jaydenseric / audit-age Goto Github PK

$ npx audit-age
npx: installed 16 in 6.37s
(node:30705) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): Error: stdout maxBuffer exceeded
(node:30705) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

120 regular dependencies plus 39 devDependencies in package.json.
1151 package directories in node_modules/.

I made significant changes to the logic. Please have a look !

The snapshot tests for the audit-age CLI output change over time as the package versions in the fixture package lock files age.

Possibly the least-crappy way to deal with this is to generate the fixture packages and lock files at the time of each test, and have a mock npm registry that the CLI queries the package version dates from. This way we can dynamically set the published dates for the dependencies to cover a range of ages to test all the possible kinds of output, that won't change over time when the tests run in the future.

To achieve this, there might be some way to specify the URL for the mock registry in the fixture package.json or package-lock.json files, so the npm CLI will automatically query it. If this doesn't pan out, a new CLI option (e.g. --registry=http://localhost:3000) might need to be added, the downside being that we're not testing the CLI being used without that flag which is how real users will actually interact with it.

A risk is that by mocking the registry in the tests we might might not notice if the real npm registry behaves in a different way to our mocked one.

I tried running npx audit-age in my project recently and received the following error.

npx audit-age
npx: installed 16 in 3.32s
(node:66889) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): TypeError: Cannot convert undefined or null to object
(node:66889) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

I thought it might be a node version issue so I checked the package.json for audit-age and saw the engine for node is listed at >=8.5 and npm >=5.2. I updated to node 8.5.0 and npm 5.3.0 and reran the script and it worked fine.

It would be nice to get a warning when running npx audit-age that the current node version is not compatible. Ideally, I think this should be the responsibility of npx, but wanted to let you and others know if they ran into the same issue.