From abe5c5c2524313f51922135cff562d08d9436605 Mon Sep 17 00:00:00 2001 From: Pete Gonzalez <4673363+octogonz@users.noreply.github.com> Date: Fri, 7 Jun 2024 20:45:36 -0700 Subject: [PATCH 1/2] Update people.json --- websites/rushstack.io/data/people.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/websites/rushstack.io/data/people.json b/websites/rushstack.io/data/people.json index 37a3859c..1452c0c0 100644 --- a/websites/rushstack.io/data/people.json +++ b/websites/rushstack.io/data/people.json @@ -6,6 +6,11 @@ "githubAlias": "apostolisms", "caption": "manages the team that hosts the Rush Stack projects" }, + { + "name": "Cheng", + "githubAlias": "chengcyber", + "caption": "contributed many Rush features including cobuilds and the plugin system" + }, { "name": "Daniel Nadeau", "githubAlias": "D4N14L", @@ -34,11 +39,6 @@ ], "//": "Alphabetical by first name", "collaborators": [ - { - "name": "Cheng", - "githubAlias": "chengcyber", - "caption": "facilitating: Rush; contributed many features including the Rush plugin system" - }, { "name": "Elliot Nelson", "githubAlias": "elliot-nelson", From 4e7db7397e555f17cc81cdb9efbe50ebed114747 Mon Sep 17 00:00:00 2001 From: Pete Gonzalez <4673363+octogonz@users.noreply.github.com> Date: Mon, 24 Jun 2024 22:48:02 -0700 Subject: [PATCH 2/2] Add preliminary docs for Lockfile Lint --- .../docs/pages/cli/lflint-check.md | 15 +++ .../docs/pages/cli/lflint-init.md | 15 +++ .../lfx.rushstack.io/docs/pages/cli/lfx.md | 20 ++++ .../docs/pages/lint/lockfile-lint.md | 99 +++++++++++++++++++ websites/lfx.rushstack.io/sidebars.js | 12 +++ 5 files changed, 161 insertions(+) create mode 100644 websites/lfx.rushstack.io/docs/pages/cli/lflint-check.md create mode 100644 websites/lfx.rushstack.io/docs/pages/cli/lflint-init.md create mode 100644 websites/lfx.rushstack.io/docs/pages/cli/lfx.md create mode 100644 websites/lfx.rushstack.io/docs/pages/lint/lockfile-lint.md diff --git a/websites/lfx.rushstack.io/docs/pages/cli/lflint-check.md b/websites/lfx.rushstack.io/docs/pages/cli/lflint-check.md new file mode 100644 index 00000000..4b1b9935 --- /dev/null +++ b/websites/lfx.rushstack.io/docs/pages/cli/lflint-check.md @@ -0,0 +1,15 @@ +--- +title: lockfile-lint check +--- + +> You can use `lflint` as a shorthand for the `lockfile-lint` shell command. In CI scripts, it is recommended to include the full name for readability. + +``` +usage: lockfile-lint check [-h] + +This command applies the policies that are configured in lockfile-lint.json, +reporting any problems found in your PNPM workspace. + +Optional arguments: + -h, --help Show this help message and exit. +``` diff --git a/websites/lfx.rushstack.io/docs/pages/cli/lflint-init.md b/websites/lfx.rushstack.io/docs/pages/cli/lflint-init.md new file mode 100644 index 00000000..2b50a3e4 --- /dev/null +++ b/websites/lfx.rushstack.io/docs/pages/cli/lflint-init.md @@ -0,0 +1,15 @@ +--- +title: lockfile-lint init +--- + +> You can use `lflint` as a shorthand for the `lockfile-lint` shell command. In CI scripts, it is recommended to include the full name for readability. + +``` +usage: lockfile-lint init [-h] + +This command initializes a new lockfile-lint.json config file. The created +template file includes source code comments that document the settings. + +Optional arguments: + -h, --help Show this help message and exit. +``` diff --git a/websites/lfx.rushstack.io/docs/pages/cli/lfx.md b/websites/lfx.rushstack.io/docs/pages/cli/lfx.md new file mode 100644 index 00000000..d693d4e7 --- /dev/null +++ b/websites/lfx.rushstack.io/docs/pages/cli/lfx.md @@ -0,0 +1,20 @@ +--- +title: lockfile-explorer +--- + +> You can use `lfx` as a shorthand for the `lockfile-explorer` shell command. In CI scripts, it is recommended to include the full name for readability. + +``` +usage: lockfile-explorer [-h] [-d] [--subspace SUBSPACE_NAME] + +Lockfile Explorer is a desktop app for investigating and solving version +conflicts in a PNPM workspace. + +Optional arguments: + -h, --help Show this help message and exit. + -d, --debug Show the full call stack if an error occurs while + executing the tool + --subspace SUBSPACE_NAME + Specifies an individual Rush subspace to check. The + default value is "default". +``` diff --git a/websites/lfx.rushstack.io/docs/pages/lint/lockfile-lint.md b/websites/lfx.rushstack.io/docs/pages/lint/lockfile-lint.md new file mode 100644 index 00000000..c6f0b019 --- /dev/null +++ b/websites/lfx.rushstack.io/docs/pages/lint/lockfile-lint.md @@ -0,0 +1,99 @@ +--- +title: Introduction +--- + +**Lockfile Lint** is a companion tool for preventing problems from reoccurring, after you've solved them using Lockfile Explorer. Similar to ESLint, it provides a config file **lockfile-lint.json** where you can define rules that check for various issues in your lockfile. + +## Quick start + +1. Lockfile Lint is included in the same package as Lockfile Explorer. If you didn't do so already, install it like this: + + ```shell + npm install --global @rushstack/lockfile-explorer + ``` + +2. Create the **lockfile-lint.json** config file: + + ```shell + cd my-rush-repo + + lockfile-lint init + ``` + +3. Edit the config file to enable policies that you want to check. + +4. Test the policies: + + ```shell + lockfile-lint check + ``` + + If issues are found, the output might look like this: + + ``` + Rush Lockfile Lint - https://lfx.rushstack.io/ + + Checking project "my-toolchain" + Checking project "my-app" + Checking project "my-controls" + + PROBLEM: [restrict-versions] The version of "whatwg-fetch" should match "2.x"; actual version is "3.6.2" + + PROBLEM: [restrict-versions] The version of "colors" should match "2.x"; actual version is "1.4.0" + ``` + +5. Add `lockfile-lint` to your CI validation pipeline. When the tool reports problems, the process exit code will be nonzero, causing the build to fail. + +## Config file + +**common/config/lockfile-lint/lockfile-lint.json** + +```js +/** + * Config file for Lockfile Lint. For more info, please visit: https://lfx.rushstack.io + */ +{ + "$schema": "https://developer.microsoft.com/json-schemas/lockfile-explorer/lockfile-lint.schema.json", + + /** + * The list of rules to be checked by Lockfile Lint. For each rule configuration, the + * type of rule is determined by the `rule` field. + */ + "rules": [ + // /** + // * The `restrict-versions` rule enforces that direct and indirect dependencies must + // * satisfy a specified version range. + // */ + // { + // "rule": "restrict-versions", + // + // /** + // * The name of a workspace project to analyze. + // */ + // "project": "@my-company/my-app", + // + // /** + // * Indicates the package versions to be checked. The `requiredVersions` key is + // * the name of an NPM package, and the value is a SemVer range. If the project has + // * that NPM package as a dependency, then its version must satisfy the SemVer range. + // * This check also applies to devDependencies and peerDependencies, as well as any + // * indirect dependencies of the project. + // */ + // "requiredVersions": { + // /** + // * For example, if `react-router` appears anywhere in the dependency graph of + // * `@my-company/my-app`, then it must be version 5 or 6. + // */ + // "react-router": "5.x || 6.x", + // "react": "^18.3.0", + // "react-dom": "^18.3.0" + // } + // } + ] +} +``` + +## See also + +- [lockfile-lint init](../cli/lflint-init.md) command +- [lockfile-lint check](../cli/lflint-check.md) command diff --git a/websites/lfx.rushstack.io/sidebars.js b/websites/lfx.rushstack.io/sidebars.js index 1f492c80..6d84fd0e 100644 --- a/websites/lfx.rushstack.io/sidebars.js +++ b/websites/lfx.rushstack.io/sidebars.js @@ -59,6 +59,18 @@ const sidebars = { // 'pages/scenarios/phantom_dependencies' ] }, + { + type: 'category', + label: 'Lockfile Lint (EXPERIMENTAL)', + collapsible: false, + items: ['pages/lint/lockfile-lint'] + }, + { + type: 'category', + label: 'Command line', + collapsible: false, + items: ['pages/cli/lfx', 'pages/cli/lflint-init', 'pages/cli/lflint-check'] + }, { type: 'category', label: 'Support',