175 lines
6.6 KiB
JavaScript
175 lines
6.6 KiB
JavaScript
import { exec } from "child_process";
|
||
import { promisify } from "util";
|
||
import { existsSync } from "fs";
|
||
import { join } from "path";
|
||
const execAsync = promisify(exec);
|
||
export const depManageTool = {
|
||
name: "dep_manage",
|
||
description: "依赖管理。安装/更新/删除依赖、检查过时包、安全漏洞审计、分析 bundle 大小。支持 npm 和 pip。",
|
||
inputSchema: {
|
||
type: "object",
|
||
properties: {
|
||
project_path: {
|
||
type: "string",
|
||
description: "项目根目录(绝对路径)",
|
||
},
|
||
action: {
|
||
type: "string",
|
||
description: "操作类型",
|
||
enum: ["install", "add", "remove", "update", "outdated", "audit", "list", "why"],
|
||
},
|
||
packages: {
|
||
type: "string",
|
||
description: "包名(多个用空格分隔),add/remove/why 时必填",
|
||
},
|
||
dev: {
|
||
type: "boolean",
|
||
description: "是否为开发依赖(默认 false)",
|
||
},
|
||
},
|
||
required: ["project_path", "action"],
|
||
},
|
||
};
|
||
async function run(cmd, cwd, timeout = 120000) {
|
||
try {
|
||
const { stdout, stderr } = await execAsync(cmd, {
|
||
cwd, timeout,
|
||
maxBuffer: 1024 * 1024 * 10,
|
||
shell: process.platform === "win32" ? "powershell.exe" : "/bin/bash",
|
||
});
|
||
return { stdout, stderr, code: 0 };
|
||
}
|
||
catch (error) {
|
||
return { stdout: error.stdout || "", stderr: error.stderr || "", code: error.code ?? 1 };
|
||
}
|
||
}
|
||
export async function executeDepManage(args) {
|
||
const { project_path, action, packages, dev = false } = args;
|
||
const hasFile = (name) => existsSync(join(project_path, name));
|
||
const isNode = hasFile("package.json");
|
||
const isPython = hasFile("requirements.txt") || hasFile("pyproject.toml");
|
||
if (!isNode && !isPython) {
|
||
return "❌ 未检测到 package.json 或 requirements.txt";
|
||
}
|
||
let cmd = "";
|
||
let title = "";
|
||
if (isNode) {
|
||
switch (action) {
|
||
case "install":
|
||
cmd = "npm install";
|
||
title = "npm install";
|
||
break;
|
||
case "add":
|
||
if (!packages)
|
||
return "❌ add 需要 packages 参数";
|
||
cmd = `npm install ${packages}${dev ? " --save-dev" : ""}`;
|
||
title = `npm install ${packages}${dev ? " (dev)" : ""}`;
|
||
break;
|
||
case "remove":
|
||
if (!packages)
|
||
return "❌ remove 需要 packages 参数";
|
||
cmd = `npm uninstall ${packages}`;
|
||
title = `npm uninstall ${packages}`;
|
||
break;
|
||
case "update":
|
||
cmd = packages ? `npm update ${packages}` : "npm update";
|
||
title = `npm update${packages ? ` ${packages}` : ""}`;
|
||
break;
|
||
case "outdated":
|
||
cmd = "npm outdated --long 2>&1 || true";
|
||
title = "npm outdated(过时依赖检查)";
|
||
break;
|
||
case "audit":
|
||
cmd = "npm audit 2>&1 || true";
|
||
title = "npm audit(安全漏洞审计)";
|
||
break;
|
||
case "list":
|
||
cmd = "npm list --depth=0 2>&1";
|
||
title = "npm list(已安装依赖)";
|
||
break;
|
||
case "why":
|
||
if (!packages)
|
||
return "❌ why 需要 packages 参数";
|
||
cmd = `npm why ${packages} 2>&1`;
|
||
title = `npm why ${packages}`;
|
||
break;
|
||
}
|
||
}
|
||
else if (isPython) {
|
||
switch (action) {
|
||
case "install":
|
||
cmd = hasFile("requirements.txt") ? "pip install -r requirements.txt" : "pip install -e .";
|
||
title = "pip install";
|
||
break;
|
||
case "add":
|
||
if (!packages)
|
||
return "❌ add 需要 packages 参数";
|
||
cmd = `pip install ${packages}`;
|
||
title = `pip install ${packages}`;
|
||
break;
|
||
case "remove":
|
||
if (!packages)
|
||
return "❌ remove 需要 packages 参数";
|
||
cmd = `pip uninstall -y ${packages}`;
|
||
title = `pip uninstall ${packages}`;
|
||
break;
|
||
case "update":
|
||
cmd = packages ? `pip install --upgrade ${packages}` : "pip install --upgrade -r requirements.txt";
|
||
title = `pip upgrade${packages ? ` ${packages}` : ""}`;
|
||
break;
|
||
case "outdated":
|
||
cmd = "pip list --outdated 2>&1";
|
||
title = "pip outdated";
|
||
break;
|
||
case "audit":
|
||
cmd = "pip-audit 2>&1 || pip check 2>&1";
|
||
title = "pip audit / check";
|
||
break;
|
||
case "list":
|
||
cmd = "pip list 2>&1";
|
||
title = "pip list";
|
||
break;
|
||
case "why":
|
||
if (!packages)
|
||
return "❌ why 需要 packages 参数";
|
||
cmd = `pip show ${packages} 2>&1`;
|
||
title = `pip show ${packages}`;
|
||
break;
|
||
}
|
||
}
|
||
if (!cmd)
|
||
return `❌ 未知操作: ${action}`;
|
||
const result = await run(cmd, project_path);
|
||
const fullOutput = [result.stdout, result.stderr].filter(Boolean).join("\n").trim();
|
||
const icon = result.code === 0 ? "✅" : "⚠️";
|
||
const output = [
|
||
`# ${icon} ${title}`,
|
||
``,
|
||
`📂 ${project_path}`,
|
||
`📦 ${isNode ? "npm" : "pip"}`,
|
||
``,
|
||
"```",
|
||
fullOutput.slice(0, 6000) || "(无输出)",
|
||
"```",
|
||
];
|
||
// audit 额外解析
|
||
if (action === "audit" && isNode) {
|
||
const criticalMatch = fullOutput.match(/(\d+)\s+(critical|high)/gi);
|
||
if (criticalMatch && criticalMatch.length > 0) {
|
||
output.push(``, `⚠️ **发现高危漏洞!** 建议运行 \`npm audit fix\` 或 \`npm audit fix --force\``);
|
||
}
|
||
else if (result.code === 0) {
|
||
output.push(``, `✅ 未发现已知安全漏洞`);
|
||
}
|
||
}
|
||
// outdated 额外解析
|
||
if (action === "outdated" && fullOutput.trim()) {
|
||
const lines = fullOutput.trim().split("\n").filter((l) => l.trim());
|
||
if (lines.length > 1) {
|
||
output.push(``, `📊 发现 ${lines.length - 1} 个可更新的包`);
|
||
output.push(`💡 运行 \`dep_manage action=update\` 更新所有包`);
|
||
}
|
||
}
|
||
return output.join("\n");
|
||
}
|
||
//# sourceMappingURL=depManage.js.map
|