Mirrors/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-28 20:46:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

ci(deps): gate extension-owned root dependencies

Browse Source
This commit is contained in:
Peter Steinberger
2026-04-21 21:07:58 +01:00
parent b2e8b7d4bb
commit e5af4e3b5c
4 changed files with 112 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/ci.yml vendored
View File

@@ -1642,6 +1642,7 @@ jobs:
run_check "lint:plugins:no-extension-src-imports" pnpm run lint:plugins:no-extension-src-imports
run_check "lint:plugins:no-extension-test-core-imports" pnpm run lint:plugins:no-extension-test-core-imports
run_check "lint:plugins:plugin-sdk-subpaths-exported" pnpm run lint:plugins:plugin-sdk-subpaths-exported
run_check "deps:root-ownership:check" pnpm deps:root-ownership:check
run_check "web-search-provider-boundary" pnpm run lint:web-search-provider-boundaries
run_check "web-fetch-provider-boundary" pnpm run lint:web-fetch-provider-boundaries
run_check "extension-src-outside-plugin-sdk-boundary" pnpm run lint:extensions:no-src-outside-plugin-sdk

3
package.json
View File

@@ -1282,6 +1282,7 @@
"deadcode:ts-prune": "pnpm dlx ts-prune src extensions scripts",
"deadcode:ts-unused": "pnpm dlx ts-unused-exports tsconfig.json --ignoreTestFiles --exitWithCount",
"deps:root-ownership": "node scripts/root-dependency-ownership-audit.mjs",
"deps:root-ownership:check": "node scripts/root-dependency-ownership-audit.mjs --check",
"dev": "node scripts/run-node.mjs",
"docs:bin": "node scripts/build-docs-list.mjs",
"docs:check-i18n-glossary": "node scripts/check-docs-i18n-glossary.mjs",
@@ -1382,7 +1383,7 @@
"qa:lab:up": "node --import tsx scripts/qa-lab-up.ts",
"qa:lab:up:fast": "node --import tsx scripts/qa-lab-up.ts --use-prebuilt-image --bind-ui-dist --skip-ui-build",
"qa:lab:watch": "vite build --watch --config extensions/qa-lab/web/vite.config.ts",
"release:check": "pnpm check:base-config-schema && pnpm check:bundled-channel-config-metadata && pnpm config:docs:check && pnpm plugin-sdk:check-exports && pnpm plugin-sdk:api:check && node --import tsx scripts/release-check.ts",
"release:check": "pnpm deps:root-ownership:check && pnpm check:base-config-schema && pnpm check:bundled-channel-config-metadata && pnpm config:docs:check && pnpm plugin-sdk:check-exports && pnpm plugin-sdk:api:check && node --import tsx scripts/release-check.ts",
"release:openclaw:npm:check": "node --import tsx scripts/openclaw-npm-release-check.ts",
"release:openclaw:npm:verify-published": "node --import tsx scripts/openclaw-npm-postpublish-verify.ts",
"release:plugins:clawhub:check": "node --import tsx scripts/plugin-clawhub-release-check.ts",

32
scripts/root-dependency-ownership-audit.mjs
View File

@@ -268,6 +268,23 @@ export function collectRootDependencyOwnershipAudit(params = {}) {
.toSorted((left, right) => left.depName.localeCompare(right.depName));
}
export function collectRootDependencyOwnershipCheckErrors(records) {
return records
.filter((record) => record.category === "extension_only_localizable")
.map((record) => {
const declaredInExtensions =
record.declaredInExtensions.length > 0
? `; extension declarations: ${record.declaredInExtensions.join(", ")}`
: "";
const sampleFiles =
record.sampleFiles.length > 0 ? `; sample imports: ${record.sampleFiles.join(", ")}` : "";
return (
`root dependency '${record.depName}' is extension-owned (${record.recommendation})` +
`${declaredInExtensions}${sampleFiles}`
);
});
}
function printTextReport(records) {
const grouped = new Map();
for (const record of records) {
@@ -294,7 +311,22 @@ function printTextReport(records) {
function main(argv = process.argv.slice(2)) {
const asJson = argv.includes("--json");
const check = argv.includes("--check");
const records = collectRootDependencyOwnershipAudit();
if (check) {
const errors = collectRootDependencyOwnershipCheckErrors(records);
if (errors.length > 0) {
for (const error of errors) {
console.error(`[root-dependency-ownership] ${error}`);
}
process.exitCode = 1;
return;
}
if (!asJson) {
console.error("[root-dependency-ownership] ok");
return;
}
}
if (asJson) {
console.log(JSON.stringify(records, null, 2));
return;

78
test/scripts/root-dependency-ownership-audit.test.ts
View File

@@ -1,9 +1,34 @@
import { describe, expect, it } from "vitest";
import { mkdirSync, mkdtempSync, rmSync, writeFileSync } from "node:fs";
import { tmpdir } from "node:os";
import path from "node:path";
import { afterEach, describe, expect, it } from "vitest";
import {
classifyRootDependencyOwnership,
collectRootDependencyOwnershipAudit,
collectRootDependencyOwnershipCheckErrors,
collectModuleSpecifiers,
} from "../../scripts/root-dependency-ownership-audit.mjs";
const tempDirs: string[] = [];
afterEach(() => {
for (const dir of tempDirs.splice(0)) {
rmSync(dir, { force: true, recursive: true });
}
});
function makeTempRepo() {
const dir = mkdtempSync(path.join(tmpdir(), "openclaw-root-deps-audit-"));
tempDirs.push(dir);
return dir;
}
function writeRepoFile(repoRoot: string, relativePath: string, value: string) {
const filePath = path.join(repoRoot, relativePath);
mkdirSync(path.dirname(filePath), { recursive: true });
writeFileSync(filePath, value, "utf8");
}
describe("collectModuleSpecifiers", () => {
it("captures require.resolve package lookups used by runtime shims and bundled plugins", () => {
expect([
@@ -80,3 +105,54 @@ describe("classifyRootDependencyOwnership", () => {
});
});
});
describe("collectRootDependencyOwnershipCheckErrors", () => {
it("catches dependencies mirrored at root but only imported by one extension", () => {
const repoRoot = makeTempRepo();
writeRepoFile(
repoRoot,
"package.json",
JSON.stringify({ dependencies: { "vendor-sdk": "^1.0.0" } }),
);
writeRepoFile(
repoRoot,
"extensions/qqbot/package.json",
JSON.stringify({ dependencies: { "vendor-sdk": "^1.0.0" } }),
);
writeRepoFile(
repoRoot,
"extensions/qqbot/src/setup.ts",
'const sdk = await import("vendor-sdk");\n',
);
const records = collectRootDependencyOwnershipAudit({ repoRoot, scanRoots: ["extensions"] });
expect(collectRootDependencyOwnershipCheckErrors(records)).toEqual([
"root dependency 'vendor-sdk' is extension-owned (remove from root package.json and rely on owning extension manifests plus doctor --fix); extension declarations: qqbot:dependencies; sample imports: extensions/qqbot/src/setup.ts",
]);
});
it("fails only extension-owned root dependencies", () => {
expect(
collectRootDependencyOwnershipCheckErrors([
{
category: "extension_only_localizable",
declaredInExtensions: ["qqbot:dependencies"],
depName: "@tencent-connect/qqbot-connector",
recommendation:
"remove from root package.json and rely on owning extension manifests plus doctor --fix",
sampleFiles: ["extensions/qqbot/src/bridge/setup/finalize.ts"],
},
{
category: "unreferenced",
declaredInExtensions: [],
depName: "@mozilla/readability",
recommendation: "investigate removal; no direct source imports found in scanned files",
sampleFiles: [],
},
]),
).toEqual([
"root dependency '@tencent-connect/qqbot-connector' is extension-owned (remove from root package.json and rely on owning extension manifests plus doctor --fix); extension declarations: qqbot:dependencies; sample imports: extensions/qqbot/src/bridge/setup/finalize.ts",
]);
});
});