jscpdv4
Getting Started

Changelog

Release history and what's new in jscpd.

Overview

For the full, up-to-date changelog, see the jscpd GitHub repository.

v4.2.3 (Latest)

  • fix(finder): resolve relative ignore patterns against scan dirs (#611)
  • Dependency bumps across all packages

v4.2.2

  • fix(tokenizer): resolve quadratic bash tokenization hang

v4.2.1

  • fix(tokenizer): fix tokenization issue for cross-format detection

v4.2.0

New Features

  • Custom tokenizer backend@jscpd/tokenizer now uses a self-contained reprism-based engine. ~11.5% faster tokenization on real projects (avg 1126 ms → 997 ms on a 548-file, 223-format scan).
  • Cross-format detection — Vue SFC (.vue), Svelte (.svelte), Astro (.astro), and Markdown files are tokenized per-block/per-section, enabling duplicate detection between embedded blocks and standalone source files.
  • 223 supported formats — Apex, CFML/ColdFusion, GDScript, Svelte, Astro, and 70+ additional languages (up from 152). Run jscpd --list to see the full list.
  • Shebang detection — extensionless executable scripts are auto-detected via their #! shebang line.
  • --store-path — specify a custom directory for the LevelDB token cache, eliminating collisions when multiple jscpd processes run concurrently.
  • --skipComments — shorthand for --mode weak. Strips comments before tokenization.
  • --formats-names — map specific filenames (e.g. Makefile, Dockerfile) to a detection format.

Bug Fixes

  • Entire-file duplicates silently dropped (#728) — fixed RabinKarp end-of-file flush bug in @jscpd/core.
  • ReDoS hang on Lisp/Elisp files (#737) — replaced catastrophic backtracking with a linear regex in @jscpd/tokenizer.
  • Process crash on malformed package.json (#739) — now emits a warning and continues.
  • Vue SFC cross-file detection broken — blocks now use resolved sub-format namespace.
  • Vue SFC incorrect column numbers — fixed in @jscpd/tokenizer.
  • 50 dependency security vulnerabilities remediated.

v4.1.1

  • Update hash function, improve performance and keep browser support.

v4.1.0

  • AI reporter (--reporters ai) — compact, token-efficient output for LLMs.
  • --noTips flag — suppress usage-tip messages after detection.
  • Execution timer — timing summary shown after detection completes.
  • Tokenizer speed — lazy Prism grammar loading, O(1) extension lookup, native MD5 hashing.
  • New languages: Apex and CFML (ColdFusion).
  • Test coverage raised to 98%+.

v4.0.9

  • AI reporter integrated as a named reporter.

v4.0.8

  • GDScript support — detect duplicate code in Godot Engine GDScript files.

v4.0.7 – v4.0.6

  • Fixed build output issues and .gitignore pattern parsing.
  • Merged several community pull requests.

v4.0.4 – v4.0.2

  • SARIF reporter integrated as a named reporter (--reporters sarif).
  • Fixed package resolution issues in SARIF reporter integration.

v4.0.0

Breaking Changes

  • Monorepo restructure — tool moved to apps/jscpd, sub-packages extracted to packages/*.
  • Build system replaced — migrated from tsc to tsup, producing ESM+CJS dual-mode bundles.
  • Test runner migrated — switched from ava to Vitest.
  • Requires Node.js 18+.

Changes

  • Monorepo migrated from Lerna to Turborepo.
  • Changesets adopted as the release management tool.

Earlier releases (v1.x – v3.x)

See the root CHANGELOG for the full history of jscpd versions 1.0.0 through 3.5.10, covering the tool's origins, the TypeScript rewrite, LevelDB store, pluggable reporters, monorepo extraction, and all the improvements made from 2018 through 2023.

Agent Skill

Use jscpd with AI coding assistants to automatically detect and refactor code duplications.

Reporters

Output formats and reporters in jscpd.