Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

unused-package

Package Overview
Dependencies
Maintainers
1
Versions
11
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

unused-package

unused-package is a dependency analysing tool which lets you know which packages are not being used or if package is devDependency but installed as normal dependency

  • 1.1.1
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
39
increased by95%
Maintainers
1
Weekly downloads
 
Created
Source

unused-package

unused-package is a dependency analysing tool which lets you know which packages are not being used or if package is devDependency but installed as normal dependency

Installation

Using npm

npm install unused-package --save-dev

Using yarn

yarn add --dev unused-package 

Usage

create a file named unused.js with below code

const check = require("unused-package");

check({ entries: ['entry path to your code'] }).then((res) => {
  console.log(res) // list of packages returned by library
});

Example:
//for react projects
check({ entries: ['src'] }).then((res) => {
  console.log(res)
});

//for next.js projects
check({ entries: ['pages','src','components','next.config.js'] }).then((res) => {
  console.log(res)
});

Note:

  • if your code has mutiple entry paths, you can pass all entry points as array form to entries parameter
  • library returns the list of packages in array format. listed packages maybe not being used in code, or if devDependency is installed as normal dependency.

Include unused.js file in your build script to check for extra packages before every build step in package.json

Example:
//for react projects
"scripts":{
   "build": " node unused.js && react-scripts build",
}
//for next.js projects
"scripts":{
   "build": " node unused.js && next build",
}

Note: Currently package is still in initial phase and if library returns and false positives please feel free to open an issue

Keywords

FAQs

Package last updated on 29 Jul 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc