├── .github └── workflows │ ├── release.yml │ ├── snyk.yml │ └── tests.yml ├── .gitignore ├── LICENSE ├── README.md ├── package-lock.json ├── package.json ├── src └── index.ts ├── tests └── index.test.ts └── tsconfig.json /.github/workflows/release.yml: -------------------------------------------------------------------------------- 1 | name: Release 2 | on: 3 | workflow_run: 4 | workflows: ['Snyk Security Check', 'Tests'] 5 | branches: [main] 6 | types: 7 | - completed 8 | 9 | permissions: 10 | contents: read 11 | 12 | jobs: 13 | release: 14 | name: Release 15 | runs-on: ubuntu-latest 16 | permissions: 17 | contents: write # to be able to publish a GitHub release 18 | issues: write # to be able to comment on released issues 19 | pull-requests: write # to be able to comment on released pull requests 20 | id-token: write 21 | steps: 22 | - name: Checkout 23 | uses: actions/checkout@v4 24 | with: 25 | fetch-depth: 0 26 | - name: Setup Node.js 27 | uses: actions/setup-node@v4 28 | with: 29 | node-version: 'lts/*' 30 | - name: Install dependencies 31 | run: npm ci 32 | - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies 33 | run: npm audit signatures 34 | - name: Release 35 | env: 36 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 37 | NPM_TOKEN: ${{ secrets.NPM_TOKEN }} 38 | run: npx semantic-release 39 | -------------------------------------------------------------------------------- /.github/workflows/snyk.yml: -------------------------------------------------------------------------------- 1 | name: Snyk Security Check 2 | on: [push,pull_request] 3 | jobs: 4 | security: 5 | runs-on: ubuntu-latest 6 | steps: 7 | - uses: actions/checkout@main 8 | - name: Run Snyk to check for vulnerabilities 9 | uses: snyk/actions/node@master 10 | env: 11 | SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} 12 | -------------------------------------------------------------------------------- /.github/workflows/tests.yml: -------------------------------------------------------------------------------- 1 | name: Tests 2 | 3 | on: 4 | push: 5 | branches: [ main ] 6 | pull_request: 7 | branches: [ main ] 8 | 9 | jobs: 10 | build: 11 | 12 | runs-on: ubuntu-latest 13 | 14 | strategy: 15 | matrix: 16 | node-version: [22.x] 17 | 18 | steps: 19 | - uses: actions/checkout@v4 20 | - name: Use Node.js ${{ matrix.node-version }} 21 | uses: actions/setup-node@v4 22 | with: 23 | node-version: ${{ matrix.node-version }} 24 | - run: npm ci 25 | - run: npm test 26 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Logs 2 | logs 3 | *.log 4 | npm-debug.log* 5 | yarn-debug.log* 6 | yarn-error.log* 7 | lerna-debug.log* 8 | 9 | # Diagnostic reports (https://nodejs.org/api/report.html) 10 | report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json 11 | 12 | # Runtime data 13 | pids 14 | *.pid 15 | *.seed 16 | *.pid.lock 17 | 18 | # Directory for instrumented libs generated by jscoverage/JSCover 19 | lib-cov 20 | 21 | # Coverage directory used by tools like istanbul 22 | coverage 23 | *.lcov 24 | 25 | # nyc test coverage 26 | .nyc_output 27 | 28 | # Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files) 29 | .grunt 30 | 31 | # Bower dependency directory (https://bower.io/) 32 | bower_components 33 | 34 | # node-waf configuration 35 | .lock-wscript 36 | 37 | # Compiled binary addons (https://nodejs.org/api/addons.html) 38 | build/Release 39 | 40 | # Dependency directories 41 | node_modules/ 42 | jspm_packages/ 43 | 44 | # TypeScript v1 declaration files 45 | typings/ 46 | 47 | # TypeScript cache 48 | *.tsbuildinfo 49 | 50 | # Optional npm cache directory 51 | .npm 52 | 53 | # Optional eslint cache 54 | .eslintcache 55 | 56 | # Microbundle cache 57 | .rpt2_cache/ 58 | .rts2_cache_cjs/ 59 | .rts2_cache_es/ 60 | .rts2_cache_umd/ 61 | 62 | # Optional REPL history 63 | .node_repl_history 64 | 65 | # Output of 'npm pack' 66 | *.tgz 67 | 68 | # Yarn Integrity file 69 | .yarn-integrity 70 | 71 | # dotenv environment variables file 72 | .env 73 | .env.test 74 | 75 | # parcel-bundler cache (https://parceljs.org/) 76 | .cache 77 | 78 | # Next.js build output 79 | .next 80 | 81 | # Nuxt.js build / generate output 82 | .nuxt 83 | dist 84 | 85 | # Gatsby files 86 | .cache/ 87 | # Comment in the public line in if your project uses Gatsby and *not* Next.js 88 | # https://nextjs.org/blog/next-9-1#public-directory-support 89 | # public 90 | 91 | # vuepress build output 92 | .vuepress/dist 93 | 94 | # Serverless directories 95 | .serverless/ 96 | 97 | # FuseBox cache 98 | .fusebox/ 99 | 100 | # DynamoDB Local files 101 | .dynamodb/ 102 | 103 | # TernJS port file 104 | .tern-port 105 | 106 | .dccache 107 | .DS_Store 108 | lib 109 | *.tgz 110 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2022 Snyk Labs 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # modern-npm-package 2 | 3 | An npm package for demonstration purposes using TypeScript to build for the ECMAScript Module format (i.e. ESM or ES Module). It can be used in Node.js and browser applications. Refer to the [Snyk blog post](https://snyk.co/uhYgM) for a full tutorial. 4 | 5 | > If you're reading/coming from the Snyk blog post that discusses both ESM and CommonJS go to the [v2022-2024](https://github.com/snyk-snippets/modern-npm-package/tree/v2022-2024) branch 6 | 7 | ## Get Started 8 | 9 | 1. Run `npm install` in your terminal 10 | 1. Then run `npm run build` 11 | 1. Update the `package.json` file "name" field with your own package name. Example `@username/package-name` 12 | 1. Create an account with [npm](https://www.npmjs.com/signup) if you don't have one already. Also be sure to enable [two-factor authentication](https://docs.npmjs.com/configuring-two-factor-authentication) 13 | 1. Sign in to your npm account in your terminal with `npm login` 14 | 1. Run `npm publish --access=public` to publish your package 15 | 16 | ### Testing 17 | 18 | 1. Install developer dependencies using the following command in your terminal `npm i -D typescript @types/node` 19 | 1. Create a `tests` folder 20 | 1. Create an `index.test.ts` file in the `tests` folder 21 | 1. Write unit tests in the `index.test.ts` file to test the code in `index.ts` 22 | 1. Add a `"test"` property in the `package.json` file `"scripts"` object and give it a value of `"node --experimental-strip-types --test"` 23 | 1. Run `npm test` in your terminal from the root folder of the project 24 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "@snyk-labs/modern-npm-package", 3 | "version": "0.0.0-development", 4 | "description": "An npm package for demonstration purposes using TypeScript to build for the ECMAScript Module format (i.e. ESM or ES Module). It can be used in Node.js and browser applications.", 5 | "type": "module", 6 | "types": "./lib/index.d.ts", 7 | "main": "./lib/index.js", 8 | "files": [ 9 | "lib/**/*" 10 | ], 11 | "scripts": { 12 | "clean": "del-cli ./lib", 13 | "build": "npm run clean && tsc -p ./tsconfig.json", 14 | "test": "node --experimental-strip-types --test", 15 | "semantic-release": "semantic-release", 16 | "prepack": "npm run build" 17 | }, 18 | "release": { 19 | "branches": [ 20 | "main" 21 | ], 22 | "dryRun": true, 23 | "plugins": [ 24 | [ 25 | "@semantic-release/npm", 26 | { 27 | "npmPublish": false 28 | } 29 | ] 30 | ] 31 | }, 32 | "publishConfig": { 33 | "access": "public" 34 | }, 35 | "repository": { 36 | "type": "git", 37 | "url": "https://github.com/snyk-snippets/modern-npm-package.git" 38 | }, 39 | "keywords": [ 40 | "npm", 41 | "javascript", 42 | "typescript", 43 | "esm", 44 | "cjs", 45 | "nodejs", 46 | "commonjs", 47 | "ecmascript", 48 | "beginner", 49 | "example", 50 | "demonstration" 51 | ], 52 | "author": "Snyk Labs", 53 | "license": "MIT", 54 | "bugs": { 55 | "url": "https://github.com/snyk-snippets/modern-npm-package/issues" 56 | }, 57 | "homepage": "https://github.com/snyk-snippets/modern-npm-package#readme", 58 | "devDependencies": { 59 | "@types/node": "^22.12.0", 60 | "del-cli": "^6.0.0", 61 | "semantic-release": "^24.2.1", 62 | "typescript": "^5.7.3" 63 | } 64 | } 65 | -------------------------------------------------------------------------------- /src/index.ts: -------------------------------------------------------------------------------- 1 | export function helloWorld() { 2 | const message = 'Hello World from my example modern npm package!'; 3 | return message; 4 | } 5 | 6 | export function goodBye() { 7 | const message = 'Goodbye from my example modern npm package!'; 8 | return message; 9 | } 10 | 11 | export default { 12 | helloWorld, 13 | goodBye, 14 | }; 15 | -------------------------------------------------------------------------------- /tests/index.test.ts: -------------------------------------------------------------------------------- 1 | import { describe, it } from 'node:test'; 2 | import assert from 'node:assert'; 3 | 4 | import { helloWorld, goodBye } from '../src/index.ts'; 5 | import npmPackage from '../src/index.ts'; 6 | 7 | describe('NPM Package', () => { 8 | it('should be an object', () => { 9 | assert.strictEqual(typeof npmPackage, 'object'); 10 | }); 11 | 12 | it('should have a helloWorld property', () => { 13 | assert.deepStrictEqual(Object.keys(npmPackage), ['helloWorld', 'goodBye']); 14 | }); 15 | }); 16 | 17 | describe('Hello World Function', () => { 18 | it('should be a function', () => { 19 | assert.strictEqual(typeof helloWorld, 'function'); 20 | }); 21 | 22 | it('should return the hello world message', () => { 23 | const expected = 'Hello World from my example modern npm package!'; 24 | const actual = helloWorld(); 25 | assert.equal(actual, expected); 26 | }); 27 | }); 28 | 29 | describe('Goodbye Function', () => { 30 | it('should be a function', () => { 31 | assert.strictEqual(typeof goodBye, 'function'); 32 | }); 33 | 34 | it('should return the goodbye message', () => { 35 | const expected = 'Goodbye from my example modern npm package!'; 36 | const actual = goodBye(); 37 | assert.equal(actual, expected); 38 | }); 39 | }); 40 | -------------------------------------------------------------------------------- /tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "lib": ["ES2024", "DOM"], 4 | "target": "ES2024", 5 | "module": "NodeNext", 6 | "moduleResolution": "NodeNext", 7 | "outDir": "./lib/", 8 | "declarationDir": "./lib/types", 9 | "strict": true, 10 | "esModuleInterop": true, 11 | "forceConsistentCasingInFileNames": true, 12 | "skipLibCheck": true, 13 | "checkJs": true, 14 | "allowJs": true, 15 | "declaration": true, 16 | "declarationMap": true, 17 | "allowSyntheticDefaultImports": true 18 | }, 19 | "files": ["./src/index.ts"] 20 | } --------------------------------------------------------------------------------