Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit

…ng (#882)

## Description

- adds ability to match arrays for conditional coloring on the dot
reporter's theming

## Motivation and Context

So it's possible to add formatting based on array like properties (like
`dependencyTypes`) and to have a convenient way to match against
multiple criteria at the same time.

## How Has This Been Tested?

- [x] green ci
- [x] additional automated non-regression tests

## Screenshots

E.g. to color based on types of aliased dependency types like this:


(from the reproduction example for #863 on

... you can use this configuration that uses most features enabled by
this PR:

/** @type {import('dependency-cruiser').IConfiguration} */
module.exports = {
  options: {
    doNotFollow: { path: "node_modules" },
    moduleSystems: ["es6", "cjs"],
    tsPreCompilationDeps: true,
    combinedDependencies: true,
    tsConfig: { fileName: "tsconfig.json" },
    reporterOptions: {
      dot: {
        theme: {
          graph: {
            rankdir: "TD",
            splines: "ortho",
          dependencies: [
              // if the dependency type is one of the tsconfig type aliases ...
              criteria: {
                dependencyTypes: [
              // ... color the line teal
              attributes: { color: "blue" },
              criteria: { dependencyTypes: ["aliased-workspace"] },
              attributes: { color: "purple" },
              // if you just want one of the dependency types to match, a string suffices
              criteria: { dependencyTypes: "aliased-subpath-import" },
              attributes: { color: "green" },

## Types of changes

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] Documentation only change
- [ ] Refactor (non-breaking change which fixes an issue without
changing functionality)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing
functionality to change)

## Checklist

- [x] 📖

  - My change doesn't require a documentation update, or ...
  - it _does_ and I have updated it

- [x] ⚖️
- The contribution will be subject to [The MIT
and I'm OK with that.
  - The contribution is my own original work.
- I am ok with the stuff in

Git stats


Failed to load latest commit information.
Latest commit message
Commit time
November 26, 2023 21:20
November 26, 2023 21:20
December 1, 2021 18:36
January 6, 2023 22:29
November 26, 2023 21:20
November 26, 2023 21:20

Dependency cruiser Dependency cruiser

Validate and visualise dependencies. With your rules. JavaScript. TypeScript. CoffeeScript. ES6, CommonJS, AMD.

What's this do?

Snazzy dot output to whet your appetite

This runs through the dependencies in any JavaScript, TypeScript, LiveScript or CoffeeScript project and ...

  • ... validates them against (your own) rules
  • ... reports violated rules
    • in text (for your builds)
    • in graphics (for your eyeballs)

As a side effect it can generate dependency graphs in various output formats including cool visualizations you can stick on the wall to impress your grandma.

How do I use it?

Install it ...

npm install --save-dev dependency-cruiser
# or
yarn add -D dependency-cruiser
pnpm add -D dependency-cruiser

... and generate a config

npx depcruise --init

This will look around in your environment a bit, ask you some questions and create a .dependency-cruiser.js configuration file attuned to your project12.

Show stuff to your grandma

To create a graph of the dependencies in your src folder, you'd run dependency cruiser with output type dot and run GraphViz dot3 on the result. In a one liner:

npx depcruise src --include-only "^src" --output-type dot | dot -T svg > dependency-graph.svg
dependency-cruiser v12 and older: add --config option

While not necessary from dependency-cruiser v13, in v12 and older you'll have to pass the --config option to make it find the .dependency-cruiser.js configuration file:

npx depcruise src --include-only "^src" --config --output-type dot | dot -T svg > dependency-graph.svg
  • You can read more about what you can do with --include-only and other command line options in the command line interface documentation.
  • Real world samples contains dependency cruises of some of the most used projects on npm.
  • If your grandma is more into formats like mermaid, json, csv, html or plain text we've got her covered as well.

Validate things

Declare some rules

When you ran depcruise --init above, the command also added some rules to .dependency-cruiser.js that make sense in most projects, like detecting circular dependencies, dependencies missing in package.json, orphans, and production code relying on dev- or optionalDependencies.

Start adding your own rules by tweaking that file.

Sample rule:

  "forbidden": [
      "name": "not-to-test",
      "comment": "don't allow dependencies from outside the test folder to test",
      "severity": "error",
      "from": { "pathNot": "^test" },
      "to": { "path": "^test" }

Report them

npx depcruise src
dependency-cruiser v12 and older: add --config option

While not necessary from dependency-cruiser v13, in v12 and older you'll have to pass the --config option to make it find the .dependency-cruiser.js configuration file:

npx depcruise --config .dependency-cruiser.js src

This will validate against your rules and shows any violations in an eslint-like format:

sample err output

There's more ways to report validations; in a graph (like the one on top of this readme) or in an self-containing html file.

  • Read more about the err, dot, csv and html reporters in the command line interface documentation.
  • dependency-cruiser uses itself to check on itself in its own build process; see the depcruise script in the package.json

I want to know more!

You've come to the right place :-) :




  • Marijn Haverbeke and other people who collaborated on acorn - the excellent JavaScript parser dependency-cruiser uses to infer dependencies.
  • Katerina Limpitsouni of unDraw for the ollie in dependency-cruiser's social media image.
  • All members of the open source community who have been kind enough to raise issues, ask questions and make pull requests to get dependency-cruiser to be a better tool.

Build status

GitHub Workflow Status coverage Maintainability Test Coverage total downloads on npm

Made with 🤘 in Holland.


  1. We're using npx in the example scripts for convenience. When you use the commands in a script in package.json it's not necessary to prefix them with npx.

  2. If you don't don't want to use npx, but instead pnpx (from the pnpm package manager) or yarn - please refer to that tool's documentation. Particularly pnpx has semantics that differ from npx quite significantly and that you want to be aware of before using it. In the mean time: npx should work even when you installed the dependency with a package manager different from npm.

  3. This assumes the GraphViz dot command is available - on most linux and comparable systems this will be. In case it's not, see GraphViz' download page for instructions on how to get it on your machine.