: /y18n@5.0.8: resolution: {integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==} engines: {node: '>=10'} + dev: true /yallist@3.1.1: resolution: {integrity: sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==} @@ -31528,6 +31102,7 @@ packages: /yargs-parser@20.2.9: resolution: {integrity: sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==} engines: {node: '>=10'} + dev: true /yargs-parser@21.1.1: resolution: {integrity: sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==} @@ -31572,6 +31147,7 @@ packages: string-width: 4.2.3 y18n: 5.0.8 yargs-parser: 20.2.9 + dev: true /yargs@17.7.2: resolution: {integrity: sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==} diff --git a/common/config/subspaces/default/repo-state.json b/common/config/subspaces/default/repo-state.json index 7d287129e85..701cfc22e39 100644 --- a/common/config/subspaces/default/repo-state.json +++ b/common/config/subspaces/default/repo-state.json @@ -1,5 +1,5 @@ // DO NOT MODIFY THIS FILE MANUALLY BUT DO COMMIT IT. It is generated and used by Rush. { - "pnpmShrinkwrapHash": "0786622d1159b3ecef516f25da3beac2c0701039", + "pnpmShrinkwrapHash": "68225a33d8de23e74b70c8aece7af140fa09d541", "preferredVersionsHash": "a9b67c38568259823f9cfb8270b31bf6d8470b27" } diff --git a/libraries/npm-check-fork/.npmignore b/libraries/npm-check-fork/.npmignore new file mode 100644 index 00000000000..bc349f9a4be --- /dev/null +++ b/libraries/npm-check-fork/.npmignore @@ -0,0 +1,32 @@ +# THIS IS A STANDARD TEMPLATE FOR .npmignore FILES IN THIS REPO. + +# Ignore all files by default, to avoid accidentally publishing unintended files. +* + +# Use negative patterns to bring back the specific things we want to publish. +!/bin/** +!/lib/** +!/lib-*/** +!/dist/** + +!CHANGELOG.md +!CHANGELOG.json +!heft-plugin.json +!rush-plugin-manifest.json +!ThirdPartyNotice.txt + +# Ignore certain patterns that should not get published. +/dist/*.stats.* +/lib/**/test/ +/lib-*/**/test/ +*.test.js + +# NOTE: These don't need to be specified, because NPM includes them automatically. +# +# package.json +# README.md +# LICENSE + +# --------------------------------------------------------------------------- +# DO NOT MODIFY ABOVE THIS LINE! Add any project-specific overrides below. +# --------------------------------------------------------------------------- diff --git a/libraries/npm-check-fork/LICENSE b/libraries/npm-check-fork/LICENSE new file mode 100644 index 00000000000..b7b33fb69c7 --- /dev/null +++ b/libraries/npm-check-fork/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) Dylan Greene + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. \ No newline at end of file diff --git a/libraries/npm-check-fork/README.md b/libraries/npm-check-fork/README.md new file mode 100644 index 00000000000..c4a6296956d --- /dev/null +++ b/libraries/npm-check-fork/README.md @@ -0,0 +1,31 @@ +# @rushstack/npm-check-fork + +This package is a temporary rushstack maintained fork of [`npm-check`](https://github.com/dylang/npm-check), used internally by `rush upgrade-interactive`. It exists to address security vulnerabilities and compatibility issues present in the latest upstream version. + +**Origin:** +- Forked from [`npm-check`](https://github.com/dylang/npm-check) +- Original copyright: + ``` + Copyright (c) 2015 Dylan Greene + Licensed under the MIT license. + ``` + +**Purpose:** +This fork is expected to be temporary and will be removed once upstream issues are resolved. + +## Changes from Upstream + +- **Removed unused state properties:** + Properties from the state object that were never set or used have been removed (see `INpmCheckState`). +- **Removed `peerDependencies` from `INpmCheckPackageSummary`:** + This property was deprecated in `npm-check` and was never set. +- **Removed emoji support:** + Emoji output was never used in rushstack/rush-lib and has been stripped out. +- **Downgraded `path-exists` dependency:** + The latest version of `path-exists` is ESM-only; this fork uses a compatible CommonJS version. +- **Removed `semverDiff` dependency:** + This was deprecated and its functionality has been replaced by direct usage of `semver`. + +## License + +This fork retains the original MIT license from `npm-check`. diff --git a/libraries/npm-check-fork/config/rig.json b/libraries/npm-check-fork/config/rig.json new file mode 100644 index 00000000000..165ffb001f5 --- /dev/null +++ b/libraries/npm-check-fork/config/rig.json @@ -0,0 +1,7 @@ +{ + // The "rig.json" file directs tools to look for their config files in an external package. + // Documentation for this system: https://www.npmjs.com/package/@rushstack/rig-package + "$schema": "https://developer.microsoft.com/json-schemas/rig-package/rig.schema.json", + + "rigPackageName": "local-node-rig" +} diff --git a/libraries/npm-check-fork/eslint.config.js b/libraries/npm-check-fork/eslint.config.js new file mode 100644 index 00000000000..9175fbaa4cd --- /dev/null +++ b/libraries/npm-check-fork/eslint.config.js @@ -0,0 +1,22 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license. +// See LICENSE in the project root for license information. + +const nodeTrustedToolProfile = require('local-node-rig/profiles/default/includes/eslint/flat/profile/node-trusted-tool'); +const friendlyLocalsMixin = require('local-node-rig/profiles/default/includes/eslint/flat/mixins/friendly-locals'); + +module.exports = [ + ...nodeTrustedToolProfile, + ...friendlyLocalsMixin, + { + files: ['**/*.ts', '**/*.tsx'], + languageOptions: { + parserOptions: { + tsconfigRootDir: __dirname + } + }, + rules: { + // This package is a fork, so it carries the original copyright. + 'headers/header-format': 'off' + } + } +]; diff --git a/libraries/npm-check-fork/package.json b/libraries/npm-check-fork/package.json new file mode 100644 index 00000000000..9791988d6d1 --- /dev/null +++ b/libraries/npm-check-fork/package.json @@ -0,0 +1,34 @@ +{ + "name": "@rushstack/npm-check-fork", + "version": "0.0.1", + "description": "A fork of npm-check.", + "repository": { + "type": "git", + "url": "https://github.com/microsoft/rushstack.git", + "directory": "libraries/npm-check-fork" + }, + "homepage": "https://github.com/dylang/npm-check", + "main": "lib/index.js", + "typings": "lib/index.d.ts", + "license": "MIT", + "scripts": { + "build": "heft build --clean", + "test": "heft test --clean", + "_phase:build": "heft run --only build -- --clean", + "_phase:test": "heft run --only test -- --clean" + }, + "dependencies": { + "giturl": "^2.0.0", + "lodash": "~4.17.15", + "package-json": "^10.0.1", + "semver": "~7.5.4", + "throat": "^6.0.2" + }, + "devDependencies": { + "@rushstack/heft": "workspace:*", + "@types/lodash": "4.14.116", + "@types/semver": "7.5.0", + "local-node-rig": "workspace:*", + "eslint": "~9.37.0" + } +} diff --git a/libraries/npm-check-fork/src/BestGuessHomepage.ts b/libraries/npm-check-fork/src/BestGuessHomepage.ts new file mode 100644 index 00000000000..fd7a6380084 --- /dev/null +++ b/libraries/npm-check-fork/src/BestGuessHomepage.ts @@ -0,0 +1,23 @@ +/// + +import gitUrl from 'giturl'; + +import type { INpmCheckPackageVersion, INpmCheckRegistryData } from './interfaces/INpmCheckRegistry'; + +export default function bestGuessHomepage(data: INpmCheckRegistryData | undefined): string | false { + if (!data) { + return false; + } + const packageDataForLatest: INpmCheckPackageVersion = data.versions[data['dist-tags'].latest]; + + return packageDataForLatest + ? packageDataForLatest.homepage || + (packageDataForLatest.bugs && + packageDataForLatest.bugs.url && + gitUrl.parse(packageDataForLatest.bugs.url.trim())) || + (packageDataForLatest.repository && + packageDataForLatest.repository.url && + gitUrl.parse(packageDataForLatest.repository.url.trim())) || + false + : false; +} diff --git a/libraries/npm-check-fork/src/CreatePackageSummary.ts b/libraries/npm-check-fork/src/CreatePackageSummary.ts new file mode 100644 index 00000000000..5bdbf601037 --- /dev/null +++ b/libraries/npm-check-fork/src/CreatePackageSummary.ts @@ -0,0 +1,97 @@ +import { existsSync } from 'node:fs'; +import path from 'node:path'; + +import _ from 'lodash'; +import semver from 'semver'; + +import type { INpmCheckState, INpmCheckPackageJson } from './interfaces/INpmCheck.ts'; +import type { INpmCheckPackageSummary, INpmCheckVersionBumpType } from './interfaces/INpmCheckPackageSummary'; +import type { INpmRegistryInfo } from './interfaces/INpmCheckRegistry'; +import findModulePath from './FindModulePath'; +import getLatestFromRegistry from './GetLatestFromRegistry'; +import readPackageJson from './ReadPackageJson'; + +export default async function createPackageSummary( + moduleName: string, + state: INpmCheckState +): Promise { + const cwdPackageJson: INpmCheckPackageJson | undefined = state.cwdPackageJson; + + const modulePath: string = findModulePath(moduleName, state); + const packageIsInstalled: boolean = existsSync(modulePath); + const modulePackageJson: INpmCheckPackageJson = readPackageJson(path.join(modulePath, 'package.json')); + + // Ignore private packages + const isPrivate: boolean = Boolean(modulePackageJson.private); + if (isPrivate) { + return false; + } + + // Ignore packages that are using github or file urls + const packageJsonVersion: string | undefined = + cwdPackageJson?.dependencies[moduleName] || cwdPackageJson?.devDependencies[moduleName]; + if (packageJsonVersion && !semver.validRange(packageJsonVersion)) { + return false; + } + + return getLatestFromRegistry(moduleName).then((fromRegistry: INpmRegistryInfo) => { + const installedVersion: string | undefined = modulePackageJson.version; + const latest: string | undefined = + installedVersion && + fromRegistry.latest && + fromRegistry.next && + semver.gt(installedVersion, fromRegistry.latest) + ? fromRegistry.next + : fromRegistry.latest; + const versions: string[] = fromRegistry.versions || []; + let versionWanted: string | null = null; + if (packageJsonVersion) { + versionWanted = semver.maxSatisfying(versions, packageJsonVersion); + } + const versionToUse: string | undefined | null = installedVersion || versionWanted; + const usingNonSemver: boolean | '' | null = + latest !== undefined && semver.valid(latest) && semver.lt(latest, '1.0.0-pre'); + + let bump: INpmCheckVersionBumpType; + const bumpRaw: INpmCheckVersionBumpType = + semver.valid(latest) && + semver.valid(versionToUse) && + (usingNonSemver && versionToUse && latest + ? semver.diff(versionToUse, latest) + ? 'nonSemver' + : semver.diff(versionToUse, latest) + : versionToUse && latest + ? semver.diff(versionToUse, latest) + : undefined); + if (bumpRaw && bumpRaw !== null) { + bump = bumpRaw as INpmCheckVersionBumpType; + } else { + bump = undefined; + } + + return { + // info + moduleName: moduleName, + homepage: fromRegistry.homepage ?? '', + regError: new Error(fromRegistry.error), + pkgError: modulePackageJson.error, + + // versions + latest: latest ?? '', + installed: versionToUse === null ? '' : versionToUse, + notInstalled: !packageIsInstalled, + packageJson: packageJsonVersion ?? '', + + // meta + devDependency: _.has(cwdPackageJson?.devDependencies, moduleName), + mismatch: + packageJsonVersion !== undefined && + versionToUse !== null && + semver.validRange(packageJsonVersion) && + semver.valid(versionToUse) + ? !semver.satisfies(versionToUse, packageJsonVersion) + : false, + bump: bump + }; + }); +} diff --git a/libraries/npm-check-fork/src/FindModulePath.ts b/libraries/npm-check-fork/src/FindModulePath.ts new file mode 100644 index 00000000000..80aec8044d2 --- /dev/null +++ b/libraries/npm-check-fork/src/FindModulePath.ts @@ -0,0 +1,24 @@ +import { existsSync } from 'node:fs'; +import Module from 'node:module'; +import path from 'node:path'; + +import type { INpmCheckState } from './interfaces/INpmCheck.ts'; + +/** + * Searches the directory hierarchy to return the path to the requested node module. + * If the module can't be found, returns the initial (deepest) tried path. + */ +export default function findModulePath(moduleName: string, currentState: INpmCheckState): string { + const cwd: string = currentState.cwd; + + // Module._nodeModulePaths does not include some places the node module resolver searches, such as + // the global prefix or other special directories. This is desirable because if a module is missing + // in the project directory we want to be sure to report it as missing. + // We can't use require.resolve because it fails if the module doesn't have an entry point. + // @ts-ignore + const nodeModulesPaths: string[] = Module._nodeModulePaths(cwd); + const possibleModulePaths: string[] = nodeModulesPaths.map((x) => path.join(x, moduleName)); + const modulePath: string | undefined = possibleModulePaths.find((p) => existsSync(p)); + // if no existing path was found, return the first tried path anyway + return modulePath || path.join(cwd, moduleName); +} diff --git a/libraries/npm-check-fork/src/GetLatestFromRegistry.ts b/libraries/npm-check-fork/src/GetLatestFromRegistry.ts new file mode 100644 index 00000000000..d7dd2e97bf2 --- /dev/null +++ b/libraries/npm-check-fork/src/GetLatestFromRegistry.ts @@ -0,0 +1,45 @@ +import os from 'node:os'; + +import _ from 'lodash'; +import semver from 'semver'; +import packageJson from 'package-json'; +import throat from 'throat'; + +import bestGuessHomepage from './BestGuessHomepage'; +import type { INpmRegistryInfo } from './interfaces/INpmCheckRegistry'; + +const cpuCount: number = os.cpus().length; + +export default async function getNpmInfo(packageName: string): Promise { + const limit: () => Promise = throat(cpuCount, () => + packageJson(packageName, { fullMetadata: true, allVersions: true }) + ); + return limit() + .then((rawData: packageJson.FullMetadata) => { + const CRAZY_HIGH_SEMVER: string = '8000.0.0'; + const sortedVersions: string[] = _(rawData.versions) + .keys() + .remove(_.partial(semver.gt, CRAZY_HIGH_SEMVER)) + .sort(semver.compare) + .valueOf(); + + const latest: string = rawData['dist-tags'].latest; + const next: string = rawData['dist-tags'].next; + const latestStableRelease: string | undefined = semver.satisfies(latest, '*') + ? latest + : semver.maxSatisfying(sortedVersions, '*') || ''; + + return { + latest: latestStableRelease, + next: next, + versions: sortedVersions, + homepage: bestGuessHomepage(rawData) || '' + }; + }) + .catch((error) => { + const errorMessage: string = `Registry error ${error.message}`; + return { + error: errorMessage + }; + }); +} diff --git a/libraries/npm-check-fork/src/NpmCheck.ts b/libraries/npm-check-fork/src/NpmCheck.ts new file mode 100644 index 00000000000..aea2339a4c9 --- /dev/null +++ b/libraries/npm-check-fork/src/NpmCheck.ts @@ -0,0 +1,34 @@ +import _ from 'lodash'; + +import type { INpmCheckPackageJson, INpmCheckState } from './interfaces/INpmCheck.ts'; +import type { INpmCheckPackageSummary } from './interfaces/INpmCheckPackageSummary'; +import createPackageSummary from './CreatePackageSummary'; +import initializeState from './NpmCheckState'; + +export default async function NpmCheck(initialOptions?: INpmCheckState): Promise { + const state: INpmCheckState = await initializeState(initialOptions); + const cwdPackageJson: INpmCheckPackageJson | undefined = state.cwdPackageJson; + const allDependencies: Record | undefined = getDependencies(cwdPackageJson); + + let packages: INpmCheckPackageSummary[] = []; + if (allDependencies) { + const packageSummaryPromises: Promise[] = Object.keys( + allDependencies + ).map((moduleName: string) => createPackageSummary(moduleName, state)); + packages = await Promise.all(packageSummaryPromises).then( + (results: (INpmCheckPackageSummary | false)[]) => { + return results.filter((pkg): pkg is INpmCheckPackageSummary => pkg !== false); + } + ); + } + + return { ...state, packages }; +} + +function getDependencies(pkg: INpmCheckPackageJson | undefined): Record | undefined { + if (!pkg) { + return undefined; + } + + return _.extend(pkg.dependencies, pkg.devDependencies); +} diff --git a/libraries/npm-check-fork/src/NpmCheckState.ts b/libraries/npm-check-fork/src/NpmCheckState.ts new file mode 100644 index 00000000000..124a5b2f310 --- /dev/null +++ b/libraries/npm-check-fork/src/NpmCheckState.ts @@ -0,0 +1,27 @@ +import path from 'node:path'; + +import _ from 'lodash'; + +import { + DefaultNpmCheckOptions, + type INpmCheckPackageJson, + type INpmCheckState +} from './interfaces/INpmCheck'; +import readPackageJson from './ReadPackageJson'; + +export default async function initializeState(initialOptions?: INpmCheckState): Promise { + const state: INpmCheckState = _.extend(DefaultNpmCheckOptions, initialOptions); + + if (state.cwd) { + const cwd: string = path.resolve(state.cwd); + const pkg: INpmCheckPackageJson = readPackageJson(path.join(cwd, 'package.json')); + state.cwdPackageJson = pkg; + state.cwd = cwd; + } + + if (state.cwdPackageJson?.error) { + return Promise.reject(state.cwdPackageJson.error); + } + + return Promise.resolve(state); +} diff --git a/libraries/npm-check-fork/src/ReadPackageJson.ts b/libraries/npm-check-fork/src/ReadPackageJson.ts new file mode 100644 index 00000000000..b8166d486ca --- /dev/null +++ b/libraries/npm-check-fork/src/ReadPackageJson.ts @@ -0,0 +1,18 @@ +import _ from 'lodash'; + +import type { INpmCheckPackageJson } from './interfaces/INpmCheck.ts'; + +export default function readPackageJson(filename: string): INpmCheckPackageJson { + let pkg: INpmCheckPackageJson | undefined = undefined; + let error: Error | undefined = undefined; + try { + pkg = require(filename); + } catch (e: unknown) { + if (e && typeof e === 'object' && 'code' in e && e.code === 'MODULE_NOT_FOUND') { + error = new Error(`A package.json was not found at ${filename}`); + } else { + error = new Error(`A package.json was found at ${filename}, but it is not valid.`); + } + } + return _.extend({ devDependencies: {}, dependencies: {}, error: error }, pkg); +} diff --git a/libraries/npm-check-fork/src/index.ts b/libraries/npm-check-fork/src/index.ts new file mode 100644 index 00000000000..43444bb3484 --- /dev/null +++ b/libraries/npm-check-fork/src/index.ts @@ -0,0 +1,3 @@ +export { default as NpmCheck } from './NpmCheck'; +export type { INpmCheckPackageSummary } from './interfaces/INpmCheckPackageSummary'; +export type { INpmCheckState } from './interfaces/INpmCheck'; diff --git a/libraries/npm-check-fork/src/interfaces/INpmCheck.ts b/libraries/npm-check-fork/src/interfaces/INpmCheck.ts new file mode 100644 index 00000000000..77f2d2172f7 --- /dev/null +++ b/libraries/npm-check-fork/src/interfaces/INpmCheck.ts @@ -0,0 +1,24 @@ +import type { INpmCheckPackageSummary } from './INpmCheckPackageSummary'; + +export interface INpmCheckPackageJson { + name?: string; + version?: string; + devDependencies: Record; + dependencies: Record; + error?: Error; + scripts?: Record; + // eslint-disable-next-line @typescript-eslint/no-explicit-any + [key: string]: any; +} + +export interface INpmCheckState { + cwd: string; + cwdPackageJson?: INpmCheckPackageJson; + packages?: INpmCheckPackageSummary[]; +} + +export const DefaultNpmCheckOptions: INpmCheckState = { + cwd: process.cwd(), + cwdPackageJson: { devDependencies: {}, dependencies: {} }, + packages: undefined +}; diff --git a/libraries/npm-check-fork/src/interfaces/INpmCheckPackageSummary.ts b/libraries/npm-check-fork/src/interfaces/INpmCheckPackageSummary.ts new file mode 100644 index 00000000000..21d2aed3bd2 --- /dev/null +++ b/libraries/npm-check-fork/src/interfaces/INpmCheckPackageSummary.ts @@ -0,0 +1,28 @@ +export type INpmCheckVersionBumpType = + | '' + | 'build' + | 'major' + | 'premajor' + | 'minor' + | 'preminor' + | 'patch' + | 'prepatch' + | 'prerelease' + | 'nonSemver' + | undefined + // eslint-disable-next-line @rushstack/no-new-null + | null; + +export interface INpmCheckPackageSummary { + moduleName: string; // name of the module. + homepage: string; // url to the home page. + regError?: Error; // error communicating with the registry + pkgError?: Error; // error reading the package.json + latest: string; // latest according to the registry. + installed: string; // version installed + notInstalled: boolean; // Is it installed? + packageJson: string; // Version or range requested in the parent package.json. + devDependency: boolean; // Is this a devDependency? + mismatch: boolean; // Does the version installed not match the range in package.json? + bump?: INpmCheckVersionBumpType; // What kind of bump is required to get the latest +} diff --git a/libraries/npm-check-fork/src/interfaces/INpmCheckRegistry.ts b/libraries/npm-check-fork/src/interfaces/INpmCheckRegistry.ts new file mode 100644 index 00000000000..63f4e63e0dc --- /dev/null +++ b/libraries/npm-check-fork/src/interfaces/INpmCheckRegistry.ts @@ -0,0 +1,23 @@ +export interface INpmRegistryInfo { + latest?: string; + next?: string; + versions?: string[]; + homepage?: string; + error?: string; +} + +interface INpmCheckRegistryInfoBugs { + url?: string; +} +interface INpmCheckRepository { + url?: string; +} +export interface INpmCheckPackageVersion { + homepage?: string; + bugs?: INpmCheckRegistryInfoBugs; + repository?: INpmCheckRepository; +} +export interface INpmCheckRegistryData { + versions: Record; + ['dist-tags']: { latest: string }; +} diff --git a/libraries/npm-check-fork/src/tests/BestGuessHomepage.test.ts b/libraries/npm-check-fork/src/tests/BestGuessHomepage.test.ts new file mode 100644 index 00000000000..e8499b92ce2 --- /dev/null +++ b/libraries/npm-check-fork/src/tests/BestGuessHomepage.test.ts @@ -0,0 +1,57 @@ +// Mock gitUrl.parse +jest.mock('giturl', () => ({ parse: (url: string) => url })); + +import bestGuessHomepage from '../BestGuessHomepage'; +import type { INpmCheckRegistryData } from '../interfaces/INpmCheckRegistry'; + +describe('bestGuessHomepage', () => { + it('returns false if data is undefined', () => { + expect(bestGuessHomepage(undefined)).toBe(false); + }); + + it('returns homepage if present', () => { + const data: INpmCheckRegistryData = { + versions: { + latest: { + homepage: 'https://homepage.com' + } + }, + 'dist-tags': { latest: 'latest' } + }; + expect(bestGuessHomepage(data)).toBe('https://homepage.com'); + }); + + it('returns bugs.url if homepage is missing', () => { + const data: INpmCheckRegistryData = { + versions: { + latest: { + bugs: { url: 'https://bugs.com' } + } + }, + 'dist-tags': { latest: 'latest' } + }; + expect(bestGuessHomepage(data)).toBe('https://bugs.com'); + }); + + it('returns repository.url if homepage and bugs.url are missing', () => { + const data: INpmCheckRegistryData = { + versions: { + latest: { + repository: { url: 'https://repo.com' } + } + }, + 'dist-tags': { latest: 'latest' } + }; + expect(bestGuessHomepage(data)).toBe('https://repo.com'); + }); + + it('returns false if no homepage, bugs.url, or repository.url', () => { + const data: INpmCheckRegistryData = { + versions: { + latest: {} + }, + 'dist-tags': { latest: 'latest' } + }; + expect(bestGuessHomepage(data)).toBe(false); + }); +}); diff --git a/libraries/npm-check-fork/src/tests/CreatePackageSummary.test.ts b/libraries/npm-check-fork/src/tests/CreatePackageSummary.test.ts new file mode 100644 index 00000000000..9dce1cc11e1 --- /dev/null +++ b/libraries/npm-check-fork/src/tests/CreatePackageSummary.test.ts @@ -0,0 +1,79 @@ +jest.mock('../GetLatestFromRegistry'); +jest.mock('../ReadPackageJson'); +jest.mock('../FindModulePath'); + +import createPackageSummary from '../CreatePackageSummary'; +import getLatestFromRegistry from '../GetLatestFromRegistry'; +import readPackageJson from '../ReadPackageJson'; +import findModulePath from '../FindModulePath'; +import type { INpmCheckState, INpmCheckPackageJson } from '../interfaces/INpmCheck'; +import type { INpmRegistryInfo } from '../interfaces/INpmCheckRegistry'; +import type { INpmCheckPackageSummary } from '../interfaces/INpmCheckPackageSummary'; + +const mockGetLatestFromRegistry = getLatestFromRegistry as jest.MockedFunction; +const mockReadPackageJson = readPackageJson as jest.MockedFunction; +const mockFindModulePath = findModulePath as jest.MockedFunction; + +describe('createPackageSummary', () => { + afterEach(() => { + jest.clearAllMocks(); + }); + + it('returns false for private package', async () => { + mockFindModulePath.mockReturnValue('/mock/path/private-pkg'); + mockReadPackageJson.mockReturnValue({ + dependencies: {}, + devDependencies: {}, + private: true + } as INpmCheckPackageJson); + const state: INpmCheckState = { + cwd: process.cwd(), + cwdPackageJson: { dependencies: {}, devDependencies: {} } + }; + const result: INpmCheckPackageSummary | boolean = await createPackageSummary('private-pkg', state); + expect(result).toBe(false); + }); + + it('returns false for invalid semver range', async () => { + mockFindModulePath.mockReturnValue('/mock/path'); + mockReadPackageJson.mockReturnValue({ + dependencies: {}, + devDependencies: {} + } as INpmCheckPackageJson); + const state: INpmCheckState = { + cwd: process.cwd(), + cwdPackageJson: { + dependencies: { 'bad-pkg': 'github:foo/bar' }, + devDependencies: {} + } + }; + const result: INpmCheckPackageSummary | boolean = await createPackageSummary('bad-pkg', state); + expect(result).toBe(false); + }); + + it('returns summary for valid package', async () => { + mockFindModulePath.mockReturnValue('/mock/path'); + mockReadPackageJson.mockReturnValue({ + dependencies: {}, + devDependencies: {} + } as INpmCheckPackageJson); + mockGetLatestFromRegistry.mockResolvedValue({ + latest: '2.0.0', + next: '3.0.0', + versions: ['1.0.0', '2.0.0', '3.0.0'], + homepage: 'https://homepage.com' + } as INpmRegistryInfo); + const state: INpmCheckState = { + cwd: process.cwd(), + cwdPackageJson: { dependencies: { 'good-pkg': '1.0.0' }, devDependencies: {} }, + unusedDependencies: ['good-pkg'], + missingFromPackageJson: {} + } as INpmCheckState; + const result: INpmCheckPackageSummary | boolean = await createPackageSummary('good-pkg', state); + expect(result).toBeTruthy(); + expect(result).toHaveProperty('moduleName', 'good-pkg'); + expect(result).toHaveProperty('homepage', 'https://homepage.com'); + expect(result).toHaveProperty('latest', '2.0.0'); + expect(result).toHaveProperty('installed', '1.0.0'); + }); +}); diff --git a/libraries/npm-check-fork/src/tests/FindModulePath.test.ts b/libraries/npm-check-fork/src/tests/FindModulePath.test.ts new file mode 100644 index 00000000000..bf9ddeca78a --- /dev/null +++ b/libraries/npm-check-fork/src/tests/FindModulePath.test.ts @@ -0,0 +1,34 @@ +jest.mock('path', () => ({ + join: jest.fn((...args) => args.join('/')) + // Add other path methods as needed +})); + +import findModulePath from '../FindModulePath'; +import type { INpmCheckState } from '../interfaces/INpmCheck'; +import path from 'node:path'; + +const Module = require('node:module'); + +describe('findModulePath', () => { + beforeAll(() => { + jest + .spyOn(Module, '_nodeModulePaths') + .mockImplementation(() => ['/mock/path/node_modules', '/another/mock/path/node_modules']); + }); + + afterAll(() => { + jest.restoreAllMocks(); + }); + + it('returns found path', () => { + const state: INpmCheckState = { cwd: '/test/cwd', global: false } as INpmCheckState; + const result = findModulePath('my-module', state); + expect(result).toBe(path.join('/test/cwd', 'my-module')); + }); + + it('returns first tried path', () => { + const state: INpmCheckState = { cwd: '/test/cwd', global: false } as INpmCheckState; + const result = findModulePath('missing-module', state); + expect(result).toBe(path.join('/test/cwd', 'missing-module')); + }); +}); diff --git a/libraries/npm-check-fork/src/tests/GetLatestFromRegistry.test.ts b/libraries/npm-check-fork/src/tests/GetLatestFromRegistry.test.ts new file mode 100644 index 00000000000..9490c34b926 --- /dev/null +++ b/libraries/npm-check-fork/src/tests/GetLatestFromRegistry.test.ts @@ -0,0 +1,51 @@ +jest.mock('package-json'); + +import getNpmInfo from '../GetLatestFromRegistry'; +import packageJson from 'package-json'; +import type { INpmRegistryInfo } from '../interfaces/INpmCheckRegistry'; + +const mockPackageJson = packageJson as jest.MockedFunction; + +describe('getNpmInfo', () => { + beforeEach(() => { + jest.clearAllMocks(); + }); + + it('returns registry info with homepage', async () => { + mockPackageJson.mockResolvedValue({ + versions: { + '1.0.0': { + homepage: 'https://homepage.com' + }, + '2.0.0': { + bugs: { url: 'https://bugs.com' } + } + }, + 'dist-tags': { latest: '1.0.0', next: '2.0.0' } + } as unknown as packageJson.FullMetadata); + const result: INpmRegistryInfo = await getNpmInfo('test-package'); + expect(result).toHaveProperty('latest', '1.0.0'); + expect(result).toHaveProperty('next', '2.0.0'); + expect(result).toHaveProperty('versions', ['1.0.0', '2.0.0']); + expect(result).toHaveProperty('homepage', 'https://homepage.com'); + }); + + it('returns error if packageJson throws', async () => { + mockPackageJson.mockRejectedValue(new Error('Registry down')); + const result: INpmRegistryInfo = await getNpmInfo('test-package'); + expect(result).toHaveProperty('error'); + expect(result.error).toBe('Registry error Registry down'); + }); + + it('returns "" homepage if not present', async () => { + mockPackageJson.mockResolvedValue({ + versions: { + '1.0.0': {}, + '2.0.0': {} + }, + 'dist-tags': { latest: '1.0.0', next: '2.0.0' } + } as unknown as packageJson.FullMetadata); + const result: INpmRegistryInfo = await getNpmInfo('test-package'); + expect(result).toHaveProperty('homepage', ''); + }); +}); diff --git a/libraries/npm-check-fork/src/tests/NpmCheck.test.ts b/libraries/npm-check-fork/src/tests/NpmCheck.test.ts new file mode 100644 index 00000000000..6fea389f076 --- /dev/null +++ b/libraries/npm-check-fork/src/tests/NpmCheck.test.ts @@ -0,0 +1,36 @@ +jest.mock('../CreatePackageSummary', () => ({ + __esModule: true, + default: jest.fn(async () => ({})) +})); + +import createPackageSummary from '../CreatePackageSummary'; +const mockCreatePackageSummary = createPackageSummary as jest.MockedFunction; + +import type { INpmCheckState } from '../interfaces/INpmCheck'; +import NpmCheck from '../NpmCheck'; + +describe('NpmCheck', () => { + it('should mimic rush initial options', async () => { + mockCreatePackageSummary.mockImplementation(async (moduleName) => ({ + moduleName, + homepage: '', + latest: '', + installed: '', + notInstalled: true, + packageWanted: '', + packageJson: '', + notInPackageJson: undefined, + devDependency: false, + peerDependency: false, + mismatch: false, + bump: undefined + })); + const result: INpmCheckState = await NpmCheck({ + cwd: process.cwd() + }); + expect(result.packages).toBeDefined(); + if (result.packages && result.packages.length > 0) { + expect(result.packages[0]).toHaveProperty('moduleName'); + } + }); +}); diff --git a/libraries/npm-check-fork/src/tests/NpmCheckState.test.ts b/libraries/npm-check-fork/src/tests/NpmCheckState.test.ts new file mode 100644 index 00000000000..68ad0d0ff3f --- /dev/null +++ b/libraries/npm-check-fork/src/tests/NpmCheckState.test.ts @@ -0,0 +1,12 @@ +import type { INpmCheckState } from '../interfaces/INpmCheck'; +import initializeState from '../NpmCheckState'; + +describe('NpmCheckState', () => { + it('should create with default options', async () => { + const state: INpmCheckState = await initializeState(); + expect(state).toBeDefined(); + expect(state.cwd).toBe(process.cwd()); + expect(state.cwdPackageJson).toHaveProperty('name'); + expect(state.cwdPackageJson).toHaveProperty('version'); + }); +}); diff --git a/libraries/npm-check-fork/src/tests/ReadPackageJson.test.ts b/libraries/npm-check-fork/src/tests/ReadPackageJson.test.ts new file mode 100644 index 00000000000..28e75e35cdd --- /dev/null +++ b/libraries/npm-check-fork/src/tests/ReadPackageJson.test.ts @@ -0,0 +1,14 @@ +import path from 'node:path'; + +import readPackageJson from '../ReadPackageJson'; +import type { INpmCheckPackageJson } from '../interfaces/INpmCheck'; + +describe('readPackageJson', () => { + it('should return valid packageJson if it exists', async () => { + const fileName: string = path.join(process.cwd(), 'package.json'); + const result: INpmCheckPackageJson = await readPackageJson(fileName); + + expect(result).toBeDefined(); + expect(result).toHaveProperty('name'); + }); +}); diff --git a/libraries/npm-check-fork/src/types/giturl-typings.d.ts b/libraries/npm-check-fork/src/types/giturl-typings.d.ts new file mode 100644 index 00000000000..3202ff78a60 --- /dev/null +++ b/libraries/npm-check-fork/src/types/giturl-typings.d.ts @@ -0,0 +1,4 @@ +declare module 'giturl' { + function parse(url: string): string; + export { parse }; +} diff --git a/libraries/npm-check-fork/tsconfig.json b/libraries/npm-check-fork/tsconfig.json new file mode 100644 index 00000000000..f9b633dca52 --- /dev/null +++ b/libraries/npm-check-fork/tsconfig.json @@ -0,0 +1,9 @@ +{ + "extends": "./node_modules/local-node-rig/profiles/default/tsconfig-base.json", + "compilerOptions": { + "declaration": true, + "declarationMap": true, + "emitDeclarationOnly": false, + "outDir": "./lib" + } +} diff --git a/libraries/rush-lib/package.json b/libraries/rush-lib/package.json index a43efe5232c..20d0d403ec7 100644 --- a/libraries/rush-lib/package.json +++ b/libraries/rush-lib/package.json @@ -36,6 +36,7 @@ "@rushstack/heft-config-file": "workspace:*", "@rushstack/lookup-by-path": "workspace:*", "@rushstack/node-core-library": "workspace:*", + "@rushstack/npm-check-fork": "workspace:*", "@rushstack/package-deps-hash": "workspace:*", "@rushstack/package-extractor": "workspace:*", "@rushstack/rig-package": "workspace:*", @@ -55,7 +56,6 @@ "ignore": "~5.1.6", "inquirer": "~8.2.7", "js-yaml": "~4.1.0", - "npm-check": "~6.0.1", "npm-package-arg": "~6.1.0", "object-hash": "3.0.0", "pnpm-sync-lib": "0.3.2", diff --git a/libraries/rush-lib/src/logic/InteractiveUpgrader.ts b/libraries/rush-lib/src/logic/InteractiveUpgrader.ts index 3eb8d238a7e..493a2a25ffc 100644 --- a/libraries/rush-lib/src/logic/InteractiveUpgrader.ts +++ b/libraries/rush-lib/src/logic/InteractiveUpgrader.ts @@ -1,12 +1,9 @@ // Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license. // See LICENSE in the project root for license information. -/// - -import npmCheck from 'npm-check'; -import type * as NpmCheck from 'npm-check'; import Prompt from 'inquirer/lib/ui/prompt'; +import { NpmCheck, type INpmCheckState, type INpmCheckPackageSummary } from '@rushstack/npm-check-fork'; import { Colorize } from '@rushstack/terminal'; import type { RushConfiguration } from '../api/RushConfiguration'; @@ -29,7 +26,7 @@ export class InteractiveUpgrader { public async upgradeAsync(): Promise { const rushProject: RushConfigurationProject = await this._getUserSelectedProjectForUpgradeAsync(); - const dependenciesState: NpmCheck.INpmCheckPackage[] = + const dependenciesState: INpmCheckPackageSummary[] = await this._getPackageDependenciesStatusAsync(rushProject); const depsToUpgrade: IDepsToUpgradeAnswers = @@ -38,7 +35,7 @@ export class InteractiveUpgrader { } private async _getUserSelectedDependenciesToUpgradeAsync( - packages: NpmCheck.INpmCheckPackage[] + packages: INpmCheckPackageSummary[] ): Promise { return upgradeInteractive(packages); } @@ -69,14 +66,13 @@ export class InteractiveUpgrader { private async _getPackageDependenciesStatusAsync( rushProject: RushConfigurationProject - ): Promise { + ): Promise { const { projectFolder } = rushProject; - const currentState: NpmCheck.INpmCheckCurrentState = await npmCheck({ - cwd: projectFolder, - skipUnused: true + const currentState: INpmCheckState = await NpmCheck({ + cwd: projectFolder }); - return currentState.get('packages'); + return currentState.packages ?? []; } } diff --git a/libraries/rush-lib/src/logic/PackageJsonUpdater.ts b/libraries/rush-lib/src/logic/PackageJsonUpdater.ts index 270dcfc87bc..cc56e90c7ed 100644 --- a/libraries/rush-lib/src/logic/PackageJsonUpdater.ts +++ b/libraries/rush-lib/src/logic/PackageJsonUpdater.ts @@ -1,11 +1,9 @@ // Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license. // See LICENSE in the project root for license information. -/// - import * as semver from 'semver'; -import type * as NpmCheck from 'npm-check'; +import type { INpmCheckPackageSummary } from '@rushstack/npm-check-fork'; import { Colorize, type ITerminal } from '@rushstack/terminal'; import type { RushConfiguration } from '../api/RushConfiguration'; @@ -44,7 +42,7 @@ export interface IPackageJsonUpdaterRushUpgradeOptions { /** * The dependencies to be added. */ - packagesToAdd: NpmCheck.INpmCheckPackage[]; + packagesToAdd: INpmCheckPackageSummary[]; /** * If specified, other packages that use this dependency will also have their package.json's updated. */ @@ -138,13 +136,7 @@ export class PackageJsonUpdater { const devDependenciesToUpdate: Record = {}; const peerDependenciesToUpdate: Record = {}; - for (const { - moduleName, - latest: latestVersion, - packageJson, - devDependency, - peerDependency - } of packagesToAdd) { + for (const { moduleName, latest: latestVersion, packageJson, devDependency } of packagesToAdd) { const inferredRangeStyle: SemVerStyle = this._cheaplyDetectSemVerRangeStyle(packageJson); const implicitlyPreferredVersion: string | undefined = implicitlyPreferredVersionByPackageName.get(moduleName); @@ -164,8 +156,6 @@ export class PackageJsonUpdater { if (devDependency) { devDependenciesToUpdate[moduleName] = version; - } else if (peerDependency) { - peerDependenciesToUpdate[moduleName] = version; } else { dependenciesToUpdate[moduleName] = version; } @@ -903,7 +893,7 @@ export class PackageJsonUpdater { } } - private _normalizeDepsToUpgrade(deps: NpmCheck.INpmCheckPackage[]): IPackageForRushAdd[] { + private _normalizeDepsToUpgrade(deps: INpmCheckPackageSummary[]): IPackageForRushAdd[] { return deps.map((dep) => { return { packageName: dep.moduleName, diff --git a/libraries/rush-lib/src/utilities/InteractiveUpgradeUI.ts b/libraries/rush-lib/src/utilities/InteractiveUpgradeUI.ts index 11e9640de3c..9e5d9bf1c06 100644 --- a/libraries/rush-lib/src/utilities/InteractiveUpgradeUI.ts +++ b/libraries/rush-lib/src/utilities/InteractiveUpgradeUI.ts @@ -5,14 +5,12 @@ // https://github.com/dylang/npm-check/blob/master/lib/out/interactive-update.js // Extended to use one type of text table -/// - import inquirer from 'inquirer'; import CliTable from 'cli-table'; import type Separator from 'inquirer/lib/objects/separator'; -import type * as NpmCheck from 'npm-check'; import { AnsiEscape, Colorize } from '@rushstack/terminal'; +import type { INpmCheckPackageSummary } from '@rushstack/npm-check-fork'; export interface IUIGroup { title: string; @@ -25,11 +23,11 @@ export interface IUIGroup { } export interface IDepsToUpgradeAnswers { - packages: NpmCheck.INpmCheckPackage[]; + packages: INpmCheckPackageSummary[]; } export interface IUpgradeInteractiveDepChoice { - value: NpmCheck.INpmCheckPackage; + value: INpmCheckPackageSummary; name: string | string[]; short: string; } @@ -82,7 +80,7 @@ export const UI_GROUPS: IUIGroup[] = [ } ]; -function label(dep: NpmCheck.INpmCheckPackage): string[] { +function label(dep: INpmCheckPackageSummary): string[] { const bumpInstalled: string = dep.bump ? dep.installed : ''; const installed: string = dep.mismatch ? dep.packageJson : bumpInstalled; const name: string = Colorize.yellow(dep.moduleName); @@ -95,15 +93,25 @@ function label(dep: NpmCheck.INpmCheckPackage): string[] { installed, installed && '>', Colorize.bold(dep.latest || ''), - dep.latest ? homepage : dep.regError || dep.pkgError + dep.latest ? homepage : getErrorDep(dep) ]; } -function short(dep: NpmCheck.INpmCheckPackage): string { +function getErrorDep(dep: INpmCheckPackageSummary): string { + if (dep.regError !== undefined && dep.regError && dep.regError instanceof Error) { + return dep.regError.message; + } else if (dep.pkgError !== undefined && dep.pkgError && dep.pkgError instanceof Error) { + return dep.pkgError.message; + } + + return ''; +} + +function short(dep: INpmCheckPackageSummary): string { return `${dep.moduleName}@${dep.latest}`; } -function getChoice(dep: NpmCheck.INpmCheckPackage): IUpgradeInteractiveDepChoice | boolean | Separator { +function getChoice(dep: INpmCheckPackageSummary): IUpgradeInteractiveDepChoice | boolean | Separator { if (!dep.mismatch && !dep.bump && !dep.notInstalled) { return false; } @@ -119,9 +127,9 @@ function unselectable(options?: { title: string }): Separator { return new inquirer.Separator(AnsiEscape.removeCodes(options ? options.title : '')); } -function createChoices(packages: NpmCheck.INpmCheckPackage[], options: IUIGroup): ChoiceTable { +function createChoices(packages: INpmCheckPackageSummary[], options: IUIGroup): ChoiceTable { const { filter } = options; - const filteredChoices: NpmCheck.INpmCheckPackage[] = packages.filter((pkg: NpmCheck.INpmCheckPackage) => { + const filteredChoices: INpmCheckPackageSummary[] = packages.filter((pkg: INpmCheckPackageSummary) => { if ('mismatch' in filter && pkg.mismatch !== filter.mismatch) { return false; } else if ('bump' in filter && pkg.bump !== filter.bump) { @@ -131,7 +139,7 @@ function createChoices(packages: NpmCheck.INpmCheckPackage[], options: IUIGroup) } else { return true; } - }) as NpmCheck.INpmCheckPackage[]; + }) as INpmCheckPackageSummary[]; const choices: (IUpgradeInteractiveDepChoice | Separator | boolean)[] = filteredChoices .map(getChoice) @@ -179,9 +187,7 @@ function createChoices(packages: NpmCheck.INpmCheckPackage[], options: IUIGroup) } } -export const upgradeInteractive = async ( - pkgs: NpmCheck.INpmCheckPackage[] -): Promise => { +export const upgradeInteractive = async (pkgs: INpmCheckPackageSummary[]): Promise => { const choicesGrouped: ChoiceTable[] = UI_GROUPS.map((group) => createChoices(pkgs, group)).filter(Boolean); const choices: ChoiceTable = []; diff --git a/rush.json b/rush.json index a4f69a6db82..0cb4ae72f2e 100644 --- a/rush.json +++ b/rush.json @@ -1211,6 +1211,12 @@ "shouldPublish": true, "decoupledLocalDependencies": ["@rushstack/heft"] }, + { + "packageName": "@rushstack/npm-check-fork", + "projectFolder": "libraries/npm-check-fork", + "reviewCategory": "libraries", + "shouldPublish": true + }, { "packageName": "@rushstack/operation-graph", "projectFolder": "libraries/operation-graph",