New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket

check-kit

Package Overview
Dependencies
Maintainers
1
Versions
10
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

check-kit

Checks if a newer version is available for command line interfaces

  • 1.2.1
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
4.7K
increased by35.06%
Maintainers
1
Weekly downloads
 
Created
Source

check-kit

NPM Version NPM Downloads Deps Dev Deps

Checks if a newer version is available for command line interfaces.

It is designed to be extremely easy to use and for CLI's that want to be in control.

What check-kit does:

  • Checks if there is a new version available
  • Checks version for a specific dist tag
  • Fetches latest version from npm based on time interval
  • Persists the update metadata
  • Supports HTTP proxies

What check-kit does not do:

  • Display a message when a new version is available, that's up to you how you want it formatted

Installation

npm install check-kit --save

Example

Basic usage:

import check from 'check-kit';

(async () => {
    const { current, distTag, name, latest, updateAvailable } = await check();

    console.log(`Current version of package ${name} is ${current}`);

    if (updateAvailable) {
        console.log(`There is a new version available! ${current} -> ${latest}`);
    } else {
        console.log(`Version ${current} is the latest`);
    }
})();

If you know where the package.json is, you can pass it in:

const result = await check({
    pkg: require('./package.json')
});

By default, check-kit will store update metadata in /tmp/check-kit directory. You can override the directory, but not the metadata filename, by passing in the metadata directory:

const result = await check({
    metaDir: `${os.homedir()}/myapp/update`
});

API

async check(opts)

Checks if the specified package has a newer version available.

opts and all options are optional.

OptionTypeDefaultDescription
opts.applyOwnerBooleantrueWhen true, determines the owner of the closest existing parent directory and apply the owner to the file and any newly created directories.
opts.caFileStringA path to a PEM-formatted certificate authority bundle.
opts.certFileStringA path to a client cert file used for authentication.
opts.checkIntervalNumber3600000The amount of time in milliseconds before checking for an update. Defaults to 1 hour.
opts.cwdString"."The current working directory used to locate the package.json if opts.pkg is not specified.
opts.distTagString"latest"The tag to check for the latest version.
opts.forceBooleanfalseForces an update check.
opts.keyFileStringA path to a private key file used for authentication.
opts.metaDir String"/tmp/check-kit/"The directory to store package update information. The filename is derived by the package name and the dist tag.
opts.pkgObject | StringThe parsed package.json, path to the package.json file, or falsey and it will scan parent directories looking for a package.json.
opts.proxyStringA proxy server URL. Can be http or https.
opts.registryUrlStringThe npm registry URL. By default, it will autodetect the URL based on the package name/scope.
opts.strictSSLBooleantrueWhen falsey, disables TLS/SSL certificate validation for both https requests and https proxy servers.
opts.timeoutNumber1000The number of milliseconds to wait to query npm before timing out.

Returns a Promise that resolves the following:

PropertyTypeDescription
currentStringThe current version from the package.json.
distTagStringThe dist tag used to check the version.
lastCheckNumberThe timestamp the last check occurred.
latestString | nullThe latest version returned from the registry or null if the package is not found.
nameStringThe package name.
updateAvailableBooleanValue is true if a new version is available.

Metadata file

The metadata file contains information about the package and whether an update is available based on the last check.

You can override the directory where the metadata file is stored, but you cannot override the metadata filename. The filename is derived from the package name and the distribution tag. For example, the package @foo/bar would resolve the filename @foo-bar-latest.json.

Comparison

check-kitupdate-notifierupdate-check
Version1.7.15.1.01.5.4
Default check interval1 hour24 hours1 hour
Update check methodAsync/awaitSubprocessAsync/await
Notify of updates immediately:white_check_mark::x::white_check_mark:
Persist update available:white_check_mark::white_check_mark::white_check_mark:
User-defined persistance directory:white_check_mark::x::x:
Specify dist tag:white_check_mark::white_check_mark::white_check_mark:
Specify package.json as object:white_check_mark::white_check_mark::white_check_mark:
Specify package.json as path:white_check_mark::x::x:
Automatically find package.json:white_check_mark::x::x:
HTTP proxy support:white_check_mark::x::x:
Force check for updates:white_check_mark::x::x:
Automatic registry URL discovery:white_check_mark::white_check_mark::white_check_mark:
Custom registry URL:white_check_mark::x::x:
Registry auth token support:white_check_mark::white_check_mark::white_check_mark:
Continuous integration check skip:white_check_mark::white_check_mark::x:
NODE_ENV=test check skip:white_check_mark::white_check_mark::x:
NO_UPDATE_NOTIFIER=1 check skip:white_check_mark::white_check_mark::x:
Graceful offline support:white_check_mark::white_check_mark::x:
Apply correct owner when sudo:white_check_mark::x::x:
Type of semver update label:x::white_check_mark::x:
Renders update available message:x::white_check_mark::x:
Persisted opt-out setting:x::white_check_mark::x:
LicenseApache 2BSD 2-clauseMIT

This project is open source under the Apache Public License v2 and is developed by Axway, Inc and the community. Please read the LICENSE file included in this distribution for more information.

Keywords

FAQs

Package last updated on 09 Jun 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc