check-dependency-version-consistency
Advanced tools
Ensures dependencies are on consistent versions across a monorepo.
This plugin checks to ensure that dependencies are on consistent versions across a monorepo / yarn workspace. For example, every package in a workspace that has a dependency on eslint should specify the same version for it.
To install:
yarn add --dev check-dependency-version-consistency
To run, use this command and optionally pass the path to the workspace root:
yarn check-dependency-version-consistency .
This can be incorporated as one of your package.json lint scripts like this:
{
"lint": "npm-run-all --continue-on-error --aggregate-output --parallel lint:*",
"lint:dependency-versions": "check-dependency-version-consistency .",
"lint:js": "eslint . --cache",
}
If there are no dependency mismatches, the program will exit with success.
If there are any dependency mismatches, the program will exit with failure and output the mismatching versions:
Found 2 dependencies with mismatching versions across the workspace. Fix with `--fix`.
╔════════╤════════╤═════════════════════════════╗
║ eslint │ Usages │ Packages ║
╟────────┼────────┼─────────────────────────────╢
║ ^8.0.0 │ 1 │ @some-scope/package-name ║
╟────────┼────────┼─────────────────────────────╢
║ ^7.0.0 │ 5 │ foo, bar, baz, and 2 others ║
╚════════╧════════╧═════════════════════════════╝
╔═════════╤════════╤════════════════════════════════════════╗
║ globby │ Usages │ Packages ║
╟─────────┼────────┼────────────────────────────────────────╢
║ ^11.0.0 │ 2 │ packages/hello-world, packages/foo-bar ║
╟─────────┼────────┼────────────────────────────────────────╢
║ ^7.1.1 │ 1 │ packages/my-favorite-package ║
╚═════════╧════════╧════════════════════════════════════════╝
| Name | Description |
|---|---|
--fix | Whether to autofix inconsistencies (using highest version present). |
--ignore-dep | Dependency to ignore mismatches for (option can be repeated). |
FAQs
Ensures dependencies are on consistent versions across a monorepo.
The npm package check-dependency-version-consistency receives a total of 75,925 weekly downloads. As such, check-dependency-version-consistency popularity was classified as popular.
We found that check-dependency-version-consistency demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.