feat: handle deprecated packages

[WarningImHack3r]

With @sveltejs/adapter-cloudflare-workers being deprecated, the site does not provide any information in that direction, potentially leading the user to wonder why this package is not getting updates anymore.

This PR fixes that by introducing visual hints to the users about the status of deprecated packages by fetching npmjs.org.
This is not using GitHub, because packages might have been deleted from the repository (as it's the case here), and packages on npmjs will live forever, hopefully providing their deprecation status.

Roadmap

Backend

• Create the backend and caching system
• Call the backend function during package object creation

Frontend

• Create a badge hint in the sidebar
• Create a banner on the package's page

Summary by CodeRabbit

• New Features
  • Deprecated npm packages are now visually distinguished in the package side panel with strikethrough and reduced opacity.
  • A deprecation notice card is displayed on the package detail page when a package is deprecated, showing the deprecation message with enhanced styling.
• Enhancements
  • Package discovery now includes deprecation status, ensuring up-to-date and accurate package information.
  • Added caching for package deprecation status with flexible expiration to improve performance and data freshness.
• Bug Fixes
  • Improved error handling for fetching package deprecation data to prevent cache disruptions.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
svelte-changelog	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 11, 2025 9:55am

[coderabbitai]

Walkthrough

The changes introduce package deprecation awareness throughout the codebase. A new caching mechanism retrieves and stores npm package deprecation status with conditional TTLs. The package discovery process is updated to asynchronously fetch and include deprecation information. The UI is enhanced to visually indicate deprecated packages in the side panel and display detailed deprecation notices on package pages.

Changes

File(s)	Change Summary
src/lib/server/github-cache.ts	Added a caching mechanism for npm package deprecation status, including a new TTL constant, cache key generator, flexible TTL handling, and a public method to fetch/cache deprecation info. Removed a redundant JSDoc tag.
src/lib/server/package-discoverer.ts	Extended the Package type with an optional deprecated property. Updated package discovery to asynchronously fetch deprecation info and adjust descriptions based on deprecation status.
src/routes/package/SidePanel.svelte	Updated package name rendering to visually distinguish deprecated packages using line-through and opacity styling in the side panel, with a tooltip showing the deprecation message.
src/routes/package/[...package]/+page.svelte	Added a deprecation notice card to the package detail page, displaying the deprecation message with Markdown rendering and a warning icon if the package is deprecated.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant SidePanel
    participant PackagePage
    participant PackageDiscoverer
    participant GitHubCache
    participant npmRegistry

    User->>SidePanel: View package list
    SidePanel->>PackageDiscoverer: Request package data
    PackageDiscoverer->>GitHubCache: getPackageDeprecation(packageName)
    alt Not cached
        GitHubCache->>npmRegistry: Fetch deprecation status
        npmRegistry-->>GitHubCache: Return deprecation info
        GitHubCache-->>PackageDiscoverer: Return deprecation info (cached)
    else Cached
        GitHubCache-->>PackageDiscoverer: Return cached deprecation info
    end
    PackageDiscoverer-->>SidePanel: Return package data (with deprecation info)
    SidePanel-->>User: Render package list (deprecated packages styled)

    User->>PackagePage: View package details
    PackagePage->>PackageDiscoverer: Request package data
    PackageDiscoverer->>GitHubCache: getPackageDeprecation(packageName)
    GitHubCache-->>PackageDiscoverer: Return deprecation info
    PackageDiscoverer-->>PackagePage: Return package data (with deprecation info)
    PackagePage-->>User: Render package details (show deprecation notice if applicable)

Loading

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

src/routes/package/SidePanel.svelte

Oops! Something went wrong! :(

ESLint: 9.26.0

Error [ERR_MODULE_NOT_FOUND]: Cannot find package '@sveltejs/adapter-vercel' imported from /svelte.config.js
at packageResolve (node:internal/modules/esm/resolve:839:9)
at moduleResolve (node:internal/modules/esm/resolve:908:18)
at defaultResolve (node:internal/modules/esm/resolve:1038:11)
at ModuleLoader.defaultResolve (node:internal/modules/esm/loader:557:12)
at ModuleLoader.resolve (node:internal/modules/esm/loader:525:25)
at ModuleLoader.getModuleJob (node:internal/modules/esm/loader:246:38)
at ModuleJob._link (node:internal/modules/esm/module_job:126:49)

src/lib/server/package-discoverer.ts

Oops! Something went wrong! :(

ESLint: 9.26.0

Error [ERR_MODULE_NOT_FOUND]: Cannot find package '@sveltejs/adapter-vercel' imported from /svelte.config.js
at packageResolve (node:internal/modules/esm/resolve:839:9)
at moduleResolve (node:internal/modules/esm/resolve:908:18)
at defaultResolve (node:internal/modules/esm/resolve:1038:11)
at ModuleLoader.defaultResolve (node:internal/modules/esm/loader:557:12)
at ModuleLoader.resolve (node:internal/modules/esm/loader:525:25)
at ModuleLoader.getModuleJob (node:internal/modules/esm/loader:246:38)
at ModuleJob._link (node:internal/modules/esm/module_job:126:49)

Tip

⚡️ Faster reviews with caching

• CodeRabbit now supports caching for code and dependencies, helping speed up reviews. This means quicker feedback, reduced wait times, and a smoother review experience overall. Cached data is encrypted and stored securely. This feature will be automatically enabled for all accounts on May 16th. To opt out, configure Review - Disable Cache at either the organization or repository level. If you prefer to disable all data retention across your organization, simply turn off the Data Retention setting under your Organization Settings.

Enjoy the performance boost—your workflow just got faster.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9a60bde and dcf463f.

📒 Files selected for processing (2)

• src/lib/server/package-discoverer.ts (2 hunks)
• src/routes/package/SidePanel.svelte (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• src/lib/server/package-discoverer.ts
• src/routes/package/SidePanel.svelte

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

src/routes/package/SidePanel.svelte (1)

160-168: Elegant visual indication for deprecated packages.

The conditional styling for deprecated packages is well-implemented with:

• Line-through to clearly indicate deprecation
• Reduced opacity (75%) that increases on hover (100%) for better focus
• Smooth transition animation (300ms) for a polished user experience

This subtle but clear visual distinction helps users identify deprecated packages while maintaining navigability.

Consider adding a tooltip to provide immediate context about why the package is styled differently:

 <span
   class={[
     "underline-offset-4 group-hover:underline",
     pkg.deprecated &&
       "transition-opacity duration-300 line-through opacity-75 group-hover:opacity-100"
   ]}
+  title={pkg.deprecated ? "Deprecated: " + pkg.deprecated : undefined}
 >
   {pkg.name}
 </span>

src/lib/server/package-discoverer.ts (1)

58-75: Well-implemented asynchronous package data enrichment.

The refactoring to use Promise.all for asynchronously fetching deprecation information for each package is a solid approach. However, clearing the description when a package is deprecated is potentially confusing for users.

Consider preserving the original description even for deprecated packages, as they can coexist and provide different information to the user:

 return {
   name: pkg,
-  description: deprecated
-    ? ""
-    : (descriptions[`packages/${ghName}/package.json`] ??
-      descriptions[
-        `packages/${ghName.substring(ghName.lastIndexOf("/") + 1)}/package.json`
-      ] ??
-      descriptions["package.json"] ??
-      ""),
+  description: descriptions[`packages/${ghName}/package.json`] ??
+    descriptions[
+      `packages/${ghName.substring(ghName.lastIndexOf("/") + 1)}/package.json`
+    ] ??
+    descriptions["package.json"] ??
+    "",
   deprecated
 };

src/routes/package/[...package]/+page.svelte (1)

133-155: Excellent deprecation notice implementation!

The UI for deprecated packages is well-designed:

1. Amber-colored card with appropriate background contrast
2. Warning icon paired with clear "Deprecated" title
3. Markdown rendering of the deprecation message allowing for rich content
4. Links that open in new tabs to maintain context

This provides users with clear, visible information about package deprecation status.

For enhanced security when opening external links, consider adding rel="noopener noreferrer" attributes:

-<a {style} class={className} {title} {href} {hidden} {type} target="_blank">
+<a {style} class={className} {title} {href} {hidden} {type} target="_blank" rel="noopener noreferrer">
  {@render children?.()}
</a>

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7d29fc8 and 9a60bde.

📒 Files selected for processing (4)

• src/lib/server/github-cache.ts (5 hunks)
• src/lib/server/package-discoverer.ts (2 hunks)
• src/routes/package/SidePanel.svelte (1 hunks)
• src/routes/package/[...package]/+page.svelte (2 hunks)

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: WarningImHack3r
PR: WarningImHack3r/svelte-changelog#56
File: src/routes/package/+layout.server.ts:28-40
Timestamp: 2025-04-25T10:58:24.062Z
Learning: WarningImHack3r prefers elegant, aesthetically pleasing solutions for performance optimizations rather than quick fixes that introduce nested async IIFEs or similar approaches that might make code harder to read.

Learnt from: WarningImHack3r
PR: WarningImHack3r/svelte-changelog#48
File: src/routes/package/[...package]/+page.server.ts:50-53
Timestamp: 2025-04-11T10:33:07.002Z
Learning: WarningImHack3r prefers to keep server-side console.log statements in the codebase as they find them useful for debugging and monitoring, even if they might clean them up later.

🔇 Additional comments (6)

src/lib/server/github-cache.ts (4)

73-76: Good choice for TTL constants!

The 2-day TTL for non-deprecated packages is a sensible choice. Since a package's deprecation status rarely changes once it's not deprecated, this provides a good balance between keeping data fresh and reducing unnecessary API calls.

---

122-135: Well-structured private method for cache key generation.

This method maintains a consistent approach with the existing #getRepoKey method, which is good for code maintainability. The naming and implementation are clear and follow the established patterns in the codebase.

---

160-182: Smart enhancement with functional TTL support!

The updated #processCached method now supports both static and dynamic TTL values through function evaluation. This flexible approach allows for conditional cache expiration strategies based on the cached value itself.

---

615-644:

✅ Verification successful

Great implementation of package deprecation fetching.

The method provides a well-thought-out approach to caching package deprecation status with smart optimizations:

1. Indefinite caching for deprecated packages (since they rarely become un-deprecated)
2. Limited TTL for non-deprecated packages
3. Clear error handling to prevent breaking the cache process

A small humor note in the comment about GitHub and npmjs.org adds personality while acknowledging the slight architecture deviation.

Let's verify the package deprecation fetching works as expected:

---

🏁 Script executed:

#!/bin/bash
# Test with a known deprecated package to see if the API returns expected data
curl -s "https://registry.npmjs.org/@sveltejs/adapter-cloudflare-workers/latest" | jq '.deprecated'

Length of output: 244

---

Package Deprecation Fetching Verified

Tested with @sveltejs/adapter-cloudflare-workers and the function correctly returned the custom deprecation message. The caching logic and TTLs behave as intended. Ready to merge!

src/lib/server/package-discoverer.ts (1)

8-8: Good type extension for deprecation support.

Adding the optional deprecated string property to the Package type is a clean way to handle this new information. Using a string type allows for storing detailed deprecation messages rather than just a boolean flag.

src/routes/package/[...package]/+page.svelte (1)

3-3: Good component organization for new UI features.

Importing the CircleAlert icon is appropriate for the warning indicator in the deprecation notice.