feat: sync log modal

[elrrrrrrr]

• 新增 logModal, 版本同步时展示对应日志, cc @RaoHai
  

Summary by CodeRabbit

• New Features

  • Introduced a new dependency for enhanced log rendering.
  • Added a modal to the Sync component for displaying sync logs interactively.
  • Implemented a custom hook for fetching and caching sync log data.

• Bug Fixes

  • Improved button functionality to open log modal upon successful sync instead of navigating away.

• Documentation

  • Updated documentation to reflect the new log fetching mechanism and modal integration.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
cnpmweb	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Oct 22, 2024 6:19am

[coderabbitai]

Walkthrough

The pull request introduces several modifications to the cnpmweb project, primarily focusing on the Sync component and the addition of a new custom hook. A new dependency, react-ansi, is added to package.json. The Sync component now utilizes a new hook, useSyncLog, to fetch and display sync logs in a modal, enhancing user interaction by removing the need for navigation. The useSyncLog hook is designed to fetch logs based on package name and log ID, implementing data caching with the useSwr library.

Changes

File	Change Summary
package.json	Added new dependency: "react-ansi": "^3.0.2" in dependencies section and added override for "react": "^18.2.0".
src/components/Sync.tsx	- Imported and utilized useSyncLog hook. - Added state variable showLog for modal visibility. - Removed previous modal context holder. - Updated button behavior to open log modal on SUCCESS. - Added <Modal> component to display logs using ReactAnsi.
src/hooks/useSyncLog.ts	Introduced useSyncLog hook for fetching sync logs using useSwr, accepting pkgName and optional logId. Configured SWR caching and error handling.

Possibly related PRs

• feat: sync log #93: The changes in the Sync component in both PRs involve modifications to the button's behavior and state management, indicating a direct relationship in the functionality of the Sync component.

Poem

🐰 In the garden of code, where the sync logs flow,
A new hook was born, with a radiant glow.
With react-ansi to style, and a modal to show,
Click to reveal secrets, let the logs overflow!
Hopping through changes, with joy we bestow,
A brighter interface, for all to know! 🌼

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between d5c5488 and 9c3c347.

📒 Files selected for processing (1)

• package.json (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• package.json

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[socket-security]

New dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/react-ansi@3.0.2	Transitive: environment	+18	8.35 MB	raohai

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Critical CVE	npm/immer@7.0.15	CVE: GHSA-33f9-j839-rf8h Prototype Pollution in immer (CRITICAL) Affected versions: >= 7.0.0, < 9.0.6 Patched version: 9.0.6	package.json	⚠︎

View full report↗︎

Next steps

What is a critical CVE?

Contains a Critical Common Vulnerability and Exposure (CVE).

Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/immer@7.0.15

[elrrrrrrr]

npm error Could not resolve dependency:
npm error peer react@"^15.0.0 || ^16.0.0 || ^17.0.0" from react-ansi@3.0.2

@RaoHai 要更新 peerdeps 声明了 😄

[coderabbitai]

Actionable comments posted: 2

🧹 Outside diff range and nitpick comments (3)

src/hooks/useSyncLog.ts (1)

4-17: Enhance type safety with explicit return type.

Consider adding an explicit return type to the useSyncLog function for improved code clarity and type safety. This can help catch potential type-related issues early in development.

Here's a suggested improvement:

import { SWRResponse } from 'swr';

export default function useSyncLog(pkgName: string, logId?: string): SWRResponse<string[] | null, Error> {
  // ... (rest of the function remains the same)
}

src/components/Sync.tsx (2)

Line range hint 78-80: Reset retryCountRef when starting a new sync

Before initiating a new sync task in the doSync function, reset retryCountRef.current to 0. This ensures that the retry count doesn't carry over from previous sync attempts.

Apply this change:

       const res = await response.json();
       if (res.ok) {
+        retryCountRef.current = 0;
         setLogId(res.id);
         setLogState(LogStatus.WAIT);
         logPolling(res.id);

---

113-114: Remove unnecessary key prop from ReactAnsi component

The key prop is not needed here since ReactAnsi is not part of a list.

Apply this change:

-          key={logId}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between c1b9fa7 and d5c5488.

📒 Files selected for processing (3)

• package.json (1 hunks)
• src/components/Sync.tsx (4 hunks)
• src/hooks/useSyncLog.ts (1 hunks)

🧰 Additional context used

🔇 Additional comments (5)

src/hooks/useSyncLog.ts (3)

1-2: LGTM: Imports are appropriate.

The imports for REGISTRY and useSwr are correctly included and necessary for the hook's functionality.

---

4-17: LGTM: Well-implemented custom hook.

The useSyncLog hook is well-structured and implements proper error handling. It effectively uses useSwr for data fetching and caching.

---

13-15: 🛠️ Refactor suggestion

Consider reviewing the refresh interval.

The current refresh interval of 1 second (1000ms) might be too frequent, potentially causing performance issues or unnecessary API calls. Consider increasing this interval or implementing a more dynamic refresh strategy based on the user's needs.

To assess the impact, let's check if this hook is used in multiple places:

✅ Verification successful

Refresh Interval Evaluation

The useSyncLog hook is only utilized in src/components/Sync.tsx, minimizing potential performance concerns with the 1-second refresh interval. No changes necessary.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Find usages of useSyncLog hook
rg "useSyncLog\(" --type ts

Length of output: 206

package.json (1)

30-30: LGTM. Consider verifying the security of the new dependency.

The addition of "react-ansi": "^3.0.2" is appropriate for rendering ANSI-formatted log content in the Sync component. The version specification and placement in the dependencies list are correct.

As a best practice, please run the following command to check for any known vulnerabilities in this new dependency:

src/components/Sync.tsx (1)

32-33: State management looks good

The state variables showLog and logContent are properly initialized and used.