feat(repo): add checks for lock files (#5854)

.github/workflows/npm-audit.yml

@@ -2,7 +2,8 @@ name: NPM Audit
 
 on:
   schedule:
-  - cron: "0 0 * * *"
+    - cron: "0 0 * * *"
+  workflow_dispatch:
 
 jobs:
   audit:

.husky/pre-push

@@ -1,6 +1,7 @@
 #!/bin/sh
 . "$(dirname "$0")/_/husky.sh"
 
+yarn check-lock-files
 yarn check-commit
 yarn documentation
 yarn pretty-quick --check

package.json

@@ -10,6 +10,7 @@
     "check-commit": "node ./scripts/commit-lint.js",
     "check-format": "nx format:check --all",
     "check-imports": "node ./scripts/check-imports.js",
+    "check-lock-files": "node ./scripts/check-lock-files.js",
     "check-internal-links": "ts-node -P ./scripts/tsconfig.scripts.json ./scripts/documentation/internal-link-checker.ts",
     "check-versions": "ts-node -P ./scripts/tsconfig.scripts.json ./scripts/check-versions.ts",
     "check-documentation-map": "ts-node -P ./scripts/tsconfig.scripts.json ./scripts/documentation/map-link-checker.ts",

scripts/check-lock-files.js

@@ -0,0 +1,34 @@
+const fs = require('fs');
+
+function checkLockFiles() {
+  const errors = [];
+  if (fs.existsSync('package-lock.json')) {
+    errors.push(
+      'Invalid occurence of "package-lock.json" file. Please remove it and use only "yarn.lock"'
+    );
+  }
+  if (fs.existsSync('pnpm-lock.yaml')) {
+    errors.push(
+      'Invalid occurence of "pnpm-lock.yaml" file. Please remove it and use only "yarn.lock"'
+    );
+  }
+  try {
+    const content = fs.readFileSync('yarn.lock', 'utf-8');
+    if (content.match(/localhost:487/)) {
+      errors.push(
+        'The "yarn.lock" has reference to local yarn repository ("localhost:4873"). Please use "registry.yarnpkg.com" in "yarn.lock"'
+      );
+    }
+  } catch {
+    errors.push('The "yarn.lock" does not exist or cannot be read');
+  }
+  return errors;
+}
+
+const invalid = checkLockFiles();
+if (invalid.length > 0) {
+  invalid.forEach((e) => console.log(e));
+  process.exit(1);
+} else {
+  process.exit(0);
+}