Skip to content

semgrep/convert-libman

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.github/workflows
.github/workflows
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
convert-libman.js
convert-libman.js
 
 

Repository files navigation

convert-libman

Recursively searches for libman.json files and converts each to package.json with automatic package-lock.json generation. The generated files are created in the same directory as each discovered libman.json file.

Manual Usage

node convert-libman.js [path to directory to be scanned]

# Example: scan from current directory
node convert-libman.js

# Example: scan from a specific directory
node convert-libman.js ./projects

Local Docker Usage

Pull the Docker image from GitHub Container Registry and run it locally:

# Pull the latest image
docker pull ghcr.io/semgrep/convert-libman

# Run the conversion (scan from current directory)
docker run --rm -v $(pwd):/convert ghcr.io/semgrep/convert-libman

# Run the conversion (scan from a specific subdirectory)
docker run --rm -v $(pwd):/convert ghcr.io/semgrep/convert-libman /convert/some/subdirectory

Docker CI Usage

# GitHub Actions example
- name: Convert libman
  run: |
    docker run -v ${{ github.workspace }}:/convert ghcr.io/semgrep/convert-libman

# GitLab CI example
convert-libman:
  script:
    - docker run -v $PWD:/convert ghcr.io/semgrep/convert-libman
# Command line
docker run -v $(pwd):/convert ghcr.io/semgrep/convert-libman

GitHub Actions Usage

To automatically update & check in any changes made to libman.json, use the below action

name: Convert libman.json to package files
on:
  push:
    paths:
      - '**/libman.json'

permissions:
  contents: write  # needed to push commits

jobs:
  convert-libman:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v4
        with:
          fetch-depth: 0   # so we can push back to the same ref

      - name: Convert libman
        run: |
          docker run -v "${{ github.workspace }}:/convert" ghcr.io/semgrep/convert-libman

      - name: Commit updated package files (if any)
        run: |
          set -euo pipefail

          # make the workspace safe for git (sometimes needed in CI)
          git config --global --add safe.directory "$GITHUB_WORKSPACE"

          # author details for the commit
          git config user.name "github-actions[bot]"
          git config user.email "github-actions[bot]@users.noreply.github.com"

          # stage only package files that changed/appeared
          CHANGED=$(git status --porcelain -- '**/package.json' '**/package-lock.json' | wc -l)
          if [ "$CHANGED" -gt 0 ]; then
            git add **/package.json **/package-lock.json
            git commit -m "chore(convert-libman): update package files after libman.json change"
            git push
            echo "Committed and pushed package file updates."
          else
            echo "No package file changes to commit."
          fi

About

Conversion script for libman.json to package.json and package-lock.json

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages