Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

is-install-needed

Package Overview
Dependencies
Maintainers
1
Versions
4
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

is-install-needed

Tool to check if runnning npm/yarn install is necessary

  • 2.0.0
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
1
Maintainers
1
Weekly downloads
 
Created
Source

is-install-needed

GitHub license Build Status Coverage Dependencies

A simple devtool that tells you if you need to run install or not. It does so by checking if the lock file of your preferred package manager has changed. Supports the most popular package managers out there: npm, yarn and pnpm.

Installation

Install the is-install-needed package with your preferred package manager.

Add is-install-needed --postinstall to your postscript to automatically write a check file after install.

Usage

CLI

$ is-install-needed

It will automatically look for yarn.lock, package-lock.json and shrinkwrap.yaml when no preferred package manager is provided.

FlagAvailable optionsDescription
--prefernpm, yarn or pnpmPreferred package manager
--cwd<path>Current working directory
--postinstallPostinstall script

Programmatic API

Check if install is needed
import { isInstallNeeded } from 'is-install-needed';

async () => {
  const isNeeded = await isInstallNeeded();
  if (result) {
    console.error('You need to run install');
    process.exit(1);
  }
};
Find closest lock file
import { findClosestLockfile } from 'is-install-needed';

async () => {
  const lockfile = await findClosestLockfile();
  console.log(lockfile); // > /path/to/package/.yarn.lock
};

FAQs

Package last updated on 19 Oct 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List

Security News

Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List

MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.

By Sarah Gooding  -  Nov 22, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc