This regex is missing a g (global) flag.
As it is now it will only replace the first occurrence it finds.

Introduced in #2

Hey!

(full disclosure) I discovered your project through my college professor @humphd and think it's a wonderful idea! I'd like to contribute to it if possible.

I'd like to add the ability to specify --tofile at runtime which will dump the console results to an HTML/MD file for easier reading ability. I mean no offence by this feature and just wanted to try my hand at adding something that might be of value to your project!

I've actually already implemented a working demo and with your permission I'll submit a PR for your review.

Introduced in #8

Thanks and let me know 😄
-Chris

Since shoulders is meant to show the open issues for the packages we use, I find it a bit annoying that pull requests show up as well.

The github API treats them like issues, but we could filter them out by looking if the pull_request key is present as documented here.

What do you think? Should we filter out the PRs? If so should that be the default behavior or should it be behind a flag?

I would be interested in implementing this feature should you decide it's something you want to add.

I ran shoulders on a project, and it has a lot of modules that don't have names, for example:

$ npx shoulders
Detected 5780 packages.
Loading issues...

debug
No issues found.
https://github.com/visionmedia/debug/issues

async
No issues found.
https://github.com/caolan/async/issues

eventemitter2
No issues found.
https://github.com/hij1nx/EventEmitter2/issues

ms
No issues found.
https://github.com/zeit/ms/issues

safe-buffer
No issues found.
https://github.com/feross/safe-buffer/issues

ws
No issues found.
https://github.com/websockets/ws/issues

undefined
No issues found.

undefined
No issues found.

undefined
No issues found.

undefined
No issues found.

undefined
No issues found.

undefined
No issues found.

undefined
No issues found.
...

I did some digging, and this happens when you have package.json files like:

{
  "main": "./"
}

Looking at my deps, I can see a lot like this, for example:

find . -name 'package.json' \( -exec echo {} \; -exec jq '.name' {} \; \)
"co"
./tools/autodeployment/node_modules/pm2-axon/node_modules/debug/package.json
"debug"
./tools/autodeployment/node_modules/pm2-axon/package.json
"pm2-axon"
./tools/autodeployment/node_modules/pm2-axon/lib/configurable/package.json
"configurable"
./tools/autodeployment/node_modules/inherits/package.json
"inherits"
./tools/autodeployment/node_modules/date-fns/endOfWeek/package.json
null
./tools/autodeployment/node_modules/date-fns/startOfDecade/package.json
null
./tools/autodeployment/node_modules/date-fns/subMinutes/package.json
null
./tools/autodeployment/node_modules/date-fns/getISOWeek/package.json
null
./tools/autodeployment/node_modules/date-fns/differenceInMinutes/package.json
null
./tools/autodeployment/node_modules/date-fns/isThisQuarter/package.json
...

Instead of logging undefined for the project name, what if it used the path to the package.json file?