0.6.1
Validate your NPM dependencies without installing Node (WIP)
Attributes
Includes Deno configuration
Repository
Current version released
10 months ago
The Guardian Package Linter
Lint your package.json
in line with our recommendations for
dependencies
and
packages.
Note
In its current implementation, this linter will overwrite the
package.json
file that it processes.
Based on the value of the private
field, the package will be interpreted as a
library (lib
) or an application (app
) and processed accordingly:
lib
ifprivate: false
as the package will be made public on publishingapp
ifprivate: true
, as the package will stay private
Usage
With Node
npm install @guardian/package-linter;
npx package-linter ./package.json;
With Deno
deno run -A https://deno.land/x/guardian_package_linter/src/cli.ts ./package.json
Todo
This tool is still a work in progress, and here’s a list of things that we hope it can solve in the future
- Be explicit about missing peer dependencies and try installing them
- Add a
--fix
flag and ensure it cannot be used in CI - Ensure that chosen licenses are appropriate
- Improve distinctions between
app
andlib
- Automatically pick matching
@types/*
packages if they exist - Rely on lock files to resolve version rather than the NPM registry
- Node version specified in
.nvmrc
compatible with@types/node
- Robust approach to handling known issues, and a way to evict them
- Better suggestions on how to resolve peer dependencies mismatch, including semver range intersections
Tooling
See Publint status