Merge pull request #19 from pkgjs/feat-7

Detect node support of dependencies

Author: dominykas

.gitignore

@@ -1,6 +1,6 @@
 **/node_modules
-**/package-lock.json
-**/npm-shrinkwrap.json
+/package-lock.json
+/npm-shrinkwrap.json
 
 coverage.*
 *.log*

.labrc.js

@@ -0,0 +1,5 @@
+'use strict';
+
+exports.globals = [
+    'Symbol(__RESOLVED_TEMP_DIRECTORY__)'
+].join(',');

README.md

@@ -5,45 +5,63 @@ List the Node.js versions supported by the package/repository
 ## Usage (command line)
 
 ```
-$ npx detect-node-support [path]
+$ npx detect-node-support [options] <path>
 ```
 
 Prints the supported Node.js versions for the package at the specified path. When the path is not a git repository - tries to read the git repository from `package.json` and tries to detect the versions listed in the repository as well.
 
 When `path` is omitted, tries to detect the versions for `cwd`. 
 
 ```
-$ npx detect-node-support [package name]
+$ npx detect-node-support [options] <package name>
 ```
 
 Prints supported Node.js versions for the package from the registry.
 
 ```
-$ npx detect-node-support [repository git URL]
+$ npx detect-node-support [options] <repository git URL>
 ```
 
 Prints supported Node.js versions for the package at the git URL.
 
+### Options
+
+* `--deep` - when used with --deps, include indirect dependencies
+* `--deps` - include the support information of direct production dependencies
+* `--dev` - when used with --deps, include dev dependencies
+
 ## Usage (library)
 
 ```
-const result = await require('detect-node-support').detect({ path });
+const result = await require('detect-node-support').detect({ path }, options);
 ```
 
 `path` should be a folder in the local file system. When the path is not a git repository - tries to read the git repository from `package.json` and tries to detect the versions listed in the repository as well. 
 
 ```
-const result = await require('detect-node-support').detect({ packageName });
+const result = await require('detect-node-support').detect({ packageName }, options);
 ```
 
 `packageName` is a string name for the package in the registry. 
 
 ```
-const result = await require('detect-node-support').detect({ repository });
+const result = await require('detect-node-support').detect({ repository }, options);
 ```
 
 `repository` is a URL for a git repository.
 
+```
+const result = await require('detect-node-support').detect(what, options);
+```
+
+`what` is a string containing either a package name, or a local path, or a reference to a git repository.
+
+### Options
+
+- `deep: false` - when `true` and used `deps: true`, include indirect dependencies
+- `deps: false` - when `true`, include the support information of all dependencies.
+- `dev: false` - when `true` and used with `deps: true`, include dev dependencies
+
 ### Result
 
 - Throws if the `path` / `repository` does not have a `package.json`
@@ -88,6 +106,39 @@ const result = {
             "lts/*": "12.14.0",
             "invalid-specifier": false
         }       
+    },
+
+    // only present when explicitly requested
+    "dependencies": {
+
+        // will contain a support object for every unique dependency in the tree
+        // note that the `version` will be the _latest_ version available in the registry
+        // see below for the actual versions installed   
+        "support": [
+            { 
+                "name": "dependency-A" 
+                /*... other fields ...*/ 
+            },
+            { 
+                "name": "dependency-B" 
+                /*... other fields ...*/ 
+            }           
+        ],
+    
+        // will contain a list of unique versions for each dependency found in the dependency tree
+        "versions": {
+            "dependency-A": ["0.0.10", "1.2.5"],
+            "dependency-B": ["0.5.3", "1.0.0"],
+            "dependency-C": ["7.8.9"]
+        },
+        
+        // will contain a list of errors that were encountered while resolving dependency support information
+        "errors": {
+            "dependency-C": {
+                // the `message` will always be either a string or `null`
+                "message": "Failed to download some information or something"
+            }       
+        }       
     }
 }
 ```

bin/detect-node-support

@@ -2,58 +2,65 @@
 
 'use strict';
 
+const Debug = require('debug');
 const Fs = require('fs');
-const NodeSupport = require('..');
-const { URL } = require('url');
+const Minimist = require('minimist');
+const Tmp = require('tmp');
+const Util = require('util');
 
+const NodeSupport = require('..');
 
 const internals = {};
 
-internals.help = () => {
-
-    return `Usage: detect-node-support [ path | Github URL | npm package name ]`;
-};
 
+internals.log = Debug('detect-node-support');
 
-internals.autoDetect = (what) => {
 
-    try {
-        var url = new URL(what);
-    }
-    catch (err) {
-        if (err.code !== 'ERR_INVALID_URL') {
-            throw err;
-        }
-    }
+internals.help = () => {
 
-    if (url) {
-        return NodeSupport.detect({ repository: url.href });
-    }
+    return `
+Usage: detect-node-support [--deps] [--dev] [--deep] [--json] <what>
 
-    if (Fs.existsSync(what)) {
-        return NodeSupport.detect({ path: what });
-    }
+  <what> can be an npm package name, or a Github URL, or a path 
+  with a package.json.
 
-    if (what.includes('/') && !what.startsWith('@')) {
-        return  NodeSupport.detect({ repository: `https://github.com./${what}` });
-    }
-
-    return NodeSupport.detect({ packageName: what });
+Options:
+  --deep    When used with --deps, include indirect dependencies
+  --deps    Include the support information of direct production dependencies
+  --dev     When used with --deps, include direct dev dependencies
+  --json    Print JSON formatted output
+`;
 };
 
-exports.main = async (nodeBin, thisBin, what) => {
+exports.main = async ({ _: [what], deps, deep, dev, json }) => {
 
     if (!what) {
         console.log(internals.help());
         return;
     }
 
-    const result = await internals.autoDetect(what);
+    if (!deps && (deep || dev)) {
+        console.log('--deep and --dev can only be used together with --deps\n');
+        console.log(internals.help());
+        return;
+    }
 
-    console.log(result);
+    const result = await NodeSupport.detect(what, { deps, deep, dev });
+
+    const jsonOutput = JSON.stringify(result, null, '  ');
+    const tmpFile = Tmp.fileSync({ postfix: '.json' });
+    Fs.writeFileSync(tmpFile.name, jsonOutput);
+
+    if (json) {
+        console.log(jsonOutput);
+    }
+    else {
+        console.log(Util.inspect(result, false, null, true));
+        console.log(`Full output available in ${tmpFile.name}`);
+    }
 };
 
-exports.main(...process.argv)
+exports.main(Minimist(process.argv.slice(2), { boolean: ['deps', 'dev', 'deep', 'json'] }))
     .catch((err) => {
 
         console.error(err);

lib/deps.js

@@ -0,0 +1,145 @@
+'use strict';
+
+const Debug = require('debug');
+const { Arborist } = require('@npmcli/arborist');
+const Fs = require('fs');
+const Path = require('path');
+const Tmp = require('tmp');
+
+const Package = require('./package');
+const Utils = require('./utils');
+
+const internals = {};
+
+
+internals.log = Debug('detect-node-support');
+
+
+internals.walk = (node, callback) => {
+
+    callback(node);
+
+    node.children.forEach((child) => {
+
+        internals.walk(child, callback);
+    });
+};
+
+
+internals.resolve = async ({ packageJson, lockfile }, options) => {
+
+    const { deep, dev } = options;
+
+    const tmpDir = Tmp.dirSync({ unsafeCleanup: true });
+    const path = tmpDir.name;
+
+    Fs.writeFileSync(Path.join(path, 'package.json'), JSON.stringify(packageJson, null, '  '));
+
+    if (lockfile) {
+        Fs.writeFileSync(Path.join(path, 'package-lock.json'), JSON.stringify(lockfile, null, '  '));
+    }
+
+    const direct = new Set();
+    ['dependencies', 'devDependencies', 'peerDependencies', 'optionalDependencies'].forEach((depType) => {
+
+        if (!packageJson[depType]) {
+            return;
+        }
+
+        Object.keys(packageJson[depType]).forEach((dep) => direct.add(dep));
+    });
+
+    const arborist = new Arborist({ path });
+
+    await arborist.buildIdealTree();
+
+    const map = {};
+
+    internals.walk(arborist.idealTree, (node) => {
+
+        if (node.isRoot) {
+            return;
+        }
+
+        if (!dev && node.dev) {
+            // only include dev deps when `options.dev` flag is set
+            return;
+        }
+
+        if (!deep && !node.parent.isRoot) {
+            // only include deep deps when `options.deep` flag is set
+            return;
+        }
+
+        if (!deep && !direct.has(node.name)) {
+            // only include deep deps when `options.deep` flag is set
+            // workaround for https://github.com./npm/arborist/issues/60
+            return;
+        }
+
+        map[node.name] = map[node.name] || new Set();
+        map[node.name].add(node.package.version);
+    });
+
+    const result = {};
+
+    for (const name of Object.keys(map).sort()) {
+        result[name] = [...map[name]];
+    }
+
+    tmpDir.removeCallback();
+
+    return result;
+};
+
+internals.tryLoad = async (loadFile, filename) => {
+
+    try {
+        return await loadFile(filename, { json: true });
+    }
+    catch (err) {
+        if (err.code !== 'ENOENT') {
+            throw err;
+        }
+    }
+};
+
+exports.detect = async ({ packageJson, loadFile }, options) => {
+
+    const lockfile = (await internals.tryLoad(loadFile, 'package-lock.json')) || (await internals.tryLoad(loadFile, 'npm-shrinkwrap.json'));
+    internals.log(lockfile ? 'Lock file present' : 'Lock file missing - things will be a bit slower');
+
+    const versions = await internals.resolve({ packageJson, lockfile }, options);
+
+    const support = [];
+    const errors = {};
+    let hasErrors = false;
+
+    const packages = Object.keys(versions).sort();
+    const n = packages.length;
+
+    for (let i = 0; i < n; ++i) {
+
+        const packageName = packages[i];
+        internals.log(`Resolving dependency ${i + 1} of ${n}: ${packageName}`);
+
+        try {
+            const { result } = await Package.detect({ packageName });
+            support.push(result);
+        }
+        catch (err) {
+            hasErrors = true;
+            errors[packageName] = {
+                message: Utils.getErrorMessage(err)
+            };
+        }
+    }
+
+    const result = { support, versions };
+
+    if (hasErrors) {
+        result.errors = errors;
+    }
+
+    return result;
+};

lib/engines.js

@@ -1,11 +1,11 @@
 'use strict';
 
-exports.detect = ({ engines }) => {
+exports.detect = ({ packageJson }) => {
 
-    if (engines) {
+    if (packageJson.engines) {
 
         return {
-            engines: engines.node
+            engines: packageJson.engines.node
         };
     }
 };