Skip to content

Commit c6a1c86

Browse files
committed
feat: add n8n community node wrapper
1 parent e0a1dea commit c6a1c86

8 files changed

Lines changed: 1665 additions & 55 deletions

File tree

.github/workflows/publish.yml

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
name: Publish
2+
3+
on:
4+
push:
5+
tags:
6+
- '*.*.*'
7+
8+
jobs:
9+
publish:
10+
name: Publish to npm
11+
runs-on: ubuntu-latest
12+
permissions:
13+
id-token: write
14+
contents: read
15+
16+
steps:
17+
- uses: actions/checkout@v5
18+
19+
- name: Setup Node.js
20+
uses: actions/setup-node@v5
21+
with:
22+
# npm Trusted Publishing requires Node >=22.14.0 and npm >=11.5.1.
23+
node-version: '22.14.0'
24+
cache: npm
25+
registry-url: https://registry.npmjs.org
26+
27+
- name: Upgrade npm for Trusted Publishing
28+
run: |
29+
npm install -g npm@latest
30+
node --version
31+
npm --version
32+
33+
- name: Install dependencies
34+
run: npm ci
35+
36+
- name: Validate package
37+
run: npm run validate
38+
39+
- name: Publish
40+
run: |
41+
[ -n "$NPM_TOKEN" ] && npm config set //registry.npmjs.org/:_authToken "$NPM_TOKEN"
42+
npm publish --provenance --access public
43+
env:
44+
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

.nvmrc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
20.19.6
1+
22.14.0

README.md

Lines changed: 63 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# n8n Node Package Auditor
22

3-
A TypeScript CLI that audits n8n community-node packages for public package quality, CI readiness, npm provenance publishing, and documentation hygiene.
3+
An n8n community node plus CLI that audits n8n community-node packages for public package quality, CI readiness, npm provenance publishing, and documentation hygiene.
44

55
It was built as a portfolio-friendly automation tool after hardening and publishing `n8n-nodes-textdotlk`.
66

@@ -13,21 +13,59 @@ It was built as a portfolio-friendly automation tool after hardening and publish
1313
- GitHub Actions CI workflow signals, including dependency installation plus validation commands
1414
- npm Trusted Publishing / provenance workflow signals, including tag triggers and OIDC permissions
1515
- README installation and usage sections
16-
- SECURITY.md or README security guidance
16+
- `SECURITY.md` or README security guidance
1717

18-
## Install for local development
18+
## Install in n8n
19+
20+
After the package is published to npm, install it from n8n:
21+
22+
1. Go to **Settings → Community Nodes**.
23+
2. Select **Install a community node**.
24+
3. Enter:
25+
26+
```text
27+
n8n-nodes-package-auditor
28+
```
29+
30+
4. Click **Install** and restart n8n if prompted.
31+
32+
The installed node appears as **n8n Package Auditor**.
33+
34+
### n8n node parameters
35+
36+
- **Package Path**: Path to the package folder as seen by the n8n runtime.
37+
- **Output Format**: `JSON`, `Markdown`, or `Text` for the `formattedReport` field.
38+
- **Minimum Score**: Score threshold used to set the boolean `passed` output.
39+
40+
For Docker-based n8n, mount the package/repo you want to audit into the n8n container first, then use that container path in **Package Path**.
41+
42+
## Install as a CLI
43+
44+
After publish, install globally:
45+
46+
```bash
47+
npm install -g n8n-nodes-package-auditor
48+
```
49+
50+
The CLI binary remains:
51+
52+
```bash
53+
n8n-node-package-auditor ./some-n8n-node-package --format text
54+
```
55+
56+
## Local development setup
1957

2058
```bash
2159
git clone https://github.com/NPFernando/n8n-node-package-auditor.git
2260
cd n8n-node-package-auditor
23-
nvm use
61+
nvm use # Node.js 22.14+ and npm 10+
2462
npm ci
2563
npm run validate
2664
```
2765

28-
## Usage
66+
## CLI usage from source
2967

30-
Run against an n8n community node package folder:
68+
Run against an n8n community-node package folder:
3169

3270
```bash
3371
npm run build
@@ -48,7 +86,7 @@ Gate automation with a minimum score:
4886
node dist/cli.js ../n8n-nodes-textdotlk --min-score 85
4987
```
5088

51-
## Example
89+
## Example output
5290

5391
```text
5492
n8n Node Package Audit
@@ -66,13 +104,27 @@ npm test
66104
npm run lint
67105
npm run build
68106
npm run validate
107+
npm pack --dry-run
108+
```
109+
110+
Verify the package installs and loads in a real n8n Docker image:
111+
112+
```bash
113+
npm run smoke:n8n:docker
114+
```
115+
116+
To verify a published npm version after release:
117+
118+
```bash
119+
PACKAGE_VERSION=0.1.0 npm run smoke:n8n:docker
69120
```
70121

71122
## Design notes
72123

73-
- Local-first CLI; no secrets required.
124+
- Local-first CLI and n8n node; no secrets required.
74125
- Static package-folder audit only; it does not call npm or GitHub APIs yet.
75-
- Failing checks exit with a non-zero status so the tool can run in CI.
126+
- Failing checks exit with a non-zero status so the CLI can run in CI.
127+
- The n8n node returns structured fields plus a `formattedReport` string.
76128
- JSON and Markdown formats are intended for automation reports and PR comments.
77129
- Text reports hide absolute local path prefixes by default to avoid leaking machine-specific WSL/home paths in public snippets.
78130

@@ -81,8 +133,8 @@ npm run validate
81133
- Add optional npm registry version/provenance verification.
82134
- Add GitHub API checks for package/repo topics and latest CI status.
83135
- Add configurable scoring profiles.
84-
- Publish as an npm package after CLI UX stabilizes.
136+
- Add npm/GitHub URL audit mode for n8n Cloud-friendly workflows.
85137

86138
## Security
87139

88-
This tool reads local package files and prints metadata. It should not read `.env` files or secrets. If future API integrations are added, credentials should be provided through environment variables and never serialized into reports.
140+
This tool reads package files from the path you provide and prints package metadata. It should not read `.env` files or secrets. If future API integrations are added, credentials should be provided through environment variables or n8n credentials and never serialized into reports.

0 commit comments

Comments
 (0)