![Oracle Drags Its Feet in the JavaScript Trademark Dispute](https://cdn.sanity.io/images/cgdhsj6q/production/919c3b22c24f93884c548d60cbb338e819ff2435-1024x1024.webp?w=400&fit=max&auto=format)
Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
dependency-lint
Advanced tools
Lints your NPM dependencies
and devDependencies
reporting which node modules are
dependencies
or devDependencies
dependencies
or devDependencies
dependencies
to devDependencies
or vice versanpm install dependency-lint
On the command line:
dependency-lint
dependency-lint
compares the node modules listed in your package.json
and
the node modules it determines are used. A node module is used if:
package.json
or in a shell scriptSince this does not cover all the possible ways that a node module can be used,
dependency-lint
can be configured
to ignore specific errors. Please create an
issue
anytime you need to use this, so we can discuss new ways to determine if and
how a node module is used.
Please see here for an explanation of all the options.
Custom configuration should be placed at dependency-lint.yml
in your project directory.
You can create a configuration file by running
dependency-lint --generate-config
Any options not set in your configuration file will be given there default value.
4.0.0 (2016-03-27)
BREAKING CHANGES
ignoreErrors
configuration option
allowUnused
to ignoreErrors.unused
devFilePatterns
-> requiredModules.files.dev
devScripts
-> executedModules.npmScripts.dev
filePattern
-> requiredModules.files.root
ignoreFilePatterns
-> requiredModules.files.ignore
stripLoaders
-> requiredModules.stripLoaders
transpilers
-> requiredModules.transpilers
Updates
version
as to default devScripts
devFilePatterns
npm
registryFAQs
Lints package.json dependencies and devDependencies
We found that dependency-lint demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
Security News
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
Security News
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.