Home Explore Help
Sign In
bodicsek
/
npm-dependency-tree
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki

A cli tool to create reports about the used 3rd party dependencies in an npm project.

Branch: master
Branches Tags
npm-dependency-...
bodicsek b7c316ef29 2.1.1 4 years ago
.vscode 54f786e1ad Adding vscode settings 4 years ago
bin f313a05fb3 Fixing bin/cli.js require 4 years ago
.gitignore a8857dc6ce Adding audit request to filtered nodes 4 years ago
.npmignore f4111187a3 Fixing .npmignore 4 years ago
LICENSE 7d260eafcb Adding LICENSE and README 4 years ago
README.md d4ef44a3eb Fixing README.md 4 years ago
dependency-tree.ts d54c4eb50a Fixing oracle filter 4 years ago
package-lock.json b7c316ef29 2.1.1 4 years ago
package.json b7c316ef29 2.1.1 4 years ago
tsconfig.json c971abb6f2 Initial commit 4 years ago

README.md

@os-tools/npm-dependency-tree

This tool's main purpose is to scan an npm project's dependency tree for Oracle Open Source Compliance.

Install

  1. Download and install nodejs from https://nodejs.org (LTS version is preferred).
  2. npm install -g --registry https://npm.bodicsek.host @os-tools/npm-dependency-tree

Usage

If you run it with the single required parameter --package then the result is (only packages eligible for compliance are shown):

$ npm-dependency-tree --package ./package.json 

name,version,root,parent,type,audit,expiry date,registered version,registered expiry date,last expired version,last expired expiry date
node-fetch,2.6.1,,,dependency,n/a,,,,,
yargs,16.2.0,,,dependency,n/a,,,,,
@types/node,14.14.41,,,devDependency,n/a,,,,,
@types/node-fetch,2.5.10,,,devDependency,n/a,,,,,
@types/yargs,16.0.1,,,devDependency,n/a,,,,,
ts-node,9.1.1,,,devDependency,n/a,,,,,
typescript,4.2.4,,,devDependency,n/a,,,,,

If you want audit results then run:

$ npm-dependency-tree --package ./package.json --audit

name,version,root,parent,type,audit,expiry date,registered version,registered expiry date,last expired version,last expired expiry date
@types/node-fetch,2.5.10,,,devDependency,not found,,,,,
@types/yargs,16.0.1,,,devDependency,not found,,,,,
@types/node,14.14.41,,,devDependency,not registered,,14.0.23,2022-07-30,7.0.67,2020-10-09
yargs,16.2.0,,,dependency,registered,2022-12-30,16.2.0,2022-12-30,4.8.1,2020-10-09
node-fetch,2.6.1,,,dependency,registered,2022-09-29,2.6.1,2022-09-29,2.5.0,2020-05-14
ts-node,9.1.1,,,devDependency,registered,2022-12-30,9.1.1,2022-12-30,7.0.1,2020-09-03
typescript,4.2.4,,,devDependency,not registered,,4.2.3,2023-03-30,2.5.2,2020-10-09

To get a sense of all the features run:

$ npm-dependency-tree --help

Options:
  --version  Show version number                                       [boolean]
  --package  The full or relative path to the package.json file
                                                             [string] [required]
  --format   Possible values are 'tree' and 'csv'      [string] [default: "csv"]
  --filter   Possible values are 'none' and 'oracle'[string] [default: "oracle"]
  --audit    Open Source Compliance Service audit     [boolean] [default: false]
  --help     Show help                                                 [boolean]