# @os-tools/npm-dependency-tree

This tool's main purpose is to scan an npm project's dependency tree for Oracle Open Source Compliance.  

## Install
1. Download and install nodejs from https://nodejs.org (LTS version is preferred).
2. `npm install -g --registry https://npm.bodicsek.host @os-tools/npm-dependency-tree`

## Usage
If you run it with the single required parameter `--package` then the result is (only packages eligible for compliance are shown):
```
$ npm-dependency-tree --package ./package.json 

name,version,root,parent,type,audit,expiry date,registered version,registered expiry date,last expired version,last expired expiry date
node-fetch,2.6.1,,,dependency,n/a,,,,,
yargs,16.2.0,,,dependency,n/a,,,,,
@types/node,14.14.41,,,devDependency,n/a,,,,,
@types/node-fetch,2.5.10,,,devDependency,n/a,,,,,
@types/yargs,16.0.1,,,devDependency,n/a,,,,,
ts-node,9.1.1,,,devDependency,n/a,,,,,
typescript,4.2.4,,,devDependency,n/a,,,,,
```

If you want audit results then run:
```
$ npm-dependency-tree --package ./package.json --audit

name,version,root,parent,type,audit,expiry date,registered version,registered expiry date,last expired version,last expired expiry date
@types/node-fetch,2.5.10,,,devDependency,not found,,,,,
@types/yargs,16.0.1,,,devDependency,not found,,,,,
@types/node,14.14.41,,,devDependency,not registered,,14.0.23,2022-07-30,7.0.67,2020-10-09
yargs,16.2.0,,,dependency,registered,2022-12-30,16.2.0,2022-12-30,4.8.1,2020-10-09
node-fetch,2.6.1,,,dependency,registered,2022-09-29,2.6.1,2022-09-29,2.5.0,2020-05-14
ts-node,9.1.1,,,devDependency,registered,2022-12-30,9.1.1,2022-12-30,7.0.1,2020-09-03
typescript,4.2.4,,,devDependency,not registered,,4.2.3,2023-03-30,2.5.2,2020-10-09
```

To get a sense of all the features run:
```
$ npm-dependency-tree --help

Options:
  --version  Show version number                                       [boolean]
  --package  The full or relative path to the package.json file
                                                             [string] [required]
  --format   Possible values are 'tree' and 'csv'      [string] [default: "csv"]
  --filter   Possible values are 'none' and 'oracle'[string] [default: "oracle"]
  --audit    Open Source Compliance Service audit     [boolean] [default: false]
  --help     Show help                                                 [boolean]
```