{"id":15927940,"url":"https://github.com/thescientist13/gallinago","last_synced_at":"2026-03-06T07:31:35.593Z","repository":{"id":45341272,"uuid":"286119680","full_name":"thescientist13/gallinago","owner":"thescientist13","description":"Gallinago is a NodeJS package designed to help with the running and testing of CLIs.","archived":false,"fork":false,"pushed_at":"2025-11-05T03:10:43.000Z","size":655,"stargazers_count":3,"open_issues_count":7,"forks_count":3,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-11-05T04:20:25.597Z","etag":null,"topics":["cli","hacktoberfest","nodejs","testing"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/thescientist13.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-08-08T21:10:07.000Z","updated_at":"2025-11-05T03:10:47.000Z","dependencies_parsed_at":"2024-10-06T23:21:02.765Z","dependency_job_id":"2adb65a3-7486-4593-acf8-097752c93d4c","html_url":"https://github.com/thescientist13/gallinago","commit_stats":{"total_commits":31,"total_committers":2,"mean_commits":15.5,"dds":"0.032258064516129004","last_synced_commit":"82942d3476ef5b3976335f05b530f297f3eb95a6"},"previous_names":[],"tags_count":19,"template":false,"template_full_name":null,"purl":"pkg:github/thescientist13/gallinago","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thescientist13%2Fgallinago","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thescientist13%2Fgallinago/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thescientist13%2Fgallinago/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thescientist13%2Fgallinago/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/thescientist13","download_url":"https://codeload.github.com/thescientist13/gallinago/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thescientist13%2Fgallinago/sbom","scorecard":{"id":880180,"data":{"date":"2025-08-11","repo":{"name":"github.com/thescientist13/gallinago","commit":"2078f3c2eb2c3e4ce441899b36bf611147160f5f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.4,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":4,"reason":"5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":3,"reason":"dependency not pinned by hash detected -- score normalized to 3","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/thescientist13/gallinago/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/thescientist13/gallinago/ci.yml/master?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of   1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: MIT License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 17 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"11 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-xffm-g5w8-qvg7","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-593f-38f6-jp5m","Warn: Project is vulnerable to: GHSA-x2rg-q646-7m2v","Warn: Project is vulnerable to: GHSA-jgmv-j7ww-jx2x","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T07:50:13.393Z","repository_id":45341272,"created_at":"2025-08-24T07:50:13.393Z","updated_at":"2025-08-24T07:50:13.393Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30165619,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-06T04:43:31.446Z","status":"ssl_error","status_checked_at":"2026-03-06T04:40:30.133Z","response_time":250,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","hacktoberfest","nodejs","testing"],"created_at":"2024-10-06T23:20:55.052Z","updated_at":"2026-03-06T07:31:35.560Z","avatar_url":"https://github.com/thescientist13.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# gallinago\n\n[![GitHub release](https://img.shields.io/github/tag/thescientist13/gallinago.svg)](https://github.com/thescientist13/gallinago/tags)\n[![GitHub issues](https://img.shields.io/github/issues-pr-raw/thescientist13/gallinago.svg)](https://github.com/thescientist13/gallinago/issues)\n[![GitHub license](https://img.shields.io/badge/license-MIT-blue.svg)](https://raw.githubusercontent.com/thescientist13/gallinago/master/LICENSE.md)\n\n[**Gallinago**](https://en.wikipedia.org/wiki/Snipe) is designed to assist with the running and testing of NodeJS CLIs and binaries in a simple and controlled way.  It is best used in combination with fixtures and pre-scaffolded directories such that you can reproduce the various configuration and folder structures your CLI may need to support for its users and then validate the output.  Perfect for testing!\n\n![gallinago](./.github/assets/gallinago.jpg)\n\n## Overview\n\nOften times while creating CLIs, it can be helpful to test the final output given the various configurations of the CLI.  Running a CLI using config files and user files will all likely (and hopefully) result in idempotent output that can be validated over and over.  With a testing framework like [**mocha**](https://mochajs.org/), you could use Gallinago to verify that output to validate things like:\n- Were the right files created?\n- Was the output what I expected?\n- Were _too_ many files created?\n- Does it work for configuration A?\n- Does it work for configuration B?\n- etc\n\n\n## Install\n\nUse npm or your favorite package manager to install Gallinago as a (dev) dependency.\n```sh\n$ npm install gallinago --dev\n```\n\n## Usage\n\nTo use Gallinago, you will just need two things\n1. An absolute path to your CLI\n1. An absolute path to the directory you want Gallinago to run your CLI in\n\n```js\nimport path from 'path';\nimport { Runner } = from 'gallinago';\nimport { fileURLToPath, URL } from 'url';\n\nconst runner = new Runner();\n\nconst cliPath = fileURLToPath(new URL('./path/to/your/cli.js', import.meta.url)); // required\nconst buildDir = fileURLToPath(new URL('./build', import.meta.url)); // required\n\n// this will also create the directory as well\nrunner.setup(buildDir);\n\n// runs your CLI\n// use the second param to pass any args\nrunner.runCommand(cliPath);\n\n// teardown buildDir\nrunner.teardown();\n```\n\nYou can optionally `await` these methods as well, depending on your needs.\n\n\u003e _See [our tests](https://github.com/thescientist13/gallinago/blob/master/test/cases/runner-cli/runner.cli.spec.js) to see **Gallinago** in action!_\n\n## API\n\n### Runner\n\nThe `Runner` constructor returns a new instance of `Runner`.\n\n```js\nimport { Runner } from 'gallinago';\n\nconst runner = new Runner();  // pass true to the constructor to enable stdout\n```\n\n#### Options\n\n`Runner` takes two boolean flags (`true`|`false`)\n- Standard Out - pass `true` to have the Runner log to `stdout`\n- Forward Parent Args - pass `true` and any `node` flags passed to the parent process will be made available to the child process\n\n### Runner.setup (required)\n\n`Runner.setup` initializes a directory for your CLI to be run in.  Returns a `Promise`.\n\n```js\nrunner.setup(__dirname);\n```\n\nOptionally, you can provide \"setup\" files if you want to copy additional files into the target directory, say from _node_modules_ or a fixtures folder.  You can provide these files as an array of objects.\n\n* `source`: path of the file to copy\n* `destination`: path of where to copy the file to\n\nAn third options object can be provided with the following supported options\n- `create` - automatically create the directory provided in the first param (default is `true`)\n\n```js\nrunner.setup(__dirname, [{\n  source: path.join(process.cwd(), 'node_modules/@webcomponents/webcomponentsjs/webcomponents-bundle.js'),\n  destination: path.join(__dirname, 'build', 'webcomponents-bundle.js')\n}], {\n  create: true\n});\n```\n\n### Runner.runCommand\n\n`Runner.runCommand` runs the script provided to Gallinago against the directory provided in `Runner.setup`.  Use the second param to pass any args to your CLI.  Returns a `Promise`.\n\n```js\nrunner.runCommand(\n  '/path/to/cli.js',\n  '--version'\n);\n```\n\nYou can also provided an array as the second param to support forwarding individual args, useful when using projects like [**commander**](https://www.npmjs.com/package/commander):\n\n```js\nrunner.runCommand(\n  '/path/to/cli.js',\n  [\"--name\", \"my-app\"]\n);\n```\n\n#### Options\n\n`runCommand` additionally takes an options object as the third param.  With it you can further customize the runner:\n\n```js\nrunner.runCommand(\n  '/path/to/cli.js',\n  '--version',\n  { async: true }\n);\n```\n\n- `async` - By default `runCommand` runs synchronously using Node's `spawnSync`, which will block until the command completes  With `async: true`, this will now use `spawn`, which is a better for use cases like starting a web server where you _don't_ want to block the event loop.\n\n### Runner.teardown\n\n`Runner.teardown` deletes any `setupFiles` provided in `Runner.setup`.  Returns a `Promise`.\n\n```js\nrunner.teardown();\n```\n\nYou can pass additional files or directories to `teardown` to have **gallinago** delete those too.\n```js\nrunner.teardown([\n  path.join(__dirname, 'build'),\n  path.join(__dirname, 'fixtures'),\n  .\n  .\n  .\n]);\n```\n\n### Runner.stopCommand\n\nIn certain circumstances, the command (process) you are running may do a couple things:\n- Spawn its own child process(es), [which is independent of the lifecycle of its parent process](https://azimi.me/2014/12/31/kill-child_process-node-js.html)\n- Not close itself (and thus never [`resolve()` the `on.close` event callback](https://github.com/thescientist13/gallinago/blob/0.3.0/src/lib/runner.js#L67))\n\n\u003e _This isn't an issue per se, but if the (child) process doesn't stop, it will prevent the current (parent) process from completing.  The most common case for something like this to happen is when starting a [(web) server](https://koajs.com/).  Servers don't usually stop unless told to, usually by killing their process manually using something like [**PM2**](https://pm2.keymetrics.io/), or if in a shell, using CTR+C on the keyboard._\n\nTo support this in Gallinago, you can use `Runner.stopCommand` to kill any and all processes associated with your `runCommand`.\n\n\n```js\nrunner.stopCommand();\n```\n\n\u003e _**Note**: When used with something like mocha, you'll need to [use a `setTimeout` to work around the hung process and still advance the parent Mocha process](https://stackoverflow.com/a/24862303/417806).  See [our spec for this test case](https://github.com/thescientist13/gallinago/blob/master/test/cases/runner-cli-stop/runner.cli-stop.spec.js) for a complete example._","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthescientist13%2Fgallinago","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthescientist13%2Fgallinago","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthescientist13%2Fgallinago/lists"}