feat: show warning when engines mismatch

[9romise]

close #35

[coderabbitai]

Warning

Rate limit exceeded

@9romise has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 1 minutes and 37 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between f01fe8c and 835402c.

📒 Files selected for processing (3)

• README.md
• package.json
• src/extractors/package-json.ts

📝 Walkthrough

Walkthrough

Adds engine-mismatch diagnostics: a new configuration npmx.diagnostics.engineMismatch (default true); extractor support for reading engines from package.json via getEngines; a diagnostic rule that compares package engines against dependency engines using semver ranges and emits warnings; diagnostic pipeline changes to include engines in DiagnosticContext and pass them to rules; a formatPackageId utility; and tests exercising engine-mismatch behaviour and updated deprecation message formatting.

Possibly related PRs

• npmx-dev/vscode-npmx — PR 18: Introduces fast-npm-meta Engines types and related type/infrastructure changes that this PR imports and relies on.
• npmx-dev/vscode-npmx — PR 49: Modifies the diagnostics pipeline and DiagnosticContext/rule invocation signatures, which this PR extends to carry engines.
• npmx-dev/vscode-npmx — PR 30: Edits the deprecation diagnostic logic; touches the same deprecation rule and formatting changes that this PR updates with formatPackageId.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description check	✅ Passed	The pull request description references issue #35 which aligns with the changeset's objective to implement engine mismatch warnings.
Linked Issues check	✅ Passed	All changes directly support the primary objective to warn about mismatched engines versions between dependencies and the current package [#35].
Out of Scope Changes check	✅ Passed	All changes are within scope: configuration option, extractor method, diagnostic rule, utilities, and tests all focus on engine mismatch detection.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/engine

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

src/providers/diagnostics/rules/deprecation.ts (1)

17-21: ⚠️ Potential issue | 🟡 Minor

Use exactVersion for the deprecation target URL as well.

Line 21 still links with parsed.version, which can be a range or dist-tag, while the message now reports the resolved exact version. This can send users to a mismatched package page.

Suggested fix

-      target: Uri.parse(npmxPackageUrl(dep.name, parsed.version)),
+      target: Uri.parse(npmxPackageUrl(dep.name, exactVersion)),

🧹 Nitpick comments (2)

src/extractors/package-json.ts (1)

79-95: Return undefined when no valid engine pairs are parsed.

Right now, an engines object with only invalid entries returns {}. Returning undefined keeps the absent/invalid state explicit and simplifies downstream checks.

Proposed tweak

   getEngines(root: Node): Engines | undefined {
@@
-    return engines
+    return Object.keys(engines).length > 0 ? engines : undefined
   }

tests/diagnostics/deprecation.test.ts (1)

23-39: Consider asserting code.target to prevent version-link regressions.

The updated snapshots validate message text, but adding an assertion for the resolved-version URL would catch mismatches between displayed version and link target.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f5716f0 and dea7e86.

📒 Files selected for processing (12)

• README.md
• package.json
• playground/package.json
• src/extractors/package-json.ts
• src/providers/diagnostics/index.ts
• src/providers/diagnostics/rules/deprecation.ts
• src/providers/diagnostics/rules/engine-mismatch.ts
• src/types/extractor.ts
• src/utils/package.ts
• tests/diagnostics/context.ts
• tests/diagnostics/deprecation.test.ts
• tests/diagnostics/engine-mismatch.test.ts