0.5.0 • Published 5 years ago

freeze-deps v0.5.0

Weekly downloads
1
License
MIT
Repository
github
Last release
5 years ago

freeze-deps

All Contributors NPM JavaScript Style Guide

Using package-lock.json, determine the current installed version of the dependencies and replace it in package.json with the exact version.

I created this module to avoid manually having to freeze dependencies in package.json for big JS apps. Currently, there is no restriction towards how the developers of a certain package handle versioning, projects can easily break if one dependency upgrades a minor or patch but should have been a major. I intended this module to be used on big projects where refactoring based on a small dependency can consume serious resources.

Usage

Terminal

# Default (takes package.json and package-lock.json from the current root directory).
npx freeze-deps

# Optional pass arguments
npx freeze-deps -j <path/to/package.json> -l <path/to/package-lock.json>
npx freeze-deps -json <path/to/package.json> -lock <path/to/package-lock.json>

Alternatively

npm install -g freeze-deps
freeze-deps <args>

Options

You can get this list by running npx freeze-deps --help.

Node

npm install --save freeze-deps
import { freezeDeps } from 'freeze-deps';

const packageJSON = {
  dependencies: {}
};
const packageLock = {
  dependencies: {}
};

try {
  const newPackageJSON = freezeDeps(packageJSON, packageLock);
} catch (ex) {
  console.error(ex);
}

Example

# project-root-dir/package.json
{ dependencies: { react: "^16.0.0" } }

# project-root-dir/package-lock.json
{ dependencies: { react: { version: "16.1.0" } } }

npx freeze-deps
# same as: npx freeze-deps -j ./package.json -l ./package-lock.json
# 
# project-root-dir/package.json
{ dependencies: { react: "16.1.0" } }

Next

  1. Instead of freezing to an exact version, add another argument that allow adding a patch ("~") prefix. E.g. from the example at the top, "react": "~16.1.0".
  2. Allow changing not only dependencies but peer and dev dependencies. Added in v0.5.0.
  3. Allow passing json formatting arguments. E.g. "spaces".
  4. Add a way to run this with yarn-lock.json
  5. Add whitelist and blacklist arguments to skip certain packages or only update certain packages. This could be done with regexp.
  6. Allow changing some packages to ^, others to ~, etc. Although this could be done with separate commands using a whitelist and a prefix argument.

License

MIT © pgarciacamou

Contributors

Thanks goes to these wonderful people (emoji key):

This project follows the all-contributors specification. Contributions of any kind welcome!

commanderjsonfile
@everything-registry/sub-chunk-1702@infinitebrahmanuniverse/nolb-free
0.5.0

5 years ago

0.4.1

5 years ago

0.4.0

5 years ago

0.3.0

5 years ago

0.2.0

5 years ago

0.1.0

5 years ago