npm-logical-tree
Advanced tools
npm-logical-tree is a Node.js
library that takes the contents of a package.json and package-lock.json (or
npm-shrinkwrap.json) and returns a nested tree data structure representing the
logical relationships between the different dependencies.
$ npm install npm-logical-tree
const fs = require('fs')
const logicalTree = require('npm-logical-tree')
const pkg = require('./package.json')
const pkgLock = require('./package-lock.json')
logicalTree(pkg, pkgLock)
// returns:
LogicalTree {
name: 'npm-logical-tree',
version: '1.0.0',
address: null,
optional: false,
dev: false,
bundled: false,
resolved: undefined,
integrity: undefined,
requiredBy: Set { },
dependencies:
Map {
'foo' => LogicalTree {
name: 'foo',
version: '1.2.3',
address: 'foo',
optional: false,
dev: true,
bundled: false,
resolved: 'https://registry.npmjs.org/foo/-/foo-1.2.3.tgz',
integrity: 'sha1-rYUK/p261/SXByi0suR/7Rw4chw=',
dependencies: Map { ... },
requiredBy: Set { ... },
},
...
}
}
The npm team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The Contributor Guide has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear.
All participants and maintainers in this project are expected to follow Code of Conduct, and just generally be excellent to each other.
Please refer to the Changelog for project history details, too.
Happy hacking!
> logicalTree(pkg, lock) -> LogicalTreeCalculates a logical tree based on a matching package.json and
package-lock.json pair. A "logical tree" is a fully-nested dependency graph
for an npm package, as opposed to a physical tree which might be flattened.
logical-tree will represent deduplicated/flattened nodes using the same object
throughout the tree, so duplication can be checked by object identity.
const pkg = require('./package.json')
const pkgLock = require('./package-lock.json')
logicalTree(pkg, pkgLock)
// returns:
LogicalTree {
name: 'npm-logical-tree',
version: '1.0.0',
address: null,
optional: false,
dev: false,
bundled: false,
resolved: undefined,
integrity: undefined,
requiredBy: Set { },
dependencies:
Map {
'foo' => LogicalTree {
name: 'foo',
version: '1.2.3',
address: 'foo',
optional: false,
dev: true,
bundled: false,
resolved: 'https://registry.npmjs.org/foo/-/foo-1.2.3.tgz',
integrity: 'sha1-rYUK/p261/SXByi0suR/7Rw4chw=',
requiredBy: Set { ... },
dependencies: Map { ... }
},
...
}
}
> logicalTree.node(name, [address, [opts]]) -> LogicalTreeManually creates a new LogicalTree node.
opts.version - version of the node.opts.optional - is this node an optionalDep?opts.dev - is this node a devDep?opts.bundled - is this bundled?opts.resolved - resolved address.opts.integrity - SRI string.logicalTree.node('hello', 'subpath:to:@foo/bar', {dev: true})
FAQs
Calculate 'logical' trees from a package.json + package-lock
The npm package npm-logical-tree receives a total of 64,890 weekly downloads. As such, npm-logical-tree popularity was classified as popular.
We found that npm-logical-tree demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.