lock-verify

Report if your package.json is out of sync with your package-lock.json.

2.0.0
Source
npm

Version published: 7 years ago

Weekly downloads: 101K; decreased by-8.09%

Maintainers: 1

Weekly downloads

Created: 7 years ago

Source

lock-verify

Report if your package.json is out of sync with your package-lock.json.

USAGE

Call it with no arguments to verify the current project's lock file. Errors are printed out to stdout and the status code set to 1.

$ npx lock-verify
Invalid: lock file's example@2.1.0 does not satisfy example@^1.1.0
Errors found
$

Call it with a path to a project to verify that project's lock file. If there are no errors, it prints nothing and the status code is 0.

$ npx lock-verify /path/to/my/project
$

OR AS A LIBRARY

const lockVerify = require('lock-verify')
lockVerify(moduleDir).then(result => {
  result.warnings.forEach(w => console.error('Warning:', w))
  if (!result.status) {
    result.errors.forEach(e => console.error(e))
    process.exit(1)
  }
})

As a library it's a function that takes the path to a module and returns a promise that resolves to an object with .status, .warnings and .errors properties. The first will be true if everything was ok (though warnings may exist). If there's no package.json or no lockfile in moduleDir or they're unreadable then the promise will be rejected.

FAQs

What is lock-verify?

Is lock-verify popular?

Is lock-verify well maintained?

Package last updated on 15 Feb 2018

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

lock-verify

lock-verify

USAGE

OR AS A LIBRARY

Related posts

Roblox Developers Targeted with npm Packages Infected with Skuld Infostealer and Blank Grabber

vlt Debuts New JavaScript Package Manager and Serverless Registry at NodeConf EU