{"id":15643208,"url":"https://github.com/siketyan/loxcan","last_synced_at":"2025-04-07T07:16:44.180Z","repository":{"id":37589286,"uuid":"315177404","full_name":"siketyan/loxcan","owner":"siketyan","description":"🔍 Universal Lock File Scanner for Git. (Lock + Scan = LoXcan!)","archived":false,"fork":false,"pushed_at":"2025-01-13T21:21:44.000Z","size":971,"stargazers_count":61,"open_issues_count":3,"forks_count":5,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-02T18:18:10.224Z","etag":null,"topics":["github-action","lock-file","package-manager"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/siketyan.png","metadata":{"funding":{"github":"siketyan","patreon":"siketyan"},"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-11-23T02:14:23.000Z","updated_at":"2025-02-20T00:42:11.000Z","dependencies_parsed_at":"2023-02-17T02:16:34.281Z","dependency_job_id":"3e24fc48-cc66-4d40-8b31-64e907132038","html_url":"https://github.com/siketyan/loxcan","commit_stats":{"total_commits":319,"total_committers":6,"mean_commits":"53.166666666666664","dds":0.561128526645768,"last_synced_commit":"45e8662d4d980f146428f19d2a3226f2cea081fe"},"previous_names":[],"tags_count":28,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siketyan%2Floxcan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siketyan%2Floxcan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siketyan%2Floxcan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siketyan%2Floxcan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/siketyan","download_url":"https://codeload.github.com/siketyan/loxcan/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247584040,"owners_count":20962074,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["github-action","lock-file","package-manager"],"created_at":"2024-10-03T11:59:28.094Z","updated_at":"2025-04-07T07:16:44.126Z","avatar_url":"https://github.com/siketyan.png","language":"PHP","funding_links":["https://github.com/sponsors/siketyan","https://patreon.com/siketyan"],"categories":[],"sub_categories":[],"readme":"# loxcan\n[![Latest Stable Version](https://poser.pugx.org/siketyan/loxcan/v)](https://packagist.org/packages/siketyan/loxcan)\n[![Total Downloads](https://poser.pugx.org/siketyan/loxcan/downloads)](https://packagist.org/packages/siketyan/loxcan)\n[![License](https://poser.pugx.org/siketyan/loxcan/license)](https://packagist.org/packages/siketyan/loxcan)\n[![Codecov](https://codecov.io/gh/siketyan/loxcan/branch/master/graph/badge.svg?token=2DB0MRBL4E)](https://codecov.io/gh/siketyan/loxcan)\n![PHP](https://github.com/siketyan/loxcan/workflows/PHP/badge.svg)\n![Action](https://github.com/siketyan/loxcan/workflows/Action/badge.svg)\n\nUniversal Lock File Scanner for Git.\n\n## 🚀 Motivation\nToday, most languages have a package manager, and some language have two.\nDependency management is very important and difficult in software development.\n\nIn cases of code review, we check entire of the changed codes.\nHowever, we often ignore lock files in the review, which controls dependencies of the project or the library.\n\nOn GitHub Pull Request, most lock files are hidden by default.\n\n![Load diff screen](./resources/load-diff.png)\n\nActually, they are very long and not human-readable.\n\nI tried to notify the diff of the lock files to the author of PR and/or the reviewer(s).\nUsing this action, the added, upgraded, downgraded, and removed packages are reported to the PR, in user-friendly format.\n\n![Report of the changed packages](./resources/screenshot.png)\n\nSo we can check what packages will be changed by the PR, in the review.\n\n## ✨ Usage\n### Via Composer\n```console\n$ composer require --dev siketyan/loxcan\n```\n\nThen you can use this tool in CLI.\n(In some IDEs, you can access to the executable as just `loxcan` !)\n\n```console\n$ ./vendor/bin/loxcan [base] [head]\n```\n\n### In GitHub Actions\nUse `pull_request` events to trigger the action.\n\n```yaml\nsteps:\n  - uses: actions/checkout@v3\n    with:\n      fetch-depth: 0\n\n  - uses: siketyan/loxcan@main\n```\n\n## 📦 Supported Package Managers\n(✅ = Supported, ⬜️ = Scheduled)\n\n- [x] Composer (PHP)\n- [x] Cargo (Rust)\n- [x] Pub (Dart)\n- [x] npm (JavaScript, Node.js)\n- [x] pnpm (JavaScript, Node.js)\n- [x] Yarn (JavaScript, Node.js)\n\n## 📋 Supported Reporters\n(✅ = Supported, ⬜️ = Scheduled)\n\n- [x] GitHub\n- [ ] GitLab\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsiketyan%2Floxcan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsiketyan%2Floxcan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsiketyan%2Floxcan/lists"}