Skip to content

nexB/dependency-inspector

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
.github/workflows
.github/workflows
 
 
cmd
cmd
 
 
internal
internal
 
 
scripts
scripts
 
 
test
test
 
 
.gitignore
.gitignore
 
 
CHANGELOG.rst
CHANGELOG.rst
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
NOTICE
NOTICE
 
 
README.rst
README.rst
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

DepLock

DepLock (Dependency Locker) is a CLI tool to generate lockfiles, which contain resolved dependencies for the project.

license version build

Installation

To install DepLock, follow these steps:

# Download the latest binary depending on your OS and architecture
# Replace <OS> with your operating system (linux, darwin, windows)
# Replace <ARCH> with your architecture (amd64, arm64)
curl -LO https://github.com/nexB/dependency-inspector/releases/latest/download/deplock-<OS>-<ARCH>

# Make the binary executable
chmod +x deplock-<OS>-<ARCH>

# [Optional] Rename and move the binary to your PATH
mv deplock-<OS>-<ARCH> /usr/local/bin/deplock

Uses

Here's how to get started and use the various commands:

# Display the general help for DepLock
deplock --help

# Display help for a specific command
deplock [command] --help

Supported Ecosystems

  • npm
  • pnpm
  • yarn

Example

Generating lockfile for an npm project:

# Generate lockfile in the current directory
deplock npm

# Generate lockfile in specified directory
deplock npm /path/to/project

# Forcefully generate lockfile, ignoring existing lockfiles
deplock npm /path/to/project --force

Contribution

We welcome contributions from the community! If you find a bug or have an idea for a new feature, please open an issue on the GitHub repository. If you want to contribute code, you can fork the repository, make your changes, and submit a pull request.

Development setup

Run these commands, starting from a git clone of https://github.com/nexB/dependency-inspector.git

make dev

  • Compile and run:

    $ go run main.go

  • Create binary:

    $ make build

  • Run tests:

    $ make test

License

SPDX-License-Identifier: Apache-2.0

DepLock is licensed under Apache License version 2.0.

You may not use this software except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

About

A general purpose, mostly universal software package dependency resolver.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

13 watching

Forks

1 fork
Report repository

Releases 1

v1.0.0 Latest
Jun 13, 2024

Packages

No packages published

Contributors 2

  •  
  •  

Languages