Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@alcalzone/pak

Package Overview
Dependencies
Maintainers
1
Versions
15
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@alcalzone/pak

Programmatic wrapper around popular Node.js package managers

  • 0.3.0
  • Source
  • npm
  • Socket score

Version published
Maintainers
1
Created
Source

pak

Programmatic wrapper around popular Node.js package managers

Roadmap:

  • npm
  • yarn 1

Usage

Auto-detect the correct package-manager to use

import { detectPackageManager } from "pak";

async function main() {
	// Use the current working directory
	const pak = await detectPackageManager();

	// Or use a different directory. The package manager will default to that dir
	const pak = await detectPackageManager("/path/to/dir");
}

Create an instance of a specific package manager

import { packageManagers } from "pak";
const pak = new packageManagers.npm();

Package manager properties

All package managers share the following properties:

PropertyTypeDescription
cwdstringThe directory to run the package manager commands in. Defaults to process.cwd()
loglevel"info" | "verbose" | "warn" | "error" | "silent"Which loglevel to pass to the package manager. Note: Not every package manager supports every loglevel.
stdoutWritableStreamA stream to pipe the command's stdout into.
stderrWritableStreamA stream to pipe the command's stderr into.
stdallWritableStreamA stream to pipe the command's stdout and stderr into in the order the output comes.

Install one or more packages

const result = await pak.install(packages, options);
  • packages is an array of package specifiers, like ["pak", "fs-extra"] or ["semver@1.2.3"]
  • options: See common options for details.

Uninstall one or more packages

const result = await pak.uninstall(packages, options);
  • packages is an array of package specifiers, like ["pak", "fs-extra"] or ["semver@1.2.3"]
  • options: See common options for details.

Update one or more packages

const result = await pak.update(packages, options);
  • packages is an array of package names, like ["pak", "fs-extra"]. If no packages are given, all packages in the current workspace are updated.
  • options: See common options for details.

Recompile native packages

const result = await pak.rebuild(packages, options);
  • packages is an array of package names, like ["pak", "fs-extra"]. If no packages are given, all packages in the current workspace are rebuilt.
  • options: See common options for details.

Pin transitive dependencies to a fixed version

const result = await pak.overrideDependencies(overrides);
  • overrides is an object of packages and exact versions, like {"pak": "1.2.3"}

Sometimes it is necessary to update transitive dependencies, meaning dependencies of dependencies. This command changes all occurences of the given overridden dependencies in the current node_modules tree so that the packages have the specified versions. How it works depends on the package manager:

  • yarn uses the built-in "resolutions" property for package.json
  • npm patches the root package-lock.json and package.json for all dependents of the overridden packages

Note: This command does not support version ranges and it does not check whether the overrides are compatible with the version specified in package.json.

Result object

The returned value is an object with the following properties:

interface CommandResult {
	/** Whether the command execution was successful */
	success: boolean;
	/** The exit code of the command execution */
	exitCode: number;
	/** The captured stdout */
	stdout: string;
	/** The captured stderr */
	stderr: string;
}

Common options

These options are used to influence the commands' behavior. All options are optional:

OptionTypeDescriptionDefaultCommands
dependencyType"prod" | "dev"Whether to install a production or dev dependency."prod"all
globalbooleanWhether to install the package globally.falseall
exactbooleanWhether exact versions should be used instead of "^ver.si.on".falseinstall

Find the nearest parent directory with a package.json

await pak.findRoot();
await pak.findRoot("lockfile.json");

Returns a string with a path to the nearest parent directory (including cwd) that contains a package.json (and a lockfile if one was specified). Throws if none was found.

Stream the command output

You can stream the command output (stdout, stderr or both) during the command execution, as opposed to getting the entire output at the end. To do so, set the stdout, stderr and/or stdall properties of the package manager instance to a writable stream. Example:

import { PassThrough } from "stream";
import { packageManagers } from "../../src/index";

const pak = new packageManagers.npm(); // or the automatically detected one
pak.stdall = new PassThrough().on("data", (data) => {
	// For example, log to console - or do something else with the data
	console.log(data.toString("utf8"));
});

// execute commands

Get the version of the package manager

const version = await pak.version();

Returns a string with the package manager's version.

FAQs

Package last updated on 26 Apr 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc