From 39c391445c54d387fe5747d146b863d80cc6518d Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Mon, 14 Jul 2025 11:31:55 +0200 Subject: [PATCH 1/6] chore: add tool for dependency checking Signed-off-by: Jan Kowalleck --- knip.jsonc | 18 ++++++++++++++++++ package.json | 7 +++++-- tools/test-dependnecies/.gitignore | 7 +++++++ tools/test-dependnecies/.npmrc | 5 +++++ tools/test-dependnecies/package.json | 11 +++++++++++ 5 files changed, 46 insertions(+), 2 deletions(-) create mode 100644 knip.jsonc create mode 100644 tools/test-dependnecies/.gitignore create mode 100644 tools/test-dependnecies/.npmrc create mode 100644 tools/test-dependnecies/package.json diff --git a/knip.jsonc b/knip.jsonc new file mode 100644 index 000000000..5245b9fea --- /dev/null +++ b/knip.jsonc @@ -0,0 +1,18 @@ +{ + "$schema": "https://unpkg.com/knip@5/schema-jsonc.json", + "entry": [ + "src/index.node.ts!", + "src/index.web.ts!" + ], + "project": [ + "src/**!", + "res/**!", + "examples/**", + "tests/**", + "!tests/_data/normalizeResults/**", + "!tests/_data/schemaTestData/**" + ], + "ignore": [ + "tools/**" + ] +} diff --git a/package.json b/package.json index 98b936d3a..cecf0da04 100644 --- a/package.json +++ b/package.json @@ -170,8 +170,10 @@ }, "scripts": { "dev-setup": "npm i && run-p --aggregate-output -lc dev-setup:\\*", - "dev-setup:docs-gen": "npm --prefix tools/docs-gen install", - "dev-setup:code-style": "npm --prefix tools/code-style install", + "dev-setup:tools": "run-p --aggregate-output -lc dev-setup:tool:\\*", + "dev-setup:tool:docs-gen": "npm --prefix tools/docs-gen install", + "dev-setup:tool:code-style": "npm --prefix tools/code-style install", + "dev-setup:tool:test-dependnecies": "npm --prefix tools/test-dependnecies install", "dev-setup:examples": "run-p --aggregate-output -lc dev-setup:examples:\\*", "dev-setup:examples:js": "npm --prefix examples/node/javascript i --ignore-scripts", "dev-setup:examples:ts-cjs": "npm --prefix examples/node/typescript/example.cjs i --ignore-scripts", @@ -190,6 +192,7 @@ "test:web": "node -e 'console.log(\"TODO: write web test\")'", "test:lint": "tsc --noEmit", "test:standard": "npm --prefix tools/code-style exec -- eslint .", + "test:dependencies": "npm --prefix tools/test-dependnecies exec -- knip --include dependencies,unlisted,unresolved --production -d", "cs-fix": "npm --prefix tools/code-style exec -- eslint --fix .", "api-doc": "run-p --aggregate-output -lc api-doc:\\*", "api-doc:node": "npm --prefix tools/docs-gen exec -- typedoc --options ./typedoc.node.json", diff --git a/tools/test-dependnecies/.gitignore b/tools/test-dependnecies/.gitignore new file mode 100644 index 000000000..e06506567 --- /dev/null +++ b/tools/test-dependnecies/.gitignore @@ -0,0 +1,7 @@ +* +!/.gitignore +!/package.json +!/.npmrc +!/tsdoc.json +!/typedoc.json +!/typedoc.*.json diff --git a/tools/test-dependnecies/.npmrc b/tools/test-dependnecies/.npmrc new file mode 100644 index 000000000..147970caf --- /dev/null +++ b/tools/test-dependnecies/.npmrc @@ -0,0 +1,5 @@ +; see the docs: https://docs.npmjs.com/cli/v9/using-npm/config + +package-lock=false +engine-strict=true +omit=peer # don't install them automatically; we take cate of them! diff --git a/tools/test-dependnecies/package.json b/tools/test-dependnecies/package.json new file mode 100644 index 000000000..f0921fde8 --- /dev/null +++ b/tools/test-dependnecies/package.json @@ -0,0 +1,11 @@ +{ + "private": true, + "name": "@cyclonedx/cyclonedx-javascript-library/tools/test-dependnecies", + "license": "Apache-2.0", + "engines": { + "node": ">=20.18" + }, + "dependencies": { + "knip": "5.61.3" + } +} From 09778d739df8c4571de1769b7487c096b18f7afd Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Mon, 14 Jul 2025 11:40:48 +0200 Subject: [PATCH 2/6] wip Signed-off-by: Jan Kowalleck --- .github/workflows/nodejs.yml | 35 +++++++++++++++++-- .github/workflows/release.yml | 7 ++-- package.json | 10 +++--- .../.gitignore | 0 .../.npmrc | 0 .../package.json | 2 +- 6 files changed, 43 insertions(+), 11 deletions(-) rename tools/{test-dependnecies => test-dependencies}/.gitignore (100%) rename tools/{test-dependnecies => test-dependencies}/.npmrc (100%) rename tools/{test-dependnecies => test-dependencies}/package.json (93%) diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml index 8376d08a5..6656b97d2 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/nodejs.yml @@ -120,10 +120,10 @@ jobs: - name: setup tools run: | echo "::group::install docs-gen deps" - npm run -- dev-setup:docs-gen --ignore-scripts --loglevel=silly + npm run -- dev-setup:tools:docs-gen --ignore-scripts --loglevel=silly echo "::endgroup::" echo "::group::install code-style deps" - npm run -- dev-setup:code-style --ignore-scripts --loglevel=silly + npm run -- dev-setup:tools:code-style --ignore-scripts --loglevel=silly echo "::endgroup::" - name: make reports dir run: mkdir -p "$REPORTS_DIR" @@ -147,6 +147,35 @@ jobs: path: ${{ env.REPORTS_DIR }} if-no-files-found: error + test-dependencies: + needs: [ 'build' ] + name: test dependencies + runs-on: ubuntu-latest + timeout-minutes: 10 + steps: + - name: Checkout + # see https://github.com/actions/checkout + uses: actions/checkout@v4 + - name: fetch build artifact + # see https://github.com/actions/download-artifact + uses: actions/download-artifact@v4 + with: + name: dist.d + path: dist.d + - name: Setup Node.js ${{ env.NODE_ACTIVE_LTS }} + # see https://github.com/actions/setup-node + uses: actions/setup-node@v4 + with: + node-version: ${{ env.NODE_ACTIVE_LTS }} + # cache: "npm" + # cache-dependency-path: "**/package-lock.json" + - name: setup project + run: npm install --ignore-scripts --loglevel=silly + - name: setup tool + run: npm run -- dev-setup:tools:test-dependencies --ignore-scripts --loglevel=silly + - name: test + run: npm run -- test:dependencies -d + test-node: needs: [ 'build' ] name: test node (${{ matrix.node-version }}, ${{ matrix.os }}) @@ -483,7 +512,7 @@ jobs: npm install --ignore-scripts --loglevel=silly echo "::endgroup::" echo "::group::install docs-gen deps" - npm run -- dev-setup:docs-gen --ignore-scripts --loglevel=silly + npm run -- dev-setup:tools:docs-gen --ignore-scripts --loglevel=silly echo "::endgroup::" - name: api-doc ${{ matrix.target }} run: npm run api-doc:${{ matrix.target }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d8fdfadb7..b01956fbb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -120,10 +120,13 @@ jobs: - name: setup tools run: | echo "::group::install docs-gen deps" - npm run -- dev-setup:docs-gen --ignore-scripts --loglevel=silly + npm run -- dev-setup:tools:docs-gen --ignore-scripts --loglevel=silly echo "::endgroup::" echo "::group::install code-style deps" - npm run -- dev-setup:code-style --ignore-scripts --loglevel=silly + npm run -- dev-setup:tools:code-style --ignore-scripts --loglevel=silly + echo "::endgroup::" + echo "::group::install test-dependencies deps" + npm run -- dev-setup:tools:test-dependencies --ignore-scripts --loglevel=silly echo "::endgroup::" # no explicit npm build. if a build is required, it should be configured as prepublish/prepublishOnly script of npm. - name: login to registries diff --git a/package.json b/package.json index cecf0da04..365a5a9c9 100644 --- a/package.json +++ b/package.json @@ -170,10 +170,10 @@ }, "scripts": { "dev-setup": "npm i && run-p --aggregate-output -lc dev-setup:\\*", - "dev-setup:tools": "run-p --aggregate-output -lc dev-setup:tool:\\*", - "dev-setup:tool:docs-gen": "npm --prefix tools/docs-gen install", - "dev-setup:tool:code-style": "npm --prefix tools/code-style install", - "dev-setup:tool:test-dependnecies": "npm --prefix tools/test-dependnecies install", + "dev-setup:tools": "run-p --aggregate-output -lc dev-setup:tools:\\*", + "dev-setup:tools:docs-gen": "npm --prefix tools/docs-gen install", + "dev-setup:tools:code-style": "npm --prefix tools/code-style install", + "dev-setup:tools:test-dependencies": "npm --prefix tools/test-dependencies install", "dev-setup:examples": "run-p --aggregate-output -lc dev-setup:examples:\\*", "dev-setup:examples:js": "npm --prefix examples/node/javascript i --ignore-scripts", "dev-setup:examples:ts-cjs": "npm --prefix examples/node/typescript/example.cjs i --ignore-scripts", @@ -192,7 +192,7 @@ "test:web": "node -e 'console.log(\"TODO: write web test\")'", "test:lint": "tsc --noEmit", "test:standard": "npm --prefix tools/code-style exec -- eslint .", - "test:dependencies": "npm --prefix tools/test-dependnecies exec -- knip --include dependencies,unlisted,unresolved --production -d", + "test:dependencies": "npm --prefix tools/test-dependencies exec -- knip --include dependencies,unlisted,unresolved --production", "cs-fix": "npm --prefix tools/code-style exec -- eslint --fix .", "api-doc": "run-p --aggregate-output -lc api-doc:\\*", "api-doc:node": "npm --prefix tools/docs-gen exec -- typedoc --options ./typedoc.node.json", diff --git a/tools/test-dependnecies/.gitignore b/tools/test-dependencies/.gitignore similarity index 100% rename from tools/test-dependnecies/.gitignore rename to tools/test-dependencies/.gitignore diff --git a/tools/test-dependnecies/.npmrc b/tools/test-dependencies/.npmrc similarity index 100% rename from tools/test-dependnecies/.npmrc rename to tools/test-dependencies/.npmrc diff --git a/tools/test-dependnecies/package.json b/tools/test-dependencies/package.json similarity index 93% rename from tools/test-dependnecies/package.json rename to tools/test-dependencies/package.json index f0921fde8..52d74061a 100644 --- a/tools/test-dependnecies/package.json +++ b/tools/test-dependencies/package.json @@ -1,6 +1,6 @@ { "private": true, - "name": "@cyclonedx/cyclonedx-javascript-library/tools/test-dependnecies", + "name": "@cyclonedx/cyclonedx-javascript-library/tools/test-dependencies", "license": "Apache-2.0", "engines": { "node": ">=20.18" From 867cbee546e607128d5e69d9b3c5abf34fc709f6 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Mon, 14 Jul 2025 11:49:37 +0200 Subject: [PATCH 3/6] wip Signed-off-by: Jan Kowalleck --- knip.jsonc | 1 - 1 file changed, 1 deletion(-) diff --git a/knip.jsonc b/knip.jsonc index 5245b9fea..11c620df0 100644 --- a/knip.jsonc +++ b/knip.jsonc @@ -7,7 +7,6 @@ "project": [ "src/**!", "res/**!", - "examples/**", "tests/**", "!tests/_data/normalizeResults/**", "!tests/_data/schemaTestData/**" From ef21c6bdce8585d78659912d09871910e3ac7e9e Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Mon, 14 Jul 2025 11:57:59 +0200 Subject: [PATCH 4/6] wip Signed-off-by: Jan Kowalleck --- tools/test-dependencies/.gitignore | 3 --- 1 file changed, 3 deletions(-) diff --git a/tools/test-dependencies/.gitignore b/tools/test-dependencies/.gitignore index e06506567..c1b13780e 100644 --- a/tools/test-dependencies/.gitignore +++ b/tools/test-dependencies/.gitignore @@ -2,6 +2,3 @@ !/.gitignore !/package.json !/.npmrc -!/tsdoc.json -!/typedoc.json -!/typedoc.*.json From cfb53721db75792abbfc49f25afcca4571bfd2e7 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Mon, 14 Jul 2025 12:04:30 +0200 Subject: [PATCH 5/6] wip Signed-off-by: Jan Kowalleck --- .github/workflows/nodejs.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml index 6656b97d2..5240f0a85 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/nodejs.yml @@ -148,7 +148,6 @@ jobs: if-no-files-found: error test-dependencies: - needs: [ 'build' ] name: test dependencies runs-on: ubuntu-latest timeout-minutes: 10 From 8f0e4da21792d62e6af73faf6393d04f7d83c7a8 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Mon, 14 Jul 2025 12:16:06 +0200 Subject: [PATCH 6/6] wip Signed-off-by: Jan Kowalleck --- .github/workflows/nodejs.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml index 5240f0a85..1b0a13ab7 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/nodejs.yml @@ -155,12 +155,6 @@ jobs: - name: Checkout # see https://github.com/actions/checkout uses: actions/checkout@v4 - - name: fetch build artifact - # see https://github.com/actions/download-artifact - uses: actions/download-artifact@v4 - with: - name: dist.d - path: dist.d - name: Setup Node.js ${{ env.NODE_ACTIVE_LTS }} # see https://github.com/actions/setup-node uses: actions/setup-node@v4