installed-check

Verifies that installed modules comply with the requirements specified in package.json.

By default checks engine ranges, peer dependency ranges and installed versions and, in mono-repos using workspaces, by default checks all workspaces as well as the workspace root.

Usage

Command line

npm install -g installed-check

Then run it at the root of your project to validate the installed dependencies:

installed-check

As npm script

npm install --save-dev installed-check

"scripts": {
  "test": "installed-check"
}

Programmatic use

Use installed-check-core

Checks

• --engine-check / -e – if set installed-check will check that the installed modules doesn't have stricter engines ranges than those in the package.json and suggests an alternative requirement if they do. If set, the default checks will be overriden.
• --peer-check / -p – if set installed-check will check that the installed modules doesn't have stricter peerDependencies ranges than those in the package.json and suggests an alternative requirement if they do. If set, the default checks will be overriden.
• --version-check / -c – if set installed-check will check that the installed modules comply with the version requirements set for them the package.json. If set, the default checks will be overriden.

Check options

• --ignore ARG / -i ARG – excludes the named dependency from non-version checks. Supports picomatch globbing syntax, eg. @types/* (but be sure to provide the pattern in a way that avoids your shell from matching it against files first)
• --ignore-dev / -d – if set then dev dependencies won't be included in the non-version checks.
• --strict / -s – treats warnings as errors

Fix options

• --fix – tries to apply all suggestions and write them back to disk

Workspace options

• --no-include-workspace-root – excludes the workspace root package. Negated equivalent of npm's --include-workspace-root
• --no-parent-workspace – disables automatic detection and use of parent workspace root for module resolution
• --no-workspaces – excludes workspace packages. Negated equivalent of npm's --workspaces
• --workspace=ARG / -w ARG – excludes all workspace packages not matching these names / paths. Equivalent to npm's --workspace / -w
• --workspace-ignore=ARG – excludes the specified paths from workspace lookup. (Supports globs)

Nested workspace support

When running installed-check within a workspace that is part of a larger monorepo (e.g., when using git subtree or working in a nested monorepo structure), the tool will automatically detect the parent workspace root and include modules from the parent's node_modules directory. This ensures that dependencies hosted at the monorepo root level are properly detected and checked.

This behavior is automatic when:

• No explicit workspace filters are provided (--workspace)
• The --no-parent-workspace flag is not used

For example, if you have a structure like:

/parent-monorepo
  /node_modules (shared dependencies)
  /packages
    /my-workspace
      /package.json

Running installed-check in /parent-monorepo/packages/my-workspace will automatically detect the parent monorepo and check dependencies from both the workspace and the parent's node_modules.

You can also explicitly specify a path to a workspace within a monorepo, and parent workspace detection will still work:

To disable this behavior, use the --no-parent-workspace flag.

Additional command line options

• --debug – prints debug info
• --verbose / -v – prints warnings and notices
• --help / -h – prints help and exits
• --version – prints current version and exits

Examples

The repository includes practical examples demonstrating installed-check usage:

• Basic Example – Simple project showing engine range validation
• Monorepo Example – Workspace root with dependency issues
• Workspace Example – Individual workspace with parent workspace detection

Similar modules

• knip – finds unused files, dependencies and exports in your JavaScript and TypeScript projects – a great companion module to installed-check