A high-performance CLI tool for checking npm dependencies, security vulnerabilities, and update recommendations.
- High Performance: Parallel processing, intelligent caching, and connection pooling
- Comprehensive Analysis: Check dependencies, security vulnerabilities, and update recommendations
- Multiple Output Formats: Table, JSON, and CSV output formats
- Security Auditing: Built-in security vulnerability scanning
- Update Recommendations: Smart update suggestions with breaking change warnings
- Flexible Configuration: Customizable depth, concurrency, and filtering options
# Install globally
npm install -g cli-depsnap
# Or use npx
npx cli-depsnap
# Or install locally
npm install cli-depsnap# Check dependencies in current directory
depsnap check
# Check with custom options
depsnap check --path ./package.json --depth 2 --parallel 20
# Security audit
depsnap audit --severity moderate
# Get update recommendations
depsnap update --major --dry-rundepsnap check [options]Options:
-p, --path <path>- Path to package.json file (default: ./package.json)-d, --depth <number>- Depth of dependency tree to check (default: 1)--no-cache- Disable caching for fresh results--parallel <number>- Number of parallel requests (default: 10)--format <format>- Output format: table, json, csv (default: table)
Examples:
# Basic check
depsnap check
# Deep dependency analysis
depsnap check --depth 3 --parallel 20
# JSON output for CI/CD
depsnap check --format json
# Check specific package.json
depsnap check --path ./frontend/package.jsondepsnap audit [options]Options:
-p, --path <path>- Path to package.json file (default: ./package.json)--severity <level>- Minimum severity level: low, moderate, high, critical (default: moderate)--fix- Automatically fix vulnerabilities where possible
Examples:
# Basic security audit
depsnap audit
# High severity only
depsnap audit --severity high
# Auto-fix vulnerabilities
depsnap audit --fixdepsnap update [options]Options:
-p, --path <path>- Path to package.json file (default: ./package.json)--major- Include major version updates--dry-run- Show what would be updated without making changes
Examples:
# Get update recommendations
depsnap update
# Include major updates
depsnap update --major
# Preview changes
depsnap update --dry-run- Configurable concurrency limits for API requests
- Batch processing of dependency checks
- Efficient dependency tree traversal
- In-memory caching with configurable TTL
- Cache statistics and hit/miss ratios
- Cache bypass option for fresh results
- HTTP/HTTPS connection reuse
- Configurable socket limits
- Keep-alive connections for better performance
- Streaming file processing for large package.json files
- Efficient data structures for dependency trees
- Garbage collection friendly code patterns
π¦ Dependency Check Report
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Package: [email protected]
Path: /path/to/package.json
π Summary:
Total dependencies: 15
Up to date: 12
Outdated: 3
Major updates: 1
Minor updates: 1
Patch updates: 1
Vulnerabilities: 0
π Dependencies:
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Package Current Latest Update Type Vulns Status
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
lodash 4.17.20 4.17.21 patch dependencies 0 π§
axios 1.5.0 1.6.0 minor dependencies 0 π
react 17.0.2 18.2.0 major dependencies 0 β οΈ
{
"package": {
"name": "my-app",
"version": "1.0.0"
},
"summary": {
"total": 15,
"upToDate": 12,
"outdated": 3,
"majorUpdates": 1,
"minorUpdates": 1,
"patchUpdates": 1,
"vulnerabilities": 0
},
"dependencies": [...]
}Package,Current Version,Latest Version,Update Type,Dependency Type,Vulnerabilities,Update Available
lodash,4.17.20,4.17.21,patch,dependencies,0,true
axios,1.5.0,1.6.0,minor,dependencies,0,true
DEBUG- Enable debug loggingNPM_REGISTRY- Custom npm registry URLCACHE_TTL- Cache time-to-live in seconds
# High concurrency for large projects
depsnap check --parallel 50
# Disable cache for fresh results
depsnap check --no-cache
# Shallow dependency tree for speed
depsnap check --depth 1- Node.js >= 18.0.0
- npm >= 8.0.0
# Clone repository
git clone https://github.com/devemit/npm-dependency-checker.git
cd npm-dependency-checker
# Install dependencies
npm install
# Run in development mode
npm run dev
# Run tests
npm test
# Lint code
npm run lint
# Format code
npm run formatnpm-dependency-checker/
βββ src/
β βββ cli.js # Main CLI entry point
β βββ commands/
β β βββ check.js # Dependency check logic
β β βββ audit.js # Security audit
β β βββ update.js # Update recommendations
β βββ services/
β β βββ npm-registry.js # npm registry API client
β β βββ cache.js # Caching layer
β β βββ parser.js # Package.json parser
β βββ utils/
β βββ output.js # Output formatting
βββ tests/
βββ package.json
βββ README.md
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the ISC License.
- Built with Commander.js for CLI framework
- Styled with Chalk for terminal colors
- Powered by npm-registry-fetch for registry access
- Version parsing with semver