{"id":40717282,"url":"https://github.com/icemanliang/code-analysis-ts","last_synced_at":"2026-01-21T13:30:35.223Z","repository":{"id":59145032,"uuid":"529186774","full_name":"icemanliang/code-analysis-ts","owner":"icemanliang","description":"scan and analysis your typescript code, get a code report,help developers implement code merge interception / code alert","archived":false,"fork":false,"pushed_at":"2023-08-08T10:20:04.000Z","size":197,"stargazers_count":49,"open_issues_count":0,"forks_count":28,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-10-13T21:10:59.038Z","etag":null,"topics":["code-analysis-tool","code-merge-interception","code-quality","code-scan"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/icemanliang.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-08-26T08:59:51.000Z","updated_at":"2025-10-11T06:23:02.000Z","dependencies_parsed_at":"2024-07-30T16:37:56.264Z","dependency_job_id":null,"html_url":"https://github.com/icemanliang/code-analysis-ts","commit_stats":null,"previous_names":["icemanliang/code-analysis-ts","liangxin199045/code-analysis-ts"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/icemanliang/code-analysis-ts","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icemanliang%2Fcode-analysis-ts","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icemanliang%2Fcode-analysis-ts/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icemanliang%2Fcode-analysis-ts/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icemanliang%2Fcode-analysis-ts/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/icemanliang","download_url":"https://codeload.github.com/icemanliang/code-analysis-ts/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icemanliang%2Fcode-analysis-ts/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28633759,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-21T04:47:28.174Z","status":"ssl_error","status_checked_at":"2026-01-21T04:47:22.943Z","response_time":86,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["code-analysis-tool","code-merge-interception","code-quality","code-scan"],"created_at":"2026-01-21T13:30:33.138Z","updated_at":"2026-01-21T13:30:35.184Z","avatar_url":"https://github.com/icemanliang.png","language":"JavaScript","readme":"[![npm version](https://badge.fury.io/js/code-analysis-ts.svg)](https://www.npmjs.com/package/code-analysis-ts)\n[![Downloads](https://img.shields.io/npm/dm/code-analysis-ts.svg)](https://www.npmjs.com/package/code-analysis-ts)\n# code-analysis-ts\n\n[code-analysis-ts](https://www.npmjs.com/package/code-analysis-ts)是一款前端代码分析工具,用于实现代码调用分析报告,代码评分,代码告警,“脏调用”拦截,API趋势变化分析等应用场景。支持CLI/API两种使用模式,可快速集成到前端工程化体系中,用于解决大型web应用的前端依赖治理难题。\n\n## Install\n\n```javascript\nnpm install code-analysis-ts --save-dev\n// or\nyarn add code-analysis-ts --dev \n```\n## Config\n\n新建 analysis.config.js 配置文件:\n```javascript\nconst { execSync } = require('child_process'); // 子进程操作\nconst DefaultBranch = 'master'; // 默认分支常量\nfunction getGitBranch() { // 获取当前分支\n try{\n const branchName = execSync('git symbolic-ref --short -q HEAD', {\n encoding: 'utf8'\n }).trim();\n // console.log(branchName);\n return branchName;\n }catch(e){\n return DefaultBranch;\n }\n}\n\nmodule.exports = {\n scanSource: [{ // 必须,待扫描源码的配置信息\n name: 'Market', // 必填,项目名称\n path: ['src'], // 必填,需要扫描的文件路径(基准路径为配置文件所在路径)\n packageFile: 'package.json', // 可选,package.json 文件路径配置,用于收集依赖的版本信息\n format: null, // 可选, 文件路径格式化函数,默认为null,一般不需要配置\n httpRepo: `https://gitlab.xxx.com/xxx/-/blob/${getGitBranch()}/` // 可选,项目gitlab/github url的访问前缀,用于点击行信息跳转,不填则不跳转\n }], \n analysisTarget: 'framework', // 必须,要分析的目标依赖名\n analysisPlugins: [], // 可选,自定义分析插件,默认为空数组,一般不需要配置\n blackList: ['app.localStorage.set'], // 可选,需要标记的黑名单api,默认为空数组\n browserApis: ['window','document','history','location'], // 可选,要分析的BrowserApi,默认为空数组\n reportDir: 'report', // 可选,生成代码分析报告的目录,默认为'report',不支持多级目录配置\n reportTitle: 'Market依赖调用分析报告', // 可选,分析报告标题,默认为'依赖调用分析报告'\n isScanVue: true, // 可选,是否要扫描分析vue中的ts代码,默认为false\n scorePlugin: 'default', // 可选,评分插件: Function|'default'|null, default表示运行默认插件,默认为null表示不评分\n alarmThreshold: 90 // 可选,开启代码告警的阈值分数(0-100),默认为null表示关闭告警逻辑 (CLI模式生效)\n}\n```\n## Mode\n### 1. cli\n\n```javascript\n// package.json 片段,添加bin command到npm script\n...\n\"scripts\": {\n \"analysis\": \"ca analysis\"\n}\n...\n\n$ npm run analysis\n// or\n$ yarn analysis \n```\n### 2. api\n\n```javascript\nconst analysis = require('code-analysis-ts'); // 代码分析包\nconst { execSync } = require('child_process'); // 子进程操作\nconst DefaultBranch = 'master'; // 默认分支常量\nfunction getGitBranch() { // 获取当前分支\n try{\n const branchName = execSync('git symbolic-ref --short -q HEAD', {\n encoding: 'utf8'\n }).trim();\n // console.log(branchName);\n return branchName;\n }catch(e){\n return DefaultBranch;\n }\n}\n\nasync function scan() {\n try{\n const { report, diagnosisInfos } = await analysis({\n scanSource: [{ // 必须,待扫描源码的配置信息\n name: 'Market', // 必填,项目名称\n path: ['src'], // 必填,需要扫描的文件路径(基准路径为配置文件所在路径)\n packageFile: 'package.json', // 可选,package.json 文件路径配置,用于收集依赖的版本信息\n format: null, // 可选, 文件路径格式化函数,默认为null,一般不需要配置\n httpRepo: `https://gitlab.xxx.com/xxx/-/blob/${getGitBranch()}/` // 可选,项目gitlab/github url的访问前缀,用于点击行信息跳转,不填则不跳转\n }], \n analysisTarget: 'framework', // 必须,要分析的目标依赖名\n analysisPlugins: [], // 可选,自定义分析插件,默认为空数组,一般不需要配置\n blackList: ['app.localStorage.set'], // 可选,需要标记的黑名单api,默认为空数组\n browserApis: ['window','document','history','location'], // 可选,要分析的BrowserApi,默认为空数组\n reportDir: 'report', // 可选,生成代码分析报告的目录,默认为'report',不支持多级目录配置\n reportTitle: 'Market依赖调用分析报告', // 可选,分析报告标题,默认为'依赖调用分析报告'\n isScanVue: true, // 可选,是否要扫描分析vue中的ts代码,默认为false\n scorePlugin: 'default', // 可选,评分插件: Function|'default'|null, default表示运行默认插件,默认为null表示不评分\n }); \n // console.log(report);\n // console.log(diagnosisInfos);\n }catch(e){\n console.log(e);\n }\n};\n\nscan();\n```\n## Demo\n\n[code-demo](https://github.com/liangxin199045/code-demo)演示如何使用code-analysis-ts的demo项目,使用github pages部署代码分析报告\n\n## scorePlugin说明\n配置文件中的scorePlugin配置项属于“函数插件”,使用者可以自定义代码评分插件来消费分析产物,评分插件需要对分析产物数据结构及属性有一定理解。下面是一个demo:\n```javascript\n// scorePlugin.js\n// 评分插件\nexports.myScoreDeal = function (analysisContext){\n // console.log(analysisContext);\n const { pluginsQueue, browserQueue, parseErrorInfos } = analysisContext;\n const mapNames = pluginsQueue.map(item=\u003eitem.mapName).concat(browserQueue.map(item=\u003eitem.mapName));\n \n let score = 100; // 初始分数\n let message =[]; // 代码建议\n\n // 黑名单API扣分处理\n if(mapNames.length\u003e0){\n mapNames.forEach((item)=\u003e{\n Object.keys(analysisContext[item]).forEach((sitem)=\u003e{\n if(analysisContext[item][sitem].isBlack){\n score = score - 5;\n message.push(sitem + ' 属于黑名单api,请勿使用');\n }\n })\n })\n }\n // 解析AST异常的扣分处理\n if(parseErrorInfos.length \u003e0){\n score = score - 3*parseErrorInfos.length;\n let tempMessage ='';\n tempMessage = parseErrorInfos.length + ' 个文件解析\u0026分析AST时发生错误,请修复';\n message.push(tempMessage);\n }\n\n // 最低0分\n if(score \u003c0)score =0;\n\n return {\n score: score,\n message: message\n }\n}\n\n//analysis.config.js\nconst { myScoreDeal } = require('./scorePlugin.js'); // 自定义评分插件\n\nmodule.exports = {\n ...\n scorePlugin: myScoreDeal,\n ...\n}\n```\n## analysisPlugin说明\n自定义分析插件,分析工具内置插件有type分析,method分析,默认api分析三个插件,如果开发者有更多分析指标的诉求,可以开发特定分析插件(比如分析Class类型的api,分析用于三目运算符表达式中的api,分析导入再导出api等场景),开发分析插件需要对源码和分析工具架构及生命周期有一定的理解。\n\n## 自定义插件库\n[code-analysis-plugins](https://www.npmjs.com/package/code-analysis-plugins)是与分析工具配套的分析插件库,用于分享一些常用指标分析插件。\n\n## diagnosisInfos诊断日志说明\n诊断日志是在代码分析过程中插件及关键节点产生的错误信息记录,可以帮助开发者调试自定义插件,快速定位代码文件,代码行,AST节点等相关错误信息。\n\n## vue_temp_ts_dir目录是什么\n如果开启了扫描Vue中TS的配置开关,工具会提取Vue中的TS片段进行中转TS处理,该目录是temp临时目录,会在分析结束销毁。","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ficemanliang%2Fcode-analysis-ts","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ficemanliang%2Fcode-analysis-ts","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ficemanliang%2Fcode-analysis-ts/lists"}