UNPKG

dependency-guardian

Version:

A powerful dependency management and analysis tool for Node.js projects

github.com/1oridevs/Dep-Guard

1oridevs/Dep-Guard

121 lines (95 loc) 3.67 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
const fs = require('fs').promises; const path = require('path'); const axios = require('axios'); const semver = require('semver'); const logger = require('../utils/logger'); const cache = require('../utils/cache'); const Dependency = require('../models/dependency'); class DependencyScanner { constructor() { this.cache = cache; } async readPackageJson(projectPath) { try { const packageJsonPath = path.join(projectPath, 'package.json'); const content = await fs.readFile(packageJsonPath, 'utf8'); return JSON.parse(content); } catch (error) { logger.error('Failed to read package.json:', error); throw new Error('Could not read package.json'); } } async scanDependencies(dependencies, type = 'dependencies') { const results = []; for (const [name, version] of Object.entries(dependencies)) { try { const dep = new Dependency(name, version, type); const latestVersion = await this.getLatestVersion(name); dep.latestVersion = latestVersion; dep.updateType = this.determineUpdateType(version, latestVersion); dep.suggestedUpdate = this.getSuggestedUpdate(version, latestVersion); results.push(dep); } catch (error) { logger.debug(`Failed to scan dependency ${name}:`, error); results.push(new Dependency(name, version, type)); } } return results; } async getLatestVersion(packageName) { const cacheKey = `npm-version-${packageName}`; const cached = this.cache.get(cacheKey); if (cached) { return cached; } try { const response = await axios.get(`https://registry.npmjs.org/${packageName}`); const latestVersion = response.data['dist-tags'].latest; this.cache.set(cacheKey, latestVersion); return latestVersion; } catch (error) { logger.debug(`Failed to get latest version for ${packageName}:`, error); throw new Error(`Could not fetch latest version for ${packageName}`); } } determineUpdateType(currentVersion, latestVersion) { if (!semver.valid(semver.clean(currentVersion)) || !semver.valid(latestVersion)) { return 'unknown'; } const current = semver.clean(currentVersion); if (semver.eq(current, latestVersion)) { return 'current'; } if (semver.major(latestVersion) > semver.major(current)) { return 'major'; } if (semver.minor(latestVersion) > semver.minor(current)) { return 'minor'; } if (semver.patch(latestVersion) > semver.patch(current)) { return 'patch'; } return 'unknown'; } getSuggestedUpdate(currentVersion, latestVersion) { if (!semver.valid(semver.clean(currentVersion)) || !semver.valid(latestVersion)) { return null; } const current = semver.clean(currentVersion); if (semver.eq(current, latestVersion)) { return null; } // Suggest the next safe version based on semver const major = semver.major(current); const minor = semver.minor(current); const patch = semver.patch(current); if (semver.satisfies(latestVersion, `^${major}.${minor}.${patch}`)) { return latestVersion; // Safe update within current range } if (semver.satisfies(latestVersion, `^${major}.0.0`)) { return `^${major}.${semver.minor(latestVersion)}.0`; // Safe minor update } return `^${semver.major(latestVersion)}.0.0`; // Major update (breaking changes) } } module.exports = new DependencyScanner();