Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
check-peer-dependencies
Advanced tools
Checks peer dependencies of the current package. Offers solutions for any that are unmet.
Checks peer dependencies of the current NodeJS package. Offers solutions for any that are unmet.
This utility will recursively find all peerDependencies
in your project's dependencies
list.
It checks if you have installed a package that meets the required peer dependency versions.
If any peer dependencies are unmet, it will search for a compatible version to install.
Note: you must run npm install
or yarn
first in order to install all normal dependencies.
usage:
npx check-peer-dependencies [--yarn|--npm] [--install] [--help]
Options:
--help, -h Print usage information [boolean]
--version Show version number [boolean]
--yarn Use yarn package manager [boolean]
--npm Use npm package manager [boolean]
--install Install missing or incorrect peerDependencies [boolean]
If a package has a peerDependency that should be installed as a devDependency by,
it can list the package name in "peerDevDependencies".
This is not a standard and is only understood by this check-peer-dependencies
.
{
"name": "somepackage",
"peerDependencies": {
"react": "16.x",
"react-dom": "16.x",
"typescript": "~3.8.0",
"eslint": "*"
},
"peerDevDependencies": ["typescript", "eslint"]
}
~/projects/uirouter/sample-app-react master
❯ npx check-peer-dependencies
✅ All peer dependencies are met
~/projects/uirouter/angular-hybrid master ⇣
❯ npx check-peer-dependencies
❌ @uirouter/angular@5.0.0 requires @angular/router ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0 (@angular/router is not installed)
Searching for solutions:
yarn add @angular/router@8.2.10
❯ npx check-peer-dependencies
❌ @uirouter/angular@5.0.0 requires @angular/common ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0 (9.0.0-next.9 is installed)
❌ @uirouter/angular@5.0.0 requires @angular/core ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0 (9.0.0-next.9 is installed)
❌ @uirouter/angular@5.0.0 requires @angular/router ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0 (9.0.0-next.9 is installed)
Searching for solutions:
❌ Unable to find a version of @angular/common that satisfies the following peerDependencies: 9.0.0-next.9 and ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0
❌ Unable to find a version of @angular/core that satisfies the following peerDependencies: 9.0.0-next.9 and ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0
yarn upgrade @angular/router@8.2.10
2.0.6 (2020-09-20)
Compare check-peer-dependencies
versions 2.0.5 and 2.0.6
FAQs
Checks peer dependencies of the current package. Offers solutions for any that are unmet.
The npm package check-peer-dependencies receives a total of 5,695 weekly downloads. As such, check-peer-dependencies popularity was classified as popular.
We found that check-peer-dependencies demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.