A simple CLI tool for vetting npm package versions
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github
src Add comments and change 'version' to 'Version' as requested Mar 1, 2018
test
.gitignore Ignore npm-debug.log and coverage Jan 28, 2017
.npmignore
CONTRIBUTING.md
LICENSE.md
README.md Add strict option to CLIOpts, and README Apr 4, 2017
appveyor.yml Initial appveyor.yml - lets see how this goes Feb 11, 2017
package-lock.json
package.json
tsconfig.json Initial gitignore, tsconfig and setup some package.json settings Jan 27, 2017

README.md

Build status

NPM Vet is a simple CLI tool to help vet your npm package versions. NPM Vet can be used locally, or as a CI build-step to prevent builds passing with mismatched package versions. To read more about NPM Vet, visit the Hark website.

Installation

$ npm install npmvet -g

Usage

Usage: npmvet [options]

Options:

  -h, --help                 output usage information
  -V, --version              output the version number
  -p, --package <package>    package.json file location (Default: .)
  -m, --modules <modules>    node_modules folder location (Default: .)
  -r, --renderer <renderer>  Renderer to use (Default: inlinetable)
  -s, --strict               Using the CI renderer, fail build if any packages unlocked (Default: false, flag)

Strict Mode

If you're using the CI renderer (see below) the -s flag will enable strict mode. In which builds will fail if versions are unlocked, not just unmatching.

Renderers

Renderers are used to dictate how to output the data NPM Vet collects. The default is inlinetable.

Inline Table

$ npmvet -r inlinetable

The default renderer, inlinetable will print a table inline with your current process. You can use this locally to visualise package differences.

CI

$ npmvet -r ci

To prevent your CI builds passing with mismatched package versions, use the CI renderer. If any package version mismatches are found, the build will fail:

Or if there are no mismatching package versions, your build will continue (and hopefully pass!):

Blessed

The blessed renderer will render a table inside a screen, that has be exited by the user to escape.

$ npmvet -r blessed

JSON

The JSON renderer will print a JSON array with match information for each package.

$ npmvet -r json
[
  {
    "name": "blessed",
    "packageVersion": "0.1.81",
    "installedVersion": "0.1.81",
    "matches": true,
    "locked": false
  },
  {
    "name": "chalk",
    "packageVersion": "1.1.3",
    "installedVersion": "1.1.3",
    "matches": true,
    "locked": false
  },
  {
    "name": "jest",
    "packageVersion": "18.1.0",
    "installedVersion": "18.1.0",
    "matches": true,
    "locked": false
  }
]

Contributing

For information regarding contributing to this project, please read the Contributing document.

License

MIT License