dependency-cruiser

• ⬆️ ajv and resolve (and a few dev dependencies)
• documentation updates

• fixes https://github.com/sverweij/dependency-cruiser/projects/1#card-1864383
• small documentation update

The changes in this release are not that big, they are however 'breaking' a.c.t. the previous releases. Despite this, the migration effort will probably be small to non-existent. Here's the list of breaking changes, so you can judge for yourself:

• 🐥 makes the 'err' reporter the default option over the 'json' one.
  The 'json' reporter is mostly there for development/ debugging, whereas the 'err' reporter is one of dependency-cruisers's main intended uses.
• 👞 remove the vis reporter.
  The vis reporter looked nice, but its visual representation was useful only for toy projects.
• 👞 remove coffee-script and typescript as dependencies.
  Don't worry, dependency-cruisers still supports CoffeeSript and TypeScript. This change just means it'll use the transpiler already available in the node_modules it's installed in. This saves in download time (/ disk space) It also means it'll use the same version of the transpiler you are using already.
• 👞 remove two deprecated rules you could use in your rules configuration:
  • the ownFolder rule - which was deprecated in favour of regular expression group matching, which is more flexible and more straightforward to use. See the section on group matching in the rules reference for details.
  • the coreModule rule - which was already deprecated in favour of the more versatile dependencyTypes rule

Maintenance release: with only an ⬆️ of some dependencies (a.o. typescript, coffee-script, acorn, ajv)

• v1.x.x of dependency-cruiser is in maintenance mode as per now. This means
  • no new features
  • bug-fixes and dependency upgrades only - and this only by request
  • publishing to npm only on request
  • v1 code is in a separate branch
• Development continues in v2 which is mostly backwards compatible with v1, with a few exceptions (see the v2.0.0 release for details)

v1.15.7 is not published to npm. If you need it over there let me know.

• ⬆️ acorn
• 🔧 internal refactoring

• ⬆️ ajv, coffee-script
• tiny mainenance updates

• 🐛 writing output to an (OS) pipe now works always instead of most of the time

• removes 'global install' advisory from package.json
• ⬆️ typescript to 2.1.5
• devDependency update & small fix in a test

• 🐥 expands the group matching introduced in v1.15.0 to more than one group (e.g. in "([^\\.])/(.+)$" stuff before the slash is available in $1, after the slash in $2 - and the whole match is available in $0.
• 📖 splits the rules documentation in a tutorial and a reference.
• 📖 expands documentation on group matching with the expansion to > 1 group.
• ⬆️ upgrades ajv (json schema validator) and eslint

• 🐣 include support for matching groups:
  • Sometimes you'll want to use a part of the path the 'from' part of your rule matched and use it in the 'to' part. E.g. when you want to prevent stuff in the same folder to be matched.
  • To achieve this you'll need to do two things:
    • In the to of your rule:
      Make sure the part of the path you want to be matched is between brackets.
      Like so: "^src/([^/]+)/.+"
    • In the from part of your rule:
      You can reference the part matched between brackets by using $1 in path
      and pathNot rules. Like so: "pathNot": "^src/$1/.+".
  • See group matching in the rules guide for a little more information.
• 🔧 with the introduction of 'matching groups', the ownFolder attribute is deprecated. 'matching groups' offer more flexibility and more straightforward semantics, while they can achieve the same.
• 🐛 pathNot attributes with scary regular expressions now get flagged as well (path attributes already had this)

• 🐣 Adds a --init-rules option. This creates a .dependency-cruiser.json with some useful rules in it to the current folder and exits. See below for the 'starter kit' rules.
• 📖 improves the intro text of the --info option a bit
• 👷 tell bithound it's ok that we do have typescript and coffee-script in our dependencies, but nowhere in a direct require or import - as we're using a different construct there

The rules:

• 🐣 adds a moreThanOneDependencyType property to the validation rule format so it is possible to check on "multiple inclusions" (e.g. both in dependencies and in devDependencies) see rules.md#more-than-one-dependencytype-per-dependency for an example.
• 🐣 modules that can't be followed any further grow a dependencyTypes when they're on a 'from' side in the output object
• ⬆️ js-makedepend

🐣 check against dependencies in package.json

• Adds a 'dependencyTypes' array to the extraction output format that
  describes whether the dependency is e.g. a dependency or devDependency
  in package.json, a core module, local one, could not be determined,
  ...
• Adds a 'dependencyTypes' array to the validation rules definition. The
  associated rule checks if there is an intersection between the
  dependencyTypes array defined in the rules file and the one in the 'to'
  of the output object.
• Deprecates the 'coreModule' attribute - the dependencyTypes contains
  the same information and the format is more elegant and flexible.

  Deprecated means: will definitely be gone in version v2.0.0 and higher.

🔧 Other stuff

• When displaying transpiler info (depcruise --info) dependency-cruiser
  now takes the current version of the transpiler into account in determining availability
• Adds the checks against package.json to dependency-cruisers own dependency-cruiser
  rules.
• ⬆️ ajv

• 🔧 make adding new (alt-js) languages easier; sorta pluggable.
• 🐣 adds support for LiveScript in this fashion. Works if livescript is available - but if it isn't dependency-cruiser will happily chug along on the other supported languages (currently javascript, typescript and coffee script)
• 🐣 add a --info command line option that shows what alt-js/ transpilers dependency-cruiser thinks are supported.
• ⬆️ ajv, lodash and some dev dependencies

• Enables multiple files/ directories to be passed on the command line (and scanned in one go)
• Adds a first version of a javascript API. Working well, but subject to change.
• The json output (/ the json schema describing it) now include a meta data section

• adds support for literate CoffeeScript (.litcoffee, .coffee.md)
• ⬆️ TypeScript 2.0.10 -> v2.1.4
• 📖 small copy tweaks

• adds support for CoffeeScript (💥)
• simplifies the README and reorganizes the documentation so it's easier to learn and find things
• dot output now also colors unresolvable modules that appear to be in folders red.
• cosmetic changes to error messages

• There's now a json schema for the (json) output - and there's automated tests in place to make sure dependency-cruiser keeps adhering to it.
• There's a json schema for the rules file format as well. In stead of silently ignoring unexpected content, dependency-cruiser will now stop with an error.
• The package published at npm lost some weight (~0.5Mb) because the .npmignore now contains more files that are not strictly necessary for using dependency-cruiser.

Changes since v1.5.0:

• Support for typescript out of the box - no pre-processing/ transpilation necessary anymore (💥!)
• Other changes
  • dot reporter:
    • adds the violated rule in a tooltip
    • adds a link to the source (for modules that could be resolved to files)
  • err reporter:
    • only exit with a non-zero exit code when there's at least one error (leaving warnings and informational message)
    • small layout tweaks

• support for new rules
  • match a (to-) module against it being a coreModule or not
  • match a (to-) module against whether or not it could be resolved to an actual file on disk (couldNotResolve).
    this makes it easy to weed out
  • negative matches against paths
• changes in the validation format to enable more elaborate rules - see below for a list
• merged the --validate and --rules-file option: you can now just specify the (still optional) rule file with the --validate parameter

dependency-cruise -v my-dependency-rules.json -T err src

Changes to the validation config

note the utl/map-1-4-ruleset-to1-5.js script takes a pre 1.5.0 ruleset and transforms it to a post 1.5.0 one:

node url/utl/map-1-4-ruleset-to1-5.js your-pre-1-5-0-ruleset.json

• from and to are now objects so they can contain multiple properties to match against.
  • The properties for both from and to:
    • path - a regular expression of a path to match against
    • pathNot - match against all paths except the one matching this regular expression
      -The properties useful only for to:
    • coreModule - a boolean value indicating whether to match against node.js core modules
    • couldNotResolve - a boolean value indicating whether to match against modules dependency cruiser could resolve them to something on disk (or a core module)
• level renamed to severity
• values for severity can now be error, warning and info