feat: add npm-check command to check outdated packages and vulnerabil…#184
Draft
dermatz wants to merge 3 commits into
Draft
feat: add npm-check command to check outdated packages and vulnerabil…#184dermatz wants to merge 3 commits into
dermatz wants to merge 3 commits into
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces a new CLI command for checking npm dependencies and vulnerabilities in Magento themes, along with supporting service methods and workflow integration. The main focus is to provide developers with a convenient way to identify and address outdated npm packages and security issues for theme development.
Key changes include:
New Command: Theme npm-check
mageforge:theme:npm-check(with aliasesm:t:ncandfrontend:npm-check) that checks npm dependencies for outdated packages and vulnerabilities in Magento themes. This command supports interactive theme selection, displays results in tables, and offers to runnpm update --latestandnpm audit fixinteractively. (src/Console/Command/Theme/NpmCheckCommand.php)src/etc/di.xml)Node Package Manager Service Enhancements
NodePackageManagerfor:getOutdatedPackages)npm update --latest(runNpmUpdate)getAuditResults)npm audit fix(runAuditFix)These methods are used by the new command for programmatic npm checks and fixes. (
src/Service/NodePackageManager.php)CI Workflow Updates
mageforge:theme:npm-check,m:t:nc, andfrontend:npm-checkis available and correct. (.github/workflows/magento-compatibility.yml) [1] [2]