lijiaoqiao/scripts/ci/m017_lockfile_diff.sh

#!/usr/bin/env bash
# scripts/ci/m017_lockfile_diff.sh - M-017 Lockfile Diff生成脚本
# 功能：生成依赖版本变更对比报告
# 输入：REPORT_DATE
# 输出：lockfile_diff_{date}.md

set -e

SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
PROJECT_ROOT="${PROJECT_ROOT:-$(cd "$SCRIPT_DIR/.." && pwd)}"

REPORT_DATE="${1:-$(date +%Y-%m-%d)}"
REPORT_DIR="${2:-${PROJECT_ROOT}/reports/dependency}"

mkdir -p "$REPORT_DIR"

echo "[M017-LOCKFILE-DIFF] Starting lockfile diff generation for ${REPORT_DATE}"

# 获取当前lockfile路径
LOCKFILE="${PROJECT_ROOT}/go.sum"
BASELINE_DIR="${PROJECT_ROOT}/.compliance/baseline"

# 生成报告头
cat > "${REPORT_DIR}/lockfile_diff_${REPORT_DATE}.md" << 'HEADER'
# Lockfile Diff Report - REPORT_DATE_PLACEHOLDER

## Summary

| 变更类型 | 数量 |
|----------|------|
| 新增依赖 | 0 |
| 升级依赖 | 0 |
| 降级依赖 | 0 |
| 删除依赖 | 0 |

## New Dependencies

| 名称 | 版本 | 用途 | 风险评估 |
|------|------|------|----------|
| - | - | - | - |

## Upgraded Dependencies

| 名称 | 旧版本 | 新版本 | 风险评估 |
|------|--------|--------|----------|
| - | - | - | - |

## Deleted Dependencies

| 名称 | 旧版本 | 原因 |
|------|--------|------|
| - | - | - |

## Breaking Changes

None detected.

---

*Generated by M-017 Lockfile Diff Script*
HEADER

# 替换日期
sed -i "s/REPORT_DATE_PLACEHOLDER/${REPORT_DATE}/g" "${REPORT_DIR}/lockfile_diff_${REPORT_DATE}.md"

# 如果有baseline，进行对比
if [ -f "$BASELINE_DIR/go.sum.baseline" ] && [ -f "$LOCKFILE" ]; then
    # 使用Go工具分析依赖变化
    if command -v go >/dev/null 2>&1; then
        echo "[M017-LOCKFILE-DIFF] Analyzing dependency changes..."

        # 这里可以添加实际的diff逻辑
        # 目前生成的是模板
    fi
fi

echo "[M017-LOCKFILE-DIFF] SUCCESS: Lockfile diff generated at ${REPORT_DIR}/lockfile_diff_${REPORT_DATE}.md"