Skip to content
/ package-json-validator Public

A Github Action for validating package.json conventions.

License

Apache-2.0 license
3 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ExpediaGroup/package-json-validator

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Repository files navigation

Release

package-json-validator

A Github Action for validating package.json conventions.

Rules

Use the rules input to specify one or more rules you would like to check for your package.json.

Ranges

The "ranges" rule validates that all package.json dependencies are exact versions, or use only the allowed version ranges specified. Click here for details about version ranges.

The following usage would allow "my-package": "1.2.3" but prevent "my-package": "^1.2.3".

steps:
  - name: Checkout
    uses: actions/checkout@v3

  - uses: ExpediaGroup/package-json-validator@v1
    with:
      rules: ranges

You can also specify allowed-ranges. The following would allow "my-package": "^1.2.3" but prevent "my-package": "~1.2.3".

steps:
  - name: Checkout
    uses: actions/checkout@v3

  - uses: ExpediaGroup/package-json-validator@v1
    with:
      rules: ranges
      allowed-ranges: ^

Tags

The "tags" rule validates that all package.json dependencies contain no tagged versions, or use only the allowed tags specified. Click here for details about tags.

The following usage would allow "my-package": "1.2.3" but prevent "my-package": "1.2.3-alpha.456.0".

steps:
  - name: Checkout
    uses: actions/checkout@v3

  - uses: ExpediaGroup/package-json-validator@v1
    with:
      rules: tags

The following usage would allow "my-package": "1.2.3-canary.456.0" but prevent "my-package": "1.2.3-alpha.456.0".

steps:
  - name: Checkout
    uses: actions/checkout@v3

  - uses: ExpediaGroup/package-json-validator@v1
    with:
      rules: tags
      allowed-tags: canary

Resolutions

The "resolutions" rule validates that your package.json does not contain the resolutions option.

steps:
  - name: Checkout
    uses: actions/checkout@v3

  - uses: ExpediaGroup/package-json-validator@v1
    with:
    rules: resolutions

Specify ignore-resolutions to skip resolution validation entirely for certain packages. Optionally provide a newline separated list of package names here

steps:
  - name: Checkout
    uses: actions/checkout@v3

  - uses: ExpediaGroup/package-json-validator@v1
    with:
      rules: resolutions
      ignore-resolutions: resolution-package-to-ignore

Specify ignore-resolutions-until to skip resolution validation entirely for certain amount of time. You can use any format supported by Date constructor MDN

steps:
  - name: Checkout
    uses: actions/checkout@v3

  - uses: ExpediaGroup/package-json-validator@v1
    with:
      rules: resolutions
      ignore-resolutions-until: 2000-01-01

Keys

The "keys" rule validates that your package.json does not contain duplicate dependency keys.

steps:
  - name: Checkout
    uses: actions/checkout@v3

  - uses: ExpediaGroup/package-json-validator@v1
    with:
    rules: keys

Example invalid package.json this will prevent:

{
  "dependencies": {
    "some-dependency": "1.0.0",
    "some-dependency": "2.0.0"
  }
}

Other Inputs

Specify package-json-location to specify another location for the package.json to validate. Defaults to ./package.json.

steps:
  - name: Checkout
    uses: actions/checkout@v3

  - uses: ExpediaGroup/package-json-validator@v1
    with:
      rules: ranges
      package-json-location: ./project/package.json

Specify dependency-types to denote which type of package.json dependencies you wish to validate. Valid options include dependencies, devDependencies, peerDependencies, and optionalDependencies. Defaults to dependencies.

steps:
  - name: Checkout
    uses: actions/checkout@v3

  - uses: ExpediaGroup/package-json-validator@v1
    with:
      rules: ranges
      dependency-types: devDependencies

Specify ignore-packages to skip validation entirely for certain packages. Optionally provide a newline separated list of package names here.

steps:
  - name: Checkout
    uses: actions/checkout@v3

  - uses: ExpediaGroup/package-json-validator@v1
    with:
      rules: ranges
      ignore-packages: package-to-ignore

Other Usages

You may also enforce multiple rules (and pass additional inputs) like this:

steps:
  - name: Checkout
    uses: actions/checkout@v3

  - uses: ExpediaGroup/package-json-validator@v1
    with:
      rules: |
        ranges
        tags
      allowed-ranges: |
        ^
        *
      allowed-tags: |
        alpha
        canary
      dependency-types: |
        dependencies
        devDependencies
      ignore-packages: |
        package-to-ignore
        another-package-to-ignore

Contact

This project is part of Expedia Group Open Source but also maintained by Dan Adajian

License

The scripts and documentation in this project are released under the Apache 2 License.

Contributions

  • Follow semantic-release commit formatting. See CONTRIBUTING.md for details.

About

A Github Action for validating package.json conventions.

Topics

oss-portal-listed

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

3 stars

Watchers

3 watching

Forks

6 forks
Report repository

Releases 14

v1.10.0 Latest
Jun 10, 2024
+ 13 releases

Packages

No packages published

Contributors 6

Languages