Initial project files

Author: pilafmon

.github/workflows/publish-website.yaml

@@ -0,0 +1,32 @@
+# npm-security-aggregator
+# Deploy "docs" folder to GitHub Pages
+
+name: Publish Website
+
+on: [workflow_dispatch]
+
+jobs:
+
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6               #see: https://github.com/actions/checkout/releases
+      - uses: actions/setup-node@v6             #see: https://github.com/actions/setup-node/releases
+      - run: npm install
+      - run: npm run pretest  #build website
+      - uses: actions/upload-pages-artifact@v5  #see: https://github.com/actions/upload-pages-artifact/releases
+        with:
+          path: docs  #build output folder
+
+  publish:
+    needs: build
+    permissions:  #allow GITHUB_TOKEN to deploy to GitHub Pages
+      pages: write
+      id-token: write
+    environment:
+      name: github-pages
+      url: ${{steps.deployment.outputs.page_url}}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/deploy-pages@v5           #see: https://github.com/actions/deploy-pages/releases
+        id: deployment

.github/workflows/run-spec-on-push.yaml

@@ -0,0 +1,14 @@
+# npm-security-aggregator
+
+name: Build and Test
+
+on: [push]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6    #see: https://github.com/actions/checkout/releases
+      - uses: actions/setup-node@v6  #see: https://github.com/actions/setup-node/releases
+      - run: npm install
+      - run: npm test

.gitignore

@@ -1,143 +1,10 @@
-# Logs
-logs
-*.log
-npm-debug.log*
-yarn-debug.log*
-yarn-error.log*
-lerna-debug.log*
+# npm-security-aggregator
 
-# Diagnostic reports (https://nodejs.org/api/report.html)
-report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+# Downloaded and Generated Files
+/node_modules/
+/package-lock.json
+/build/
+/docs/
 
-# Runtime data
-pids
-*.pid
-*.seed
-*.pid.lock
-
-# Directory for instrumented libs generated by jscoverage/JSCover
-lib-cov
-
-# Coverage directory used by tools like istanbul
-coverage
-*.lcov
-
-# nyc test coverage
-.nyc_output
-
-# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
-.grunt
-
-# Bower dependency directory (https://bower.io/)
-bower_components
-
-# node-waf configuration
-.lock-wscript
-
-# Compiled binary addons (https://nodejs.org/api/addons.html)
-build/Release
-
-# Dependency directories
-node_modules/
-jspm_packages/
-
-# Snowpack dependency directory (https://snowpack.dev/)
-web_modules/
-
-# TypeScript cache
-*.tsbuildinfo
-
-# Optional npm cache directory
-.npm
-
-# Optional eslint cache
-.eslintcache
-
-# Optional stylelint cache
-.stylelintcache
-
-# Optional REPL history
-.node_repl_history
-
-# Output of 'npm pack'
-*.tgz
-
-# Yarn Integrity file
-.yarn-integrity
-
-# dotenv environment variable files
-.env
-.env.*
-!.env.example
-
-# parcel-bundler cache (https://parceljs.org/)
-.cache
-.parcel-cache
-
-# Next.js build output
-.next
-out
-
-# Nuxt.js build / generate output
-.nuxt
-dist
-.output
-
-# Gatsby files
-.cache/
-# Comment in the public line in if your project uses Gatsby and not Next.js
-# https://nextjs.org/blog/next-9-1#public-directory-support
-# public
-
-# vuepress build output
-.vuepress/dist
-
-# vuepress v2.x temp directory
-.temp
-
-# Sveltekit cache directory
-.svelte-kit/
-
-# vitepress build output
-**/.vitepress/dist
-
-# vitepress cache directory
-**/.vitepress/cache
-
-# Docusaurus cache and generated files
-.docusaurus
-
-# Serverless directories
-.serverless/
-
-# FuseBox cache
-.fusebox/
-
-# DynamoDB Local files
-.dynamodb/
-
-# Firebase cache directory
-.firebase/
-
-# TernJS port file
-.tern-port
-
-# Stores VSCode versions used for testing VSCode extensions
-.vscode-test
-
-# pnpm
-.pnpm-store
-
-# yarn v3
-.pnp.*
-.yarn/*
-!.yarn/patches
-!.yarn/plugins
-!.yarn/releases
-!.yarn/sdks
-!.yarn/versions
-
-# Vite files
-vite.config.js.timestamp-*
-vite.config.ts.timestamp-*
-.vite/
+# Extraneous System Files
+.DS_Store

LICENSE LICENSE.txtLICENSE renamed to LICENSE.txt

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2026 Center Key
+Copyright (c) 2026 Individual contributors to npm-security-aggregator
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,2 +1,37 @@
 # npm-security-aggregator
-View audit reports for a published npm package
+<img src=https://centerkey.com/graphics/center-key-logo.svg align=right width=200 alt=logo>
+
+_View audit reports for a published npm package_
+
+[![License:MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://github.com/center-key/npm-security-aggregator/blob/main/LICENSE.txt)
+[![Build](https://github.com/center-key/npm-security-aggregator/actions/workflows/run-spec-on-push.yaml/badge.svg)](https://github.com/center-key/npm-security-aggregator/actions/workflows/run-spec-on-push.yaml)
+[![Publish Website](https://github.com/center-key/npm-security-aggregator/actions/workflows/publish-website.yaml/badge.svg)](https://github.com/center-key/npm-security-aggregator/actions/workflows/publish-website.yaml)
+
+## A) Check It Out
+Interactive online tool:<br>
+https://center-key.github.io/npm-security-aggregator
+
+## B) Automatically Look Up Package
+Append the `package` query string parameter to the URL to specify an initial npm package name.
+
+For example:<br>
+https://center-key.github.io/npm-security-aggregator/?package=fetch-json
+
+## C) Build Environment
+Check out the `runScriptsConfig` section in [package.json](package.json) for an
+interesting approach to organizing build tasks.
+
+**CLI Build Tools for package.json**
+   - 🎋 [add-dist-header](https://github.com/center-key/add-dist-header):&nbsp; _Prepend a one-line banner comment (with license notice) to distribution files_
+   - 📄 [copy-file-util](https://github.com/center-key/copy-file-util):&nbsp; _Copy or rename a file with optional package version number_
+   - 📂 [copy-folder-util](https://github.com/center-key/copy-folder-util):&nbsp; _Recursively copy files from one folder to another folder_
+   - 🪺 [recursive-exec](https://github.com/center-key/recursive-exec):&nbsp; _Run a command on each file in a folder and its subfolders_
+   - 🔍 [replacer-util](https://github.com/center-key/replacer-util):&nbsp; _Find and replace strings or template outputs in text files_
+   - 🔢 [rev-web-assets](https://github.com/center-key/rev-web-assets):&nbsp; _Revision web asset filenames with cache busting content hash fingerprints_
+   - 🚆 [run-scripts-util](https://github.com/center-key/run-scripts-util):&nbsp; _Organize npm package.json scripts into groups of easy to manage commands_
+   - 🚦 [w3c-html-validator](https://github.com/center-key/w3c-html-validator):&nbsp; _Check the markup validity of HTML files using the W3C validator_
+
+<br>
+
+---
+[MIT License](LICENSE.txt)

package.json

@@ -0,0 +1,91 @@
+{
+   "name": "npm-security-aggregator",
+   "version": "0.0.0",
+   "description": "View audit reports for a published npm package",
+   "license": "MIT",
+   "type": "module",
+   "module": "docs/app.min.js",
+   "browser": "docs/index.html",
+   "style": "docs/style.min.css",
+   "types": "docs/app.d.ts",
+   "repository": {
+      "type": "git",
+      "url": "git+https://github.com/center-key/npm-security-aggregator.git"
+   },
+   "homepage": "https://npm-security-aggregator.js.org",
+   "bugs": "https://github.com/center-key/npm-security-aggregator/issues",
+   "docs": "https://npm-security-aggregator.js.org",
+   "author": "Center Key (https://centerkey.com)",
+   "keywords": [
+      "audit",
+      "npm",
+      "package",
+      "security",
+      "vulnerability"
+   ],
+   "jshintConfig": {
+      "esversion": 11,
+      "strict": "implied",
+      "eqeqeq": true,
+      "undef": true,
+      "unused": true,
+      "varstmt": true,
+      "browser": true,
+      "node": true,
+      "mocha": true,
+      "globals": {
+         "dna": false,
+         "fetchJson": false,
+         "libX": false,
+         "prettyPrintJson": false
+      }
+   },
+   "runScriptsConfig": {
+      "clean": [
+         "rimraf build docs"
+      ],
+      "lint": [
+         "jshint . --exclude-path .gitignore"
+      ],
+      "build": [
+         "copy-folder  src/assets                    build/assets",
+         "lessc        src/style.less                build/style.css",
+         "uglifyjs     src/app.js           --output build/app.min.js",
+         "replacer     src/index.html                build",
+         "lightningcss build/style.css --output-file build/style.min.css --minify --bundle"
+      ],
+      "publish": [
+         "copy-folder     build/assets              docs/assets",
+         "add-dist-header build/app.min.js          docs",
+         "add-dist-header build/style.min.css       docs",
+         "copy-file       build/index.html --folder docs"
+      ]
+   },
+   "scripts": {
+      "pretest": "run-scripts clean lint build publish",
+      "test": "mocha spec",
+      "validate": "html-validator docs"
+   },
+   "dependencies": {
+      "@fortawesome/fontawesome-free": "~7.2",
+      "dna-dom": "~3.3",
+      "fetch-json": "~3.5",
+      "pretty-print-json": "~3.0",
+      "web-ignition": "~2.5"
+   },
+   "devDependencies": {
+      "add-dist-header": "~1.6",
+      "assert-deep-strict-equal": "~1.2",
+      "copy-file-util": "~1.3",
+      "copy-folder-util": "~1.2",
+      "jshint": "~2.13",
+      "less": "~4.6",
+      "lightningcss-cli": "~1.32",
+      "mocha": "~11.7",
+      "replacer-util": "~1.6",
+      "rimraf": "~6.1",
+      "run-scripts-util": "~1.3",
+      "uglify-js": "~3.19",
+      "w3c-html-validator": "~2.2"
+   }
+}

spec/package.spec.js

@@ -0,0 +1,25 @@
+// dna-dom
+// Mocha Specification Suite
+
+// Imports
+import { assertDeepStrictEqual } from 'assert-deep-strict-equal';
+import { cliArgvUtil } from 'cli-argv-util';
+
+////////////////////////////////////////////////////////////////////////////////
+describe('The "docs" folder', () => {
+
+   it('contains the correct web files', () => {
+      const actual = cliArgvUtil.readFolder('docs');
+      const expected = [
+         'app.min.js',
+         'assets',
+         'assets/icon-npmscan.png',
+         'assets/icon-snyk.png',
+         'assets/icon-socket.png',
+         'index.html',
+         'style.min.css'
+         ];
+      assertDeepStrictEqual(actual, expected);
+      });
+
+   });