From feec32063fe34a989c32b9add3449cad448bc51d Mon Sep 17 00:00:00 2001 From: Revanshu Paliwal Date: Mon, 10 Oct 2022 15:32:39 +0200 Subject: [PATCH] [NO JIRA] Validate package.json format --- server/sonar-web/package.json | 9 ++--- .../scripts/validate-package-json.js | 35 +++++++++++++++++++ server/sonar-web/yarn.lock | 4 +-- 3 files changed, 42 insertions(+), 6 deletions(-) create mode 100644 server/sonar-web/scripts/validate-package-json.js diff --git a/server/sonar-web/package.json b/server/sonar-web/package.json index 34541da1e24..5ac900ebfc5 100644 --- a/server/sonar-web/package.json +++ b/server/sonar-web/package.json @@ -40,7 +40,7 @@ "rehype-slug": "3.0.0", "remark": "11.0.2", "remark-custom-blocks": "2.5.1", - "remark-react": "7", + "remark-react": "7.0.1", "remark-rehype": "6.0.0", "unist-util-visit": "2.0.2", "valid-url": "1.0.9" @@ -124,10 +124,11 @@ "lint-report": "eslint --ext js,ts,tsx -f json -o eslint-report/eslint-report.json src/main/js", "lint-report-ci": "yarn install --immutable && eslint --ext js,ts,tsx -f json -o eslint-report/eslint-report.json src/main/js || yarn lint", "ts-check": "tsc --noEmit", - "validate": "yarn lint && yarn ts-check && yarn format-check && yarn test", - "validate-ci": "yarn install --immutable && yarn test --coverage --maxWorkers=4 --ci", + "validate": "yarn dep-check && yarn lint && yarn ts-check && yarn format-check && yarn test", + "validate-ci": "yarn install --immutable && yarn dep-check && yarn test --coverage --maxWorkers=4 --ci", "check-ci": "yarn install --immutable && yarn ts-check && yarn format-check", - "update-cwes": "node scripts/update-cwes.js" + "update-cwes": "node scripts/update-cwes.js", + "dep-check": "node scripts/validate-package-json.js" }, "engines": { "node": ">=8" diff --git a/server/sonar-web/scripts/validate-package-json.js b/server/sonar-web/scripts/validate-package-json.js new file mode 100644 index 00000000000..23fb728ab2f --- /dev/null +++ b/server/sonar-web/scripts/validate-package-json.js @@ -0,0 +1,35 @@ +/* + * SonarQube + * Copyright (C) 2009-2022 SonarSource SA + * mailto:info AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +const { dependencies, devDependencies } = require('../package.json'); + +const dependenciesArray = Object.entries(dependencies); +const devDependenciesArray = Object.entries(devDependencies); + +const violatingDependencies = [...dependenciesArray, ...devDependenciesArray].filter( + ([id, version]) => !/^\d+\.\d+\.\d+$/.test(version) +); + +if (violatingDependencies.length > 0) { + throw new Error( + `Following dependencies must be locked to an exact version: +${violatingDependencies.map(([id, version]) => ` - "${id}": "${version}"`).join('\n')} +` + ); +} diff --git a/server/sonar-web/yarn.lock b/server/sonar-web/yarn.lock index 4045263e11a..7e7d9be455b 100644 --- a/server/sonar-web/yarn.lock +++ b/server/sonar-web/yarn.lock @@ -2406,7 +2406,7 @@ __metadata: rehype-slug: 3.0.0 remark: 11.0.2 remark-custom-blocks: 2.5.1 - remark-react: 7 + remark-react: 7.0.1 remark-rehype: 6.0.0 testing-library-selector: 0.2.1 typescript: 4.6.3 @@ -9431,7 +9431,7 @@ __metadata: languageName: node linkType: hard -"remark-react@npm:7": +"remark-react@npm:7.0.1": version: 7.0.1 resolution: "remark-react@npm:7.0.1" dependencies: -- 2.39.5