Pkgtracker NPM

About

This package presents the CLI tool for the SDK Tooling Challenge by Dyte. It presents a CLI tool called pkgtracker that can make sure the dependencies for a NodeJS project are up-to-date. It was developed using NodeJS. The following sections describe how to setup and use this tool.

Getting Started

The following sub-sections describe the installation and usage procedures of the pkgtracker.

Installation

This tool has been published on npm and can thus be installed with one simple command:

npm install pkgtracker

Once installed, the tool can be used directly from the command line.

Usage

This tool provides two commands, one to check if the current version of a given dependency is greater than or equal to the specified version from a given CSV file of NodeJS repositories, and another that performs the check function and creates a PR for those repositories that have the version lower than the one specified. The same can be found using the following command:

pkgtracker -h

The `check` command

This command, as mentioned before, checks if the current version of a given dependency is greater than or equal to the specified version from a given CSV file of NodeJS repositories. It takes in four options, --input, --dependency, --save and --output. More information about these options can be found by running the command below:

pkgtracker check -h

An example run of this command can be as follows:

pkgtracker check -i tests/test.csv -d axios@0.23.0

The `update` command

This command, as mentioned previously, performs the check function and creates a PR for those repositories that have the version lower than the one specified. It also takes in four options, --input, --dependency, --save and --output. More information about these options can be found by running the command below:

pkgtracker update -h

An example run of this command can be as follows:

pkgtracker update -i tests/test.csv -d axios@0.23.0

Note that the update command internally executes an npm install command using a child process. This command will thus temporarily create package.json, package-lock.json and node_modules which can then be updated accordingly by the npm install command. However, these temporarily files will be deleted at the end of the operation. Also, any pre-exisiting package.json, package-lock.json or node_modules will be renamed in advance to prevent overwriting.

Another important thing to note is the update made to package-lock.json as a result of the npm install command depends on the version of npm used (that is, the version of the lockfile). This means that if the dependency's old package-lock.json file is lockfile version 1 (created using npmv5 or npmv6) and the current version of npm is v7, the package-lock.json file will be upgraded to lockfile version 2 and the structure of the file will change accordingly. This will however not harm the overall functionality.