dependency-graph
Advanced tools
The dependency-graph npm package is a simple library for creating a directed graph of dependencies and performing operations on it. It allows for adding nodes and dependencies, detecting cycles, and performing depth-first searches among other functionalities. This package is particularly useful for managing and analyzing dependencies in software projects, ensuring that dependency structures are acyclic and well-organized.
Creating a Dependency Graph
This feature allows for the creation of a new dependency graph and the addition of nodes and dependencies between them. In the code sample, a graph is created, and two nodes, 'A' and 'B', are added with a dependency from 'A' to 'B'.
const { DepGraph } = require('dependency-graph');
const graph = new DepGraph();
graph.addNode('A');
graph.addNode('B');
graph.addDependency('A', 'B');Detecting Cycles
This feature checks if the dependency graph contains any cycles, which are sequences of dependencies that loop back on themselves. The code sample demonstrates how to check if the graph has any cycles.
const hasCycle = graph.hasCycle();Performing Depth-First Search
This feature performs a depth-first search to find all dependencies of a given node. The code sample shows how to find all dependencies of node 'A'. This is useful for understanding the full set of dependencies that a particular node or module relies on.
const dependenciesOfA = graph.dependenciesOf('A');Madge is a tool for generating a visual graph of module dependencies, also capable of finding circular dependencies. It is more focused on visualization and analysis of large codebases, making it a bit more comprehensive for those specific needs compared to dependency-graph.
Toposort is another npm package that focuses on sorting nodes in a directed graph topologically. While dependency-graph provides broad functionalities for managing and analyzing dependencies, toposort specializes in the sorting aspect, which is useful for determining the order of tasks or module loading.
Simple dependency graph
This is a simple dependency graph useful for determining the order to do a list of things that depend on certain items being done before they are.
To use, npm install dependency-graph and then require('dependency-graph').DepGraph
Nodes in the graph are just simple strings with optional data associated with them.
addNode(name, data) - add a node in the graph with optional data. If data is not given, name will be used as dataremoveNode(name) - remove a node from the graphhasNode(name) - check if a node exists in the graphsize() - return the number of nodes in the graphgetNodeData(name) - get the data associated with a node (will throw an Error if the node does not exist)setNodeData(name, data) - set the data for an existing node (will throw an Error if the node does not exist)addDependency(from, to) - add a dependency between two nodes (will throw an Error if one of the nodes does not exist)removeDependency(from, to) - remove a dependency between two nodesclone() - return a clone of the graph. Any data attached to the nodes will only be shallow-copieddependenciesOf(name, leavesOnly) - get an array containing the nodes that the specified node depends on (transitively). If leavesOnly is true, only nodes that do not depend on any other nodes will be returned in the array.dependantsOf(name, leavesOnly) (aliased as dependentsOf) - get an array containing the nodes that depend on the specified node (transitively). If leavesOnly is true, only nodes that do not have any dependants will be returned in the array.directDependenciesOf(name) - get an array containing the direct dependencies of the specified nodedirectDependantsOf(name) (aliased as directDependentsOf) - get an array containing the nodes that directly depend on the specified nodeoverallOrder(leavesOnly) - construct the overall processing order for the dependency graph. If leavesOnly is true, only nodes that do not depend on any other nodes will be returned.entryNodes() - array of nodes that have no dependants (i.e. nothing depends on them).Dependency Cycles are detected when running dependenciesOf, dependantsOf, and overallOrder and if one is found, a DepGraphCycleError will be thrown that includes what the cycle was in the message as well as the cyclePath property: e.g. Dependency Cycle Found: a -> b -> c -> a. If you wish to silence this error, pass circular: true when instantiating DepGraph (more below).
var DepGraph = require('dependency-graph').DepGraph;
var graph = new DepGraph();
graph.addNode('a');
graph.addNode('b');
graph.addNode('c');
graph.size() // 3
graph.addDependency('a', 'b');
graph.addDependency('b', 'c');
graph.dependenciesOf('a'); // ['c', 'b']
graph.dependenciesOf('b'); // ['c']
graph.dependantsOf('c'); // ['a', 'b']
graph.overallOrder(); // ['c', 'b', 'a']
graph.overallOrder(true); // ['c']
graph.entryNodes(); // ['a']
graph.addNode('d', 'data');
graph.getNodeData('d'); // 'data'
graph.setNodeData('d', 'newData');
graph.getNodeData('d'); // 'newData'
var circularGraph = new DepGraph({ circular: true });
circularGraph.addNode('a');
circularGraph.addNode('b');
circularGraph.addNode('c');
circularGraph.addNode('d');
circularGraph.addDependency('a', 'b');
circularGraph.addDependency('b', 'c'); // b depends on c
circularGraph.addDependency('c', 'a'); // c depends on a, which depends on b
circularGraph.addDependency('d', 'a');
circularGraph.dependenciesOf('b'); // ['a', 'c']
circularGraph.overallOrder(); // ['c', 'b', 'a', 'd']
1.0.0 (Dec 5, 2023)
Map/Set rather than using raw objects as pseudo-Maps/Sets. (Fixes #46)
Map/Set (which should be almost everything now in 2023).circular property is cloned during clone - thanks andrew-healey and tintinthong!FAQs
Simple dependency graph.
The npm package dependency-graph receives a total of 7,063,640 weekly downloads. As such, dependency-graph popularity was classified as popular.
We found that dependency-graph demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Malicious PyPI checkers validate stolen emails against TikTok and Instagram APIs, enabling targeted account attacks and dark web credential sales.
Security News
The Node.js TSC opted not to endorse a feature bounty program, citing concerns about incentives, governance, and project neutrality.
Research
Security News
A look at the top trends in how threat actors are weaponizing open source packages to deliver malware and persist across the software supply chain.