feat: add name + version properties & cleanup

.eslintignore

@@ -0,0 +1,5 @@
+node_modules/
+dist/
+coverage/
+research/
+.github/

.eslintrc.json

@@ -0,0 +1,30 @@
+{
+  "env": {
+    "node": true,
+    "es2022": true
+  },
+  "extends": [
+    "eslint:recommended",
+    "plugin:@typescript-eslint/recommended"
+  ],
+  "parser": "@typescript-eslint/parser",
+  "parserOptions": {
+    "ecmaVersion": "latest",
+    "sourceType": "module",
+    "ecmaFeatures": {
+      "modules": true
+    }
+  },
+  "plugins": [
+    "@typescript-eslint"
+  ],
+  "rules": {
+    "indent": ["error", 2],
+    "linebreak-style": ["error", "unix"],
+    "quotes": ["error", "single", { "avoidEscape": true }],
+    "semi": ["error", "always"],
+    "no-unused-vars": "off",
+    "@typescript-eslint/no-unused-vars": ["error", { "argsIgnorePattern": "^_" }],
+    "@typescript-eslint/no-explicit-any": "warn"
+  }
+}

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,27 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: '[BUG] '
+labels: bug
+assignees: ''
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Install '...'
+2. Run command '....'
+3. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Environment (please complete the following information):**
+- OS: [e.g. macOS, Windows, Linux]
+- Node.js version: [e.g. 18.12.0]
+- Reproduce version: [e.g. 0.0.1-pre.1]
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Questions & Discussions
+    url: https://github.com/vltpkg/reproduce/discussions
+    about: Please ask and answer questions here.
+  - name: Documentation
+    url: https://github.com/vltpkg/reproduce#readme
+    about: Check the README for usage information.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,19 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: '[FEATURE] '
+labels: enhancement
+assignees: ''
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/pull_request_template.md

@@ -0,0 +1,28 @@
+## Description
+
+Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context.
+
+Fixes # (issue)
+
+## Type of change
+
+Please delete options that are not relevant.
+
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] This change requires a documentation update
+
+## How Has This Been Tested?
+
+Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce.
+
+## Checklist:
+
+- [ ] My code follows the style guidelines of this project
+- [ ] I have performed a self-review of my own code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have made corresponding changes to the documentation
+- [ ] My changes generate no new warnings
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] New and existing unit tests pass locally with my changes

.github/workflows/test.yml

@@ -0,0 +1,34 @@
+name: Test
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: [22.x]
+
+    steps:
+    - uses: actions/checkout@v4
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v4
+      with:
+        node-version: ${{ matrix.node-version }}
+
+    - name: Install dependencies
+      run: |
+        npm install
+
+    - name: Run lint
+      run: npm run lint
+
+    - name: Build
+      run: npm run build
+
+    - name: Run tests
+      run: npm run test

CODE_OF_CONDUCT.md

@@ -0,0 +1,61 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, religion, or sexual identity
+and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Project maintainers are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the project maintainers. All complaints will be reviewed and
+investigated promptly and fairly.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org),
+version 2.0, available at
+https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.

CONTRIBUTING.md

@@ -0,0 +1,53 @@
+# Contributing to Reproduce
+
+Thank you for your interest in contributing to Reproduce! This document provides guidelines and instructions for contributing.
+
+## Development Setup
+
+1. Fork and clone the repository
+2. Install dependencies with `vlt install`
+3. Build the project with `vlr build`
+4. Run tests with `vlr test`
+
+## TypeScript
+
+This project uses TypeScript. Make sure to:
+
+1. Write all new code in TypeScript
+2. Include appropriate type definitions
+3. Run `vlx tsc` to check for type errors
+
+## Linting
+
+We use ESLint for code quality. Please follow these guidelines:
+
+1. Run `vlr lint` to check for linting issues
+2. Run `vlr lint:fix` to automatically fix linting issues
+3. Ensure your code follows the linting rules before submitting a PR
+
+## Testing
+
+We use Node.js's built-in test runner for testing. Please follow these guidelines:
+
+1. Write tests for all new features
+2. Ensure all tests pass before submitting a PR
+3. Organize tests into appropriate suites (unit tests and integration tests)
+
+## Pull Request Process
+
+1. Create a branch with a descriptive name
+2. Make your changes and commit them with clear, concise commit messages
+3. Ensure all tests pass and there are no type errors or linting issues
+4. Submit a pull request with a clear description of the changes
+5. Address any feedback from reviewers
+
+## Code Style
+
+- Use consistent indentation (2 spaces)
+- Follow the existing code style
+- Use meaningful variable and function names
+- Add comments for complex logic
+
+## License
+
+By contributing to Reproduce, you agree that your contributions will be licensed under the project's MIT license.

README.md

@@ -2,6 +2,9 @@
 
 # `reproduce`
 
+[![Test](https://github.com/darcyclarke/reproduce/actions/workflows/test.yml/badge.svg)](https://github.com/darcyclarke/reproduce/actions/workflows/test.yml)
+[![Lint and Type Check](https://github.com/darcyclarke/reproduce/actions/workflows/lint.yml/badge.svg)](https://github.com/darcyclarke/reproduce/actions/workflows/lint.yml)
+
 Can we reproduce a package with the _"origin"_ information provided?
 
 **[Features](#features)**
@@ -36,6 +39,15 @@ Can we reproduce a package with the _"origin"_ information provided?
 
 ### Usage
 
+```bash
+$ npm i -g reproduce # install globally
+$ reproduce axios
+```
+
+```bash
+$ npx reproduce axios # execute with npx
+```
+
 ```js
 import reproduce from 'reproduce'
 
@@ -54,15 +66,15 @@ const result = await reproduce('package-name', {
 #### CLI
 
 ```bash
-npx reproduce tsc # exit code 0 - reproducible
+reproduce tsc # exit code 0 - reproducible
 ```
 
 ```bash
-npx reproduce esbuild # exit code 1 - not reproducible
+reproduce esbuild # exit code 1 - not reproducible
 ```
 
 ```bash
-npx reproduce axios --json  # exit code 1 - not reproducible
+reproduce axios --json  # exit code 1 - not reproducible
 {
   "reproduceVersion": "0.0.1-pre.1",
   "timestamp": "2025-02-25T10:40:24.947Z",
@@ -71,20 +83,25 @@ npx reproduce axios --json  # exit code 1 - not reproducible
   "strategy": "npm:10.9.1",
   "reproduced": false,
   "package": {
-    "spec": "axios",
+    "spec": "axios@latest",
+    "name": "axios",
+    "version": "1.2.3",
     "location": "https://registry.npmjs.org/axios/-/axios-1.7.9.tgz",
     "integrity": "sha512-LhLcE7Hbiryz8oMDdDptSrWowmB4Bl6RCt6sIJKpRB4XtVf0iEgewX3au/pJqm+Py1kCASkb/FFKjxQaLtxJvw=="
   },
   "source": {
     "spec": "github:axios/axios#b2cb45d5a533a5465c99559b16987e4d5fc08cbc",
+    "name": "axios",
+    "version": "1.2.3",
     "location": "git+https://github.com/axios/axios.git",
     "integrity": "null"
-  }
+  },
+  "diff": "..."
 }
 ```
 
 ```bash
-npx reproduce require --json  # exit code 0 - reproducible
+reproduce require --json  # exit code 0 - reproducible
 {
   "reproduceVersion": "0.0.1-pre.1",
   "timestamp": "2025-02-25T10:22:09.303Z",
@@ -93,12 +110,14 @@ npx reproduce require --json  # exit code 0 - reproducible
   "strategy": "npm:10.9.1",
   "reproduced": true,
   "package": {
-    "spec": "sleepover",
+    "spec": "sleepover@latest",
+    "version": "1.2.3",
     "location": "https://registry.npmjs.org/sleepover/-/sleepover-1.2.3.tgz",
     "integrity": "sha512-yNAIVUqbQifyy5+hfzAzK2Zt21wXjwXqPyWLu+tOvhOcYKG2ffUiSoBXwt/yo4KJ51IcJfUS0Uq0ktOoMWy9Yw=="
   },
   "source": {
     "spec": "github:darcyclarke/sleepover#f2586e91b3faf085583c23ed6e00819916e85c28",
+    "version": "1.2.3",
     "location": "git+ssh://git@github.com/darcyclarke/sleepover.git",
     "integrity": "sha512-yNAIVUqbQifyy5+hfzAzK2Zt21wXjwXqPyWLu+tOvhOcYKG2ffUiSoBXwt/yo4KJ51IcJfUS0Uq0ktOoMWy9Yw=="
   }
@@ -129,9 +148,9 @@ The cache is stored in OS-specific locations:
 
 A strategy is a set of operations to take to recreate a package. Strategies should represent common patterns for preparing/building/packing packages to cast wide nets. If a set successfully recreates a package then its ID will be stored inside the returned metadata.
 
-| UUID |  Notes |
+| Name | UUID |  Description |
 | --- | --- |
-| `npm:<version>` | clones, checks out ref, installs deps, runs prepare scripts & packs |
+| `npm` `npm:<version>` | clones, checks out ref, installs deps & then runs pack |
 
 > Note: one-off/bespoke or complex configurations will not be supported but we will continue to add more strategies as we find common patterns.
 

SECURITY.md

@@ -0,0 +1,15 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability within this project, please send an email to the repository owner. All security vulnerabilities will be promptly addressed.
+
+Please do not disclose security vulnerabilities publicly until they have been handled by the maintainers.
+
+The following steps will be taken:
+
+1. Your report will be acknowledged within 48 hours.
+2. We will confirm the vulnerability and determine its impact.
+3. We will release a patch as soon as possible, depending on complexity.
+
+Thank you for helping keep this project safe.