From 32f0159319e62397b8cb4361800abaf33648759e Mon Sep 17 00:00:00 2001
From: Evan Gray <battledingo@gmail.com>
Date: Thu, 20 Oct 2022 17:00:35 -0400
Subject: [PATCH] ci: unscoped npm package check

---
 .github/workflows/build.yml         | 17 ++++++++++++-----
 scripts/check-npm-package-scopes.sh | 11 +++++++++++
 2 files changed, 23 insertions(+), 5 deletions(-)
 create mode 100644 scripts/check-npm-package-scopes.sh

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 598f25f82..bce5659ed 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -119,8 +119,8 @@ jobs:
       - name: Install rust toolchain
         uses: dtolnay/rust-toolchain@master
         with:
-            toolchain: ${{ steps.toolchain.outputs.version }}
-            components: "clippy,rustfmt"
+          toolchain: ${{ steps.toolchain.outputs.version }}
+          components: "clippy,rustfmt"
 
       - name: Cache rust packages
         uses: actions/cache@v3
@@ -139,11 +139,11 @@ jobs:
 
       - name: Run `cargo check`
         run: cargo check --workspace --tests --manifest-path solana/Cargo.toml
-             --features "nft-bridge/instructions token-bridge/instructions wormhole-bridge-solana/instructions"
+          --features "nft-bridge/instructions token-bridge/instructions wormhole-bridge-solana/instructions"
 
       - name: Run `cargo clippy`
         run: cargo clippy --workspace --tests --manifest-path solana/Cargo.toml
-             --features "nft-bridge/instructions token-bridge/instructions wormhole-bridge-solana/instructions"
+          --features "nft-bridge/instructions token-bridge/instructions wormhole-bridge-solana/instructions"
 
       - name: Cache solana tools
         id: cache-solana
@@ -233,7 +233,7 @@ jobs:
       - uses: actions/checkout@v2
       - uses: actions/setup-go@v2
         with:
-          go-version: '1.19.0'
+          go-version: "1.19.0"
       - run: curl https://get.ignite.com/cli@v0.23.0 | bash && mv ignite /usr/local/bin/
       - run: cd wormhole_chain && make proto -B && make test
 
@@ -302,3 +302,10 @@ jobs:
         uses: actions/checkout@v2
       - run: chmod 755 ./scripts/check-docker-pin.sh
       - run: ./scripts/check-docker-pin.sh
+  npm-packages:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out source
+        uses: actions/checkout@v2
+      - run: chmod 755 ./scripts/check-npm-package-scopes.sh
+      - run: ./scripts/check-npm-package-scopes.sh
diff --git a/scripts/check-npm-package-scopes.sh b/scripts/check-npm-package-scopes.sh
new file mode 100644
index 000000000..3b65b2567
--- /dev/null
+++ b/scripts/check-npm-package-scopes.sh
@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+
+# This script checks to ensure that all our NPM packages have an appropriate scope.
+#
+git ls-files | grep "package.json" | xargs grep -s "\"name\":" | egrep -v '@certusone/|@wormhole-foundation/'
+if [ $? -eq 0 ]; then
+   echo "[!] Unscoped npm packages" >&2
+   exit 1
+else
+   echo "[+] No unscoped npm packages"
+fi