npm-package-scanner
Scan npm packages and get their package.json, get license and other information, indicate the possible impact on the project.
Installation
npm install npm-package-scanner -g
Usage
via bash
# help npm-package-scanner --help # use npm-package-scanner <package-name> npm-package-scanner --package /path/to/package.json --file output.jsonnpm-package-scanner --lock /path/to/package-lock.json --file output.jsonnpm-package-scanner --yarn /path/to/yarn.lock --file output.json
via javascript
const Scanner Reader = // default configconst scanner = logger: console development: true optional: false peer: false debug: false registry: 'https://registry.npmjs.org' depth: 1 cache: null // namescanner // package.jsonconst file = fsscanner // package-lock.jsonconst file = fsscanner // yarn.lockconst file = fsscanner
cache option
cache
is a cache instance, you can pass in any cache system that implements the get
and set
interfaces, such as LRU.
format
"<dependence-name>@<version>": "name": "name" "version": "1.0.0" "message": "success" "license": "MIT" "package": /* package.json content */ "dependencies": /* if any */ "devDependencies": /* if any */ "optionalDependencies": /* if any */ "peerDependencies": /* if any */
License
ISC