Merge pull request #18 from ryanbas21/feat/treeshake-check-syncpack

feat: add treeshake-check package, syncpack, and lefthook

Author: ryanbas21

.changeset/add-treeshake-check.md

@@ -0,0 +1,5 @@
+---
+'@wolfcola/treeshake-check': minor
+---
+
+Add treeshake-check package — a tree-shakeability analyzer for npm packages built on Effect and Rollup

.gitignore

@@ -9,3 +9,4 @@ elm-stuff/
 *.crx.zip
 *.zip
 packged/
+out-tsc/

.prettierignore

@@ -0,0 +1,7 @@
+dist
+node_modules
+coverage
+elm-stuff
+out-tsc
+pnpm-lock.yaml
+**/__fixtures__/bad-syntax/**

.syncpackrc.ts

@@ -0,0 +1,77 @@
+// @ts-check
+
+/** @type {import("syncpack").RcFile} */
+const config = {
+  sortFirst: [
+    'name',
+    'version',
+    'private',
+    'description',
+    'license',
+    'type',
+    'exports',
+    'main',
+    'types',
+    'bin',
+    'files',
+    'scripts',
+    'dependencies',
+    'devDependencies',
+    'peerDependencies',
+  ],
+  versionGroups: [
+    // ─── Ignore catalog source definitions ─────────────────────────────
+    // pnpm-workspace.yaml defines the actual versions — these are the
+    // source of truth for catalogs and should not be pinned.
+    {
+      label: 'Catalog source definitions are ignored',
+      packages: ['pnpm-workspace.yaml'],
+      isIgnored: true,
+    },
+    // ─── Ignore peer dependencies ──────────────────────────────────────
+    // Peer deps use semver ranges set by the consumer, not catalogs.
+    {
+      label: 'Peer dependencies are ignored',
+      dependencyTypes: ['peer'],
+      isIgnored: true,
+    },
+    // ─── Catalog enforcement: effect ecosystem ─────────────────────────
+    {
+      label: 'Effect packages must use catalog:effect',
+      dependencies: [
+        'effect',
+        '@effect/cli',
+        '@effect/platform',
+        '@effect/platform-node',
+        '@effect/vitest',
+      ],
+      pinVersion: 'catalog:effect',
+    },
+    // ─── Catalog enforcement: vitest ───────────────────────────────────
+    {
+      label: 'Vitest must use catalog:vitest',
+      dependencies: ['vitest'],
+      pinVersion: 'catalog:vitest',
+    },
+    // ─── Catalog enforcement: vite ─────────────────────────────────────
+    {
+      label: 'Vite must use catalog:vite',
+      dependencies: ['vite'],
+      pinVersion: 'catalog:vite',
+    },
+    // ─── Internal workspace deps ───────────────────────────────────────
+    {
+      label: 'Internal @wolfcola/* packages must use workspace:*',
+      dependencies: ['@wolfcola/*'],
+      pinVersion: 'workspace:*',
+    },
+    // ─── Banned packages ───────────────────────────────────────────────
+    {
+      label: '@effect/schema is deprecated — use effect/Schema',
+      dependencies: ['@effect/schema'],
+      isBanned: true,
+    },
+  ],
+};
+
+export default config;

eslint.config.mjs

@@ -19,6 +19,8 @@ export default [
       '**/coverage',
       '**/elm-stuff',
       '**/vite.config.*.timestamp*',
+      '**/__fixtures__/**',
+      '**/out-tsc/**',
     ],
   },
   ...compat.extends('plugin:@typescript-eslint/recommended', 'plugin:prettier/recommended'),
@@ -44,7 +46,6 @@ export default [
       '@typescript-eslint/no-use-before-define': 'warn',
       '@typescript-eslint/no-unused-vars': ['error', { ignoreRestSiblings: true }],
       'max-len': 'off',
-      quotes: ['error', 'single', { allowTemplateLiterals: true }],
     },
   },
   {

lefthook.yml

@@ -0,0 +1,15 @@
+pre-commit:
+  commands:
+    syncpack-lint:
+      run: pnpm syncpack lint
+      stage_fixed: true
+    eslint:
+      glob: '*.{js,mjs,ts,mts,tsx}'
+      exclude: '(out-tsc|__fixtures__|dist|node_modules)/'
+      run: pnpm eslint --no-warn-ignored --fix {staged_files}
+      stage_fixed: true
+    prettier:
+      glob: '*.{js,mjs,ts,mts,tsx,json,yaml,yml,md,css,html}'
+      exclude: '(out-tsc|__fixtures__/bad-syntax|dist|node_modules)/'
+      run: pnpm prettier --write {staged_files}
+      stage_fixed: true

package.json

@@ -20,23 +20,28 @@
     "test": "vitest run",
     "typecheck": "tsc --build",
     "changeset": "changeset",
-    "version": "changeset version",
-    "release": "pnpm build && changeset publish"
+    "version": "changeset version && prettier --write '**/package.json' pnpm-workspace.yaml",
+    "release": "pnpm build && changeset publish",
+    "syncpack:lint": "syncpack lint",
+    "syncpack:fix": "syncpack fix-mismatches",
+    "prepare": "test \"$CI\" = 'true' || lefthook install"
   },
   "devDependencies": {
     "@changesets/changelog-github": "^0.6.0",
     "@changesets/cli": "^2.27.9",
     "@eslint/eslintrc": "^3.0.0",
     "@eslint/js": "~9.39.0",
+    "@types/node": "^22.0.0",
     "@typescript-eslint/eslint-plugin": "^8.45.0",
     "@typescript-eslint/parser": "^8.45.0",
     "eslint": "^9.8.0",
     "eslint-config-prettier": "10.1.8",
     "eslint-plugin-import": "2.31.0",
     "eslint-plugin-prettier": "^5.2.3",
-    "@types/node": "^22.0.0",
     "jsdom": "^26.1.0",
+    "lefthook": "^2.1.6",
     "prettier": "^3.2.5",
+    "syncpack": "^15.1.2",
     "typescript": "5.8.3",
     "vite": "catalog:vite",
     "vitest": "catalog:vitest"

packages/treeshake-check/README.md

@@ -0,0 +1,159 @@
+# @wolfcola/treeshake-check
+
+A tree-shakeability analyzer for npm packages. Tells you whether your package can be fully tree-shaken by Rollup, and when it can't, points at the specific files, exports, and likely causes preventing it.
+
+Built on [Effect](https://effect.website), [@effect/cli](https://www.npmjs.com/package/@effect/cli), and [Rollup](https://rollupjs.org).
+
+## Why this exists
+
+When you publish a library, consumers' bundlers (webpack, Rollup, Vite, esbuild) try to eliminate unused exports from your package — that's tree-shaking. If your package isn't shakeable, every consumer who imports a single function pulls in your entire library, inflating their bundle size.
+
+Tree-shakeability isn't visible from the outside. You can ship what looks like a clean ESM library and still have it be unshakeable due to a single `Object.defineProperty` call at module scope, a missing `"sideEffects": false` in `package.json`, or a transitive CJS dependency. This tool surfaces those problems.
+
+The technique is the same one used by Rich Harris's [agadoo](https://www.npmjs.com/package/agadoo): bundle your package as a side-effect-only import (`import "your-package"` with no bindings used) and see what Rollup couldn't eliminate. Anything that survives is what's preventing tree-shaking.
+
+## Installation
+
+```bash
+pnpm add -D @wolfcola/treeshake-check
+```
+
+## Usage
+
+### Quickstart
+
+From any package directory:
+
+```bash
+pnpm treeshake-check
+```
+
+You'll get one of two outcomes:
+
+- **Fully tree-shakeable** — ASCII tree celebration plus any recommendations for `package.json` improvements.
+- **Has side effects** — a per-module breakdown of what survived, with diagnostic info for each file.
+
+### Flags
+
+| Flag             | Alias | Description                                                                     |
+| ---------------- | ----- | ------------------------------------------------------------------------------- |
+| `--cwd <path>`   | `-C`  | Directory containing `package.json`. Defaults to the current working directory. |
+| `--entry <path>` | `-e`  | Analyze a specific entry file directly, skipping `package.json` resolution.     |
+| `--json`         |       | Emit machine-readable JSON instead of human output.                             |
+| `--quiet`        | `-q`  | Suppress all output; rely on the exit code only.                                |
+| `--top <n>`      |       | Show only the N modules with the largest surviving byte count.                  |
+
+Plus the standard `--help`, `--version`, `--wizard`, and `--completions <shell>` flags from `@effect/cli`.
+
+### Examples
+
+Check the current package:
+
+```bash
+pnpm treeshake-check
+```
+
+Check a different package in the workspace:
+
+```bash
+pnpm treeshake-check --cwd packages/my-sdk
+```
+
+Check a specific built file directly:
+
+```bash
+pnpm treeshake-check --entry dist/index.js
+```
+
+Show only the worst 5 offenders:
+
+```bash
+pnpm treeshake-check --top 5
+```
+
+JSON output for CI tooling:
+
+```bash
+pnpm treeshake-check --json | jq '.modules[] | {id, renderedLength, suspectedCauses}'
+```
+
+## Detected causes
+
+The analyzer uses AST-based heuristics to classify surviving code:
+
+| Cause                   | Description                                               |
+| ----------------------- | --------------------------------------------------------- |
+| `EnumPattern`           | TypeScript enum compiled to IIFE                          |
+| `CommonJsContamination` | `require()`, `module.exports`, `__esModule` markers       |
+| `PrototypeMutation`     | `Object.defineProperty`, `.prototype.x = ...`             |
+| `GlobalAssignment`      | Assignment to `window`, `globalThis`, `self`, or `global` |
+| `UnannotatedCall`       | Top-level function call without `/*#__PURE__*/`           |
+| `TopLevelSideEffect`    | Top-level statement with observable effects               |
+| `Unknown`               | None of the above patterns matched                        |
+
+Labels are heuristic — a starting point for investigation, not a verdict.
+
+## Programmatic usage
+
+```typescript
+import { Effect } from 'effect';
+import { NodeContext } from '@effect/platform-node';
+import { checkPackage } from '@wolfcola/treeshake-check';
+
+const program = Effect.gen(function* () {
+  const result = yield* checkPackage('./packages/sdk');
+
+  if (result._tag === 'FullyTreeshakeable') {
+    return true;
+  }
+
+  for (const m of result.modules) {
+    console.log(`${m.id}: ${m.renderedLength}/${m.originalLength} bytes`);
+    console.log(`  causes: ${m.suspectedCauses.join(', ')}`);
+  }
+  return false;
+});
+
+const isShakeable = await Effect.runPromise(program.pipe(Effect.provide(NodeContext.layer)));
+```
+
+## CI integration
+
+`treeshake-check` exits with code 1 when a package isn't fully shakeable, so it composes naturally as a quality gate.
+
+### GitHub Actions
+
+```yaml
+- name: Tree-shake check
+  run: pnpm -r --filter "./packages/*" exec treeshake-check --top 5
+```
+
+### As a pre-publish hook
+
+```json
+{
+  "scripts": {
+    "prepublishOnly": "treeshake-check --quiet"
+  }
+}
+```
+
+### Across a monorepo
+
+```bash
+pnpm -r --parallel exec treeshake-check --top 3
+```
+
+## How it works
+
+1. Reads `package.json` from the target directory and resolves the entry point (`exports` → `module` → `main`).
+2. Constructs a synthetic Rollup entry that imports the target as a side-effect-only import: `import "/absolute/path/to/entry.js"`.
+3. Runs Rollup with default tree-shaking enabled.
+4. Inspects `chunk.modules` for per-module `renderedLength`, `renderedExports`, and `removedExports`.
+5. Classifies surviving code by AST analysis (with regex fallback for unparseable output).
+6. Reports per-module statistics, surviving code, and `package.json` recommendations.
+
+## Prior art
+
+- [agadoo](https://www.npmjs.com/package/agadoo) by Rich Harris — same technique, the original implementation. This package adds richer diagnostics, structured output, and Effect-based composition.
+- [bundlephobia](https://bundlephobia.com) — measures the post-shake size from a consumer's perspective rather than analyzing why shaking succeeds or fails.

packages/treeshake-check/package.json

@@ -0,0 +1,51 @@
+{
+  "name": "@wolfcola/treeshake-check",
+  "version": "0.0.0",
+  "description": "Check whether a package can be fully tree-shaken by Rollup",
+  "license": "MIT",
+  "type": "module",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/ryanbas21/devtools.git",
+    "directory": "packages/treeshake-check"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "default": "./dist/index.js"
+    },
+    "./package.json": "./package.json"
+  },
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "bin": {
+    "treeshake-check": "./dist/index.js"
+  },
+  "files": [
+    "dist",
+    "!dist/test-setup.*",
+    "!dist/*.tsbuildinfo"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.lib.json",
+    "lint": "eslint .",
+    "test": "vitest run"
+  },
+  "dependencies": {
+    "@effect/cli": "catalog:effect",
+    "@effect/platform": "catalog:effect",
+    "@effect/platform-node": "catalog:effect",
+    "@rollup/plugin-virtual": "^3.0.2",
+    "acorn": "^8.16.0",
+    "effect": "catalog:effect",
+    "rollup": "^4.59.0"
+  },
+  "devDependencies": {
+    "@effect/vitest": "catalog:effect",
+    "vitest": "catalog:vitest"
+  }
+}

packages/treeshake-check/src/__fixtures__/bad-syntax/index.js

@@ -0,0 +1 @@
+this is not valid javascript !!!###