A tool for tracing recursive dependency trees asynchronously.
Create an instance of Deptrace to trace your dependencies.
const tracer = new Deptrace({
depsFor: function (input) {
// extract dependencies from something into an array of objects
},
lookup: function (dep, parents) {
// resolve an individual dependency into a dependency object
},
format: function (input, deps) {
// format the result of a dependency after it's associated deps
}
});
Receives an object and must return a promise yielding an array of its dependencies.
Type: Function
Default: null
Example extracting an array of dependencies from the contents of a package.json file.
const Deptrace = require('./');
const archy = require('archy');
const promise = require('bluebird');
const tracer = new Deptrace({
depsFor: function (input) {
var deps = input.dependencies || [];
return promise.resolve(Object.keys(deps).map(function(depName) {
return {
name: depName,
version: deps[depName]
};
}))
}
});
tracer.graph(require('./package.json')).then(function (graph) {
console.log(archy(graph));
});
Receives each dependency gathered by depsFor, as well as an array of all parent dependencies. Must return a promise. This method is optional and can be used to resolve a more detailed version of a dependency. (e.g. converting the named of the dependency in package.json to the actual package.json of that dependency).
Here is a naive example which can trace dependencies for any npm module for which all dependencies are on github:
const Deptrace = require('./');
const archy = require('archy');
const githubUrlFromGit = require('github-url-from-git');
const promise = require('bluebird');
const request = promise.promisify(require('request').get);
const tracer = new Deptrace({
depsFor: Deptrace.packageJson('dependencies'),
lookup: function (dep, parents) {
return request('http://registry.npmjs.org/'+dep.name).
get(1).
then(JSON.parse).
then(function(pkg) {
return [
'https://raw.githubusercontent.com',
url.parse(githubUrlFromGit(pkg.repository.url)).path,
'/master/package.json'
].join('');
}).
then(request).
get(1).
then(JSON.parse);
},
format: function (input, deps) {
return promise.resolve({
label: input.name,
nodes: deps
});
}
});
var requestPkg = require('./node_modules/request/package.json');
tracer.graph(requestPkg).then(function (graph) {
console.log(archy(graph));
});
This method can be used to format the result for each node of the dependency after all of its dependencies have been resolved.
The default implementation (show in the example above) formats the dependency tree to be compatible with archy (as follows):
{
label: 'parent',
nodes: [
{
label: 'child'
nodes: [
{
label: 'subchild'
nodes: []
}
]
}
]
}
This helper can be used to generate a depsFor method that will extract dependencies from package.json files under the provided key. See example for opts.lookup(deps, parents).
FAQs
Trace and format recursive dependency trees asynchronously.
The npm package deptrace receives a total of 0 weekly downloads. As such, deptrace popularity was classified as not popular.
We found that deptrace demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.