jaydenseric / audit-age Goto Github PK
View Code? Open in Web Editor NEWA Node.js CLI and equivalent JS API to audit the age of installed production npm packages.
Home Page: https://npm.im/audit-age
License: MIT License
A Node.js CLI and equivalent JS API to audit the age of installed production npm packages.
Home Page: https://npm.im/audit-age
License: MIT License
$ npx audit-age
npx: installed 16 in 6.37s
(node:30705) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): Error: stdout maxBuffer exceeded
(node:30705) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
120 regular dependencies
plus 39 devDependencies
in package.json
.
1151 package directories in node_modules/
.
I made significant changes to the logic. Please have a look !
The snapshot tests for the audit-age
CLI output change over time as the package versions in the fixture package lock files age.
Possibly the least-crappy way to deal with this is to generate the fixture packages and lock files at the time of each test, and have a mock npm registry that the CLI queries the package version dates from. This way we can dynamically set the published dates for the dependencies to cover a range of ages to test all the possible kinds of output, that won't change over time when the tests run in the future.
To achieve this, there might be some way to specify the URL for the mock registry in the fixture package.json
or package-lock.json
files, so the npm CLI will automatically query it. If this doesn't pan out, a new CLI option (e.g. --registry=http://localhost:3000
) might need to be added, the downside being that we're not testing the CLI being used without that flag which is how real users will actually interact with it.
A risk is that by mocking the registry in the tests we might might not notice if the real npm registry behaves in a different way to our mocked one.
I tried running npx audit-age
in my project recently and received the following error.
npx audit-age
npx: installed 16 in 3.32s
(node:66889) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): TypeError: Cannot convert undefined or null to object
(node:66889) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
I thought it might be a node version issue so I checked the package.json for audit-age and saw the engine for node is listed at >=8.5 and npm >=5.2. I updated to node 8.5.0 and npm 5.3.0 and reran the script and it worked fine.
It would be nice to get a warning when running npx audit-age
that the current node version is not compatible. Ideally, I think this should be the responsibility of npx, but wanted to let you and others know if they ran into the same issue.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.