diff --git a/.github/workflows/ci-actions.yml b/.github/workflows/ci-actions.yml index 1456ef1fa0..cec3dd8a9f 100644 --- a/.github/workflows/ci-actions.yml +++ b/.github/workflows/ci-actions.yml @@ -27,8 +27,11 @@ jobs: with: node-version: ${{ matrix.node-version }} + - name: Verify package-lock.json + run: ./scripts/verify_lock.mjs + - name: Install - run: npm clean-install + run: npm clean-install --ignore-scripts - name: Lint sources run: npm run lint diff --git a/package.json b/package.json index bcf12b0411..d31cefbc8c 100644 --- a/package.json +++ b/package.json @@ -26,7 +26,8 @@ "port-forward": "concurrently -c auto 'npm:port-forward:*'" }, "lint-staged": { - "*": "prettier --ignore-unknown --write" + "package-lock.json": "./scripts/verify_lock.mjs", + "!(package-lock.json)*": "prettier --ignore-unknown --write" }, "workspaces": [ "common", diff --git a/scripts/verify_lock.mjs b/scripts/verify_lock.mjs new file mode 100755 index 0000000000..99ffdec310 --- /dev/null +++ b/scripts/verify_lock.mjs @@ -0,0 +1,66 @@ +#!/usr/bin/env node + +import process from "node:process"; +import path from "node:path"; +import { readFileSync } from "node:fs"; + +// set the working directory to project root +// fs.accessSync("./package-lock.json") +const getProjectRoot = () => path.resolve(path.dirname(process.argv[1]), "../"); +process.chdir(getProjectRoot()); + +// load the lock file +const lockFilePath = path.resolve(process.cwd(), "package-lock.json"); +const lockFile = JSON.parse(readFileSync(lockFilePath)); + +const toLog = { + name: lockFile.name, + version: lockFile.version, + lockfileVersion: lockFile.lockfileVersion, +}; + +// check the packages packages +const removeUndefined = (obj) => + Object.fromEntries(Object.entries(obj).filter((e) => e[1] !== undefined)); + +const results = { + project: [], + resolved: [], + unresolved: [], +}; +Object.entries(lockFile.packages).forEach(([name, p]) => { + const bucket = p.name?.startsWith("@konveyor-ui") + ? results.project + : p.resolved + ? results.resolved + : results.unresolved; + + bucket.push( + removeUndefined({ + name, + version: p.version, + resolved: p.resolved, + packageName: p.name, + }) + ); +}); + +// log findings +toLog.packages = results.project; +toLog.dependencies = { + countResolved: results.resolved.length, + countUnresolved: results.unresolved.length, + unresolved: results.unresolved, +}; + +console.log(`package-lock.json (${lockFilePath}) status:`); +console.dir(toLog, { depth: 3 }); +console.log(); +if (results.unresolved.length === 0) { + console.log("\u{1f600} lock file is ok!"); +} else { + console.log("\u{1f621} lock file contains unresolved dependencies!"); +} + +// exit the script with an appropriate error code +process.exit(results.unresolved.length === 0 ? 0 : 1);