64 lines
1.6 KiB
Bash
Executable File
64 lines
1.6 KiB
Bash
Executable File
#!/bin/sh
|
|
# Refresh package-lock.json to apply npm overrides and get latest compatible versions
|
|
# This ensures security patches from overrides are actually applied
|
|
#
|
|
# Usage:
|
|
# ./scripts/refresh-lockfile.sh # Refresh lock file and install deps
|
|
# ./scripts/refresh-lockfile.sh --check # Check if refresh needed (for CI)
|
|
|
|
set -e
|
|
|
|
cd "$(dirname "$0")/.."
|
|
|
|
CHECK_MODE=false
|
|
if [ "$1" = "--check" ]; then
|
|
CHECK_MODE=true
|
|
fi
|
|
|
|
echo "🔄 Refreshing package-lock.json..."
|
|
|
|
# Detect hash command (sha256sum on Linux, shasum on macOS)
|
|
HASH_CMD=""
|
|
if command -v sha256sum >/dev/null 2>&1; then
|
|
HASH_CMD="sha256sum"
|
|
elif command -v shasum >/dev/null 2>&1; then
|
|
HASH_CMD="shasum -a 256"
|
|
else
|
|
echo "❌ Error: Neither sha256sum nor shasum found"
|
|
exit 1
|
|
fi
|
|
|
|
# Backup current lock file hash for comparison
|
|
OLD_HASH=""
|
|
if [ -f package-lock.json ]; then
|
|
OLD_HASH=$($HASH_CMD package-lock.json | cut -d' ' -f1)
|
|
fi
|
|
|
|
# Clean and regenerate
|
|
rm -rf node_modules package-lock.json
|
|
|
|
if [ "$CHECK_MODE" = true ]; then
|
|
# CI mode: just generate lock file quickly
|
|
npm install --package-lock-only
|
|
else
|
|
# Local mode: full install
|
|
npm install
|
|
fi
|
|
|
|
NEW_HASH=$($HASH_CMD package-lock.json | cut -d' ' -f1)
|
|
|
|
if [ "$OLD_HASH" = "$NEW_HASH" ]; then
|
|
echo "✅ package-lock.json is up to date"
|
|
exit 0
|
|
else
|
|
echo "📦 package-lock.json was updated"
|
|
|
|
if [ "$CHECK_MODE" = true ]; then
|
|
echo "⚠️ Lock file is out of date - run 'npm run refresh:lockfile' locally"
|
|
exit 1
|
|
fi
|
|
|
|
echo "✅ Refresh complete - commit the updated package-lock.json"
|
|
exit 0
|
|
fi
|