check-david

No-nonsense dependency checks for your package.json

A simple command line tool that checks whether your dependencies are up to date (using David) and outputs a checkstyle-compatible XML report.

Use Case

This module attempts to solve a very specific problem and thus has the following semantics:

• if you're at least one patch versions behind, an informational message will be generated
• if you're at least one minor versions behind, a warning will be generated
• if you're at least one major versions behind, an error will be generated

If you set the --force-pinned (and/or --force-dev-pinned) flag, unpinned dependencies will cause an error. If needed, you can completely ignoring packages. If you have a specific feature request, feel free to create an issue.

Usage

$ npm i -g check-david
$ check-david /absolute/path/to/package.json > check-david.xml
 
# or execute the script from your module directory: 
$ cd projects/awesome-stuff
$ check-david > check-david.xml  # uses the package.json in the current directory 

Unless an internal error occurred, check-david will always terminate with an exit code of zero. Use the mechanisms provided by your build system to fail if needed.

You can ignore patch and minor version updates by using the --level minor or --level major command line option, respectively. Not that this does not affect the severity of the generated messages.