Opinionated, zero-config linter for JavaScript monorepos

Just trying out sherif on our monorepo and got the following errors:

12 issues found (12 ⨯, 0 ⚠️, 0 ⊙) across 24 packages:

 ⨯ error The `@team-plain/typescript-sdk` dependency has multiple versions, ^2.2.0 being the lowest and ^2.7.0 the highest.
         multiple-dependency-versions: @team-plain/typescript-sdk has 2 versions: ^2.2.0, ^2.7.0

 ⨯ error The `express` dependency has multiple versions, ^4.18.1 being the lowest and ^4.18.2 the highest.
         multiple-dependency-versions: express has 2 versions: ^4.18.1, ^4.18.2

 ⨯ error The `nanoid` dependency has multiple versions, ^3.3.4 being the lowest and ^4.0.2 the highest.
         multiple-dependency-versions: nanoid has 2 versions: ^3.3.4, ^4.0.2

 ⨯ error The `@types/node` dependency has multiple versions, ^16 being the lowest and ^18.11.15 the highest.
         multiple-dependency-versions: @types/node has 6 versions: ^16, 16.*, ^18, 18.*, ^18, ^18.11.15

 ⨯ error The `@types/node-fetch` dependency has multiple versions, 2.6.* being the lowest and ^2.6.2 the highest.
         multiple-dependency-versions: @types/node-fetch has 2 versions: 2.6.*, ^2.6.2

 ⨯ error The `eslint` dependency has multiple versions, ^8.19.0 being the lowest and ^8.24.0 the highest.
         multiple-dependency-versions: eslint has 2 versions: ^8.19.0, ^8.24.0

 ⨯ error The `typescript` dependency has multiple versions, ^4.8.4 being the lowest and ^5.2.2 the highest.
         multiple-dependency-versions: typescript has 4 versions: ^4.8.4, ^4.9.4, ^4.9.5, ^5.2.2

 ⨯ error The `tsup` dependency has multiple versions, ^6.5.0 being the lowest and ^7.2.0 the highest.
         multiple-dependency-versions: tsup has 4 versions: ^6.5.0, 7.1.*, ^7.1.0, ^7.2.0

 ⨯ error The `node-fetch` dependency has multiple versions, 2.6.* being the lowest and ^3.3.0 the highest.
         multiple-dependency-versions: node-fetch has 2 versions: 2.6.*, ^3.3.0

 ⨯ error The `resend` dependency has multiple versions, ^0.9.1 being the lowest and ^1.0.0 the highest.
         multiple-dependency-versions: resend has 2 versions: ^0.9.1, ^1.0.0

 ⨯ error The `openai` dependency has multiple versions, ^4.2.0 being the lowest and ^4.5.0 the highest.
         multiple-dependency-versions: openai has 2 versions: ^4.2.0, ^4.5.0

 ⨯ error The `vitest` dependency has multiple versions, ^0.34.3 being the lowest and ^0.34.4 the highest.
         multiple-dependency-versions: vitest has 2 versions: ^0.34.3, ^0.34.4

Which is super helpful! But it would be even more helpful if it would print out which packages were using these dependencies and which versions each was on.

Closes https://github.com/QuiiBz/sherif/issues/8

Private packages shouldn't have @types/* in dependencies, since they don't need it at runtime. Move them to devDependencies.

We should add a new rule to automatically detect @types/* packages that are present in dependencies instead of being in devDependencies. The rule name could be types-in-dependencies

• Improve README with more examples
• empty-dependencies is now an error
• Ignore dependencies versions that are *, since they match any other defined version in the monorepo

Detect packages that don't have a package.json file in their directory. Warning by default because it might be intended, but is not an ideal pattern: you should instead remove this package from the monorepo packages.

As suggested by @juliusmarminge: https://twitter.com/jullerino/status/1703794047104479562

We should add support for a new --fix option, that will try to fix issues as much as possible. We can add a fn fix(&self) -> bool to the Issue trait, that will be executed on each issue. Returning true means the fix was successful, false that it wasn't: https://github.com/QuiiBz/sherif/blob/7b5a2075ace5d6c6ef88599612826fe4c62d668d/src/rules/mod.rs#L45