Validate 'dependencies' and 'devDependencies' in your package.json
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
bin
docs
gulpfiles
lib
test
.babelrc
.ctags
.depcoprc.js
.eslintignore
.eslintrc.js
.gitignore
.travis.yml
CHANGELOG.md
LICENSE
README.md
appveyor.yml
esdoc.json
gulpfile.js
package.json
s

README.md

Depcop - Validate dependencies in package.json

npm Travis Appveyor Coveralls David David dev

License docs

Depcop is a tool to validate your dependencies and devDependencies in a package.json. It checks your source code and warns if some dependency definitions are missing, unused, or listed in a wrong group.

Validations

Missing module check

Makes sure:

  • all modules used in source code are listed in dependencies or devDependencies

Unused module check

Makes sure:

  • dependencies and devDependencies don't contain modules used in any source

Strayed module check

Makes sure:

  • dependencies don't contain modules used only in development code
  • devDependencies don't contain modules used in library code

Note: definition of terms

term description
library code Ordinary source files usually put in ./lib.
development code Test files, config files, or build scripts like gulpfile.js.

For more details about validations, please see Validations.

Features

  • ES2015 style support (import declarations)
  • CommonJS style support (require expressions)
  • Configurable

Installation

You can install Depcop using npm.

npm install --save-dev depcop

Usage

You can use Depcop via CLI or Node.js API. Please see Usage for details.

# CLI
depcop --missing --unused -l 'lib/**/*.js' -d 'test/**/*.js','gulpfile.js'
// JS
import { makeDepcop } from 'depcop';

const depcop = makeDepcop({
  options: {
    libSources: ['lib/**/*.js'],
    devSources: ['test/**/*-test.js'],
    checks: {
      unused: {
        ignore: ['istanbul', 'mocha']
      }
    }
  }
});

const result = depcop.runValidations();

// ..

Configuration

You can write a configuration file to configure Depcop. Please see Configuring Depcop for details.

// .depcoprc.js
module.exports = {
  libSources: [
    'lib/**/*.js'
  ],
  devSources: [
    'test/**/*-test.js',
    'gulpfile.babel.js'
  ],
  checks: {
    missing: {
      ignore: [/alias.+/]
    },
    unused: {}
  }
};

Why?

It is usually difficult to notice that some dependency definitions are missing (or unused) in local environment where necessary dependencies have been installed. Especially, it is so difficult to notice when you accidentally define a module in devDependencies which is actually used in library code. In this case, all tests will pass in both of local and CI environment where devDependencies will be installed. And it is not until the module is installed to user environments where devDependencies doesn't be installed that it causes an error for lack of dependencies. The goal of this module is to prevent such a tragedy.

Similar projects