GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → delfrrr → Npm Consider

delfrrr / Npm Consider

Licence: other
Check package dependencies before installing it

Programming Languages

javascript
184084 projects - #8 most used programming language

Labels

npmpackagedependenciesinstallsize

Projects that are alternatives of or similar to Npm Consider

Dependency Land
Find the npm modules that depend on a specific module and semver range.
Stars: ✭ 34 (-91.19%)
Mutual labels:  dependencies, npm
Yalc
Work with yarn/npm packages locally like a boss.
Stars: ✭ 3,155 (+717.36%)
Mutual labels:  dependencies, npm
Dependency spy
Find known vulnerabilities in your dependencies
Stars: ✭ 87 (-77.46%)
Mutual labels:  dependencies, npm
Npm Gui
Graphic tool for managing javascript project dependencies - in a friendly way.
Stars: ✭ 454 (+17.62%)
Mutual labels:  dependencies, npm
get-installed-path
Get locally or globally installation path of given package name.
Stars: ✭ 39 (-89.9%)
Mutual labels:  package, install
Renovate
Universal dependency update tool that fits into your workflows.
Stars: ✭ 6,700 (+1635.75%)
Mutual labels:  dependencies, npm
Laravel Paket
Composer GUI. Manage Laravel dependencies from web interface without switching to command line!
Stars: ✭ 143 (-62.95%)
Mutual labels:  dependencies, package
Lmify
Install NPM dependencies programmatically 🤙
Stars: ✭ 98 (-74.61%)
Mutual labels:  install, npm
lint-deps
Lint for unused or missing dependencies in your node.js projects. Customize with plugins or configuration.
Stars: ✭ 48 (-87.56%)
Mutual labels:  package, dependencies
PackageProject.cmake
🏛️ Help other developers use your project. A CMake script for packaging C/C++ projects for simple project installation while employing best-practices for maximum compatibility.
Stars: ✭ 48 (-87.56%)
Mutual labels:  package, install
Dependency Check
checks which modules you have used in your code and then makes sure they are listed as dependencies in your package.json
Stars: ✭ 435 (+12.69%)
Mutual labels:  dependencies, npm
Wasm Pack
This tool seeks to be a one-stop shop for building and working with rust- generated WebAssembly that you would like to interop with JavaScript, in the browser or with Node.js. wasm-pack helps you build rust-generated WebAssembly packages that you could publish to the npm registry, or otherwise use alongside any javascript packages in workflows that you already use, such as webpack.
Stars: ✭ 3,848 (+896.89%)
Mutual labels:  package, npm
Elm Package
Command line tool to share Elm libraries
Stars: ✭ 214 (-44.56%)
Mutual labels:  install, package
Syncpack
Manage multiple package.json files, such as in Lerna Monorepos and Yarn/Pnpm Workspaces
Stars: ✭ 356 (-7.77%)
Mutual labels:  dependencies, npm
Pnpm
Fast, disk space efficient package manager -- 快速的,节省磁盘空间的包管理工具
Stars: ✭ 14,219 (+3583.68%)
Mutual labels:  install, npm
Greenkeeper
🤖 🌴 Real-time automated dependency updates for npm and GitHub
Stars: ✭ 1,564 (+305.18%)
Mutual labels:  dependencies, npm
Compinstall
Delphi utility app to auto-install component packages into IDE
Stars: ✭ 19 (-95.08%)
Mutual labels:  install, package
Have It
The fastest NPM install does nothing because you already have it
Stars: ✭ 75 (-80.57%)
Mutual labels:  install, npm
Setup Miniconda
Set up your GitHub Actions workflow with conda via miniconda
Stars: ✭ 222 (-42.49%)
Mutual labels:  dependencies, package
action
📦📊 GitHub Action to reports on the size of your npm package
Stars: ✭ 36 (-90.67%)
Mutual labels:  package, size
View All Similar Projects ➔

npm-consider

Check npm package dependencies size, licenses and impact on your package before installing it 🤔

npm-consider

If you like it, please, ⭐️ this repo!

Build Status

Features

  • calculate dependencies size recursively
  • show dependencies license policy for linking
  • calculates impact on current package
  • show a full dependency graph
  • analyses packages without downloading it
  • supports yarn
  • analyzes local package
  • provides continuous integration (CI) mode

Installing

npm install -g npm-consider

Note: this tool is more useful when your colleagues also use it 😉

Usage

Add new dependency

npm-consider has similar arguments as npm install

npm-consider install --save express

The command recursively requests packages info from npm and builds dependencies graph. Size of the package determined via HEAD request to tarball download URL.

Analyze local package

When called without arguments in package directory it builds a dependency graph and calculates metrics for local package

npm-consider install

Using for automation and continuous integration

You can specify maximum values of size and number as well as allowed license types in config of your package.json.

"config": {
  "maxPackagesNumber": 100,
  "maxSizeBites": 840400,
  "allowedLicenseTypes": [
    "permissive",
    "publicDomain",
    "uncategorized"
  ]
}

Once provided you can call

npm-consider install --test

npm-consider

If all limits are satisfied command will exit with code=0; otherwise code=1.

Note: in this mode, npm-consider will not call npm install or yarn install.

Supported properties:

  • maxPackagesNumber max number of npm dependencies incuding transitive dependencies
  • maxSizeBites max size of downloaded packages in bites
  • allowedLicenseTypes what types of dependency licenses are accpetable for the package

Supported types are publicDomain, permissive, weaklyProtective, protective, networkProtective, uncategorized. If you are not sure which license types are appropriate check this artice.

Usage with yarn

If the project contains yarn.lock file, then npm-consider will do yarn add with corresponding options.

Licence type

npm-consider calculates license type for every dependency. The type defines license policy for linking as a librtary. Data collected from Comparison of free and open-source software licenses on Wikipedia.

  • Public Domain and Permissive license allows you to do anything except sue the author
  • Weakly Protective license have a restriction to how can it be linked and combined with other licenses
  • Protective or Copyleft dependency license requires a dependent module to have a free license, which prevents it from being proprietary
  • Network Protective same as Protective but also triggers with network interaction
  • Uncategorized means that license was not found in a package info or was not categorised in terms of linking; feel free to contribute to license categorisation;

Note: that even permissive licenses have some restrictions. Check the following slide and article to learn about license compatibility:

The Free-Libre / Open Source Software (FLOSS) License Slide

Menu options

  • Install runs npm install with the same arguments
  • Impact takes onto account already installed dependencies and shows relative impact. It behaves differently, depending on --save or --save-dev option. The second one takes into account already installed dependencies and devDepenedencies.
  • Details prints dependencies graph
  • Skip cancels npm install; no changes in your project will apply.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].