Security News
OpenJS: “XZ Utils Cyberattack Likely Not an Isolated Incident”
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.
@depcheck-rs-npm/core
Advanced tools
Weekly downloads
Readme
Depcheck is a tool for analyzing the dependencies in a project to see: how each dependency is used, which dependencies are useless, and which dependencies are missing from package.json
.
It is a port of original depcheck. It uses swc for parsing.
npm install @depcheck-rs-npm/core
Or use rust to install depcheck-rs cli:
cargo install depcheck-rs-cli
Depcheck not only recognizes the dependencies in JavaScript files, but also supports these syntaxes:
USAGE:
depcheck-rs [OPTIONS]
OPTIONS:
-d, --directory <DIRECTORY>
The directory argument is the root directory of your project [default: .]
-h, --help
Print help information
--ignore-bin-package
A flag to indicate if depcheck ignores the packages containing bin entry
--ignore-path <IGNORE_PATH>
Path to a file with patterns describing files to ignore
--ignore-patterns <IGNORE_PATTERNS>
Comma separated patterns describing files or directories to ignore
--ignore_matches <IGNORE_MATCHES>
A comma separated array containing package names to ignore
-q, --quiet
Less output per occurrence
--skip-missing
A flag to indicate if depcheck skips calculation of missing dependencies
-v, --verbose
More output per occurrence
-V, --version
Print version information
import {depcheck} from "@depcheck-rs-npm/core";
const options = {
ignoreBinPackage: false, // ignore the packages with bin entry
skipMissing: false, // skip calculation of missing dependencies
ignorePatterns: [
// files matching these patterns will be ignored
'sandbox',
'dist',
'bower_components',
],
ignoreMatches: [
// ignore dependencies that matches these globs
'grunt-*',
],
ignorePath: '/path/to/your/.depcheckignore',
};
depcheck('/path/to/your/project', options).then((result) => {
console.log(result.unusedDependencies); // an array containing the unused dependencies
console.log(result.unusedDevDependencies); // an array containing the unused devDependencies
console.log(result.missingDependencies); // a lookup containing the dependencies missing in `package.json` and where they are used
console.log(result.usingDependencies); // a lookup indicating each dependency is used by which files
});
MIT License.
FAQs
Depcheck is a tool for analyzing the dependencies in a project to see: how each dependency is used, which dependencies are useless, and which dependencies are missing from `package.json`. It is a port of original [depcheck](https://github.com/depcheck/dep
The npm package @depcheck-rs-npm/core receives a total of 0 weekly downloads. As such, @depcheck-rs-npm/core popularity was classified as not popular.
We found that @depcheck-rs-npm/core demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.
Company News
Come meet the Socket team at BSidesSF and RSA! We're sponsoring several fun networking events and we would love to see you there.
Security News
OSI is starting a conversation aimed at removing the excuse of the SaaS loophole for companies navigating licensing and the complexities of doing business with open source.