npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

npm-check-unused

v6.0.0

Published

Check unused dependencies.

Downloads

957

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

nfernfer

Keywords

npmdependenciesunusedcheckdevDependencies

Readme

npm-check-unused

Check for unused dependencies.

On the command line

This is the easiest way to use npm-check-unused.

Install

$ npm install -g npm-check-unused

Use

$ npm-check-unused

Options

Usage
  $ npm-check-unused <path> <options>

Path
  Where to check. Defaults to current directory.

Options
  -p, --production      Skip devDependencies.
  -d, --dev-only        Look at devDependencies only (skip dependencies).
  -i, --ignore          Ignore dependencies based on succeeding glob.
  --specials            List of depcheck specials to include in check for unused dependencies.
  --no-emoji            Remove emoji support. No emoji in default in CI environments.
  --debug               Show debug output. Throw in a gist when creating issues on github.

Examples
  $ npm-check-unused           # See what isn't being used.
  $ npm-check-unused ../foo    # Check another path.

-p, --production

By default npm-check will look at packages listed as dependencies and devDependencies.

This option will let it ignore packages listed as devDependencies.

-d, --dev-only

Ignore dependencies and only check devDependencies.

This option will let it ignore packages listed as dependencies.

-i, --ignore

Ignore dependencies that match specified glob.

$ npm-check-unused -i babel-* will ignore all dependencies starting with 'babel-'.

--specials

Check special (e.g. config) files when looking for unused dependencies.

$ npm-check-unused --specials=bin,webpack will look in the scripts section of package.json and in webpack config.

See https://github.com/depcheck/depcheck#special for more information.

--emoji, --no-emoji

Enable or disable emoji support. Useful for terminals that don't support them. Automatically disabled in CI servers.

--spinner, --no-spinner

Enable or disable the spinner. Useful for terminals that don't support them. Automatically disabled in CI servers.

API

The API is here in case you want to wrap this with your CI toolset.

const npmCheck = require('npm-check');

npmCheck(options)
  .then(currentState => console.log(currentState.get('packages')));

ignoreDev

  • Ignore devDependencies.
  • This is called --production on the command line to match npm.
  • default is false

devOnly

  • Ignore dependencies and only check devDependencies.
  • default is false

ignore

  • Ignore dependencies that match specified glob.
  • default is []

debug

  • Show debug output. Throw in a gist when creating issues on github.
  • default is false

cwd

  • Override where npm-check checks.
  • default is process.cwd()

specials

  • List of depcheck special parsers to include.
  • default is ''

currentState

The result of the promise is a currentState object, look in state.js to see how it works.

You will probably want currentState.get('packages') to get an array of packages and the state of each of them.

Each item in the array will look like the following:

{
  moduleName: 'lodash',                 // name of the module.
  homepage: 'https://lodash.com/',      // url to the home page.
  regError: undefined,                  // error communicating with the registry
  pkgError: undefined,                  // error reading the package.json
  latest: '4.7.0',                      // latest according to the registry.
  installed: '4.6.1',                   // version installed
  isInstalled: true,                    // Is it installed?
  notInstalled: false,                  // Is it installed?
  packageWanted: '4.7.0',               // Requested version from the package.json.
  packageJson: '^4.6.1',                // Version or range requested in the parent package.json.
  devDependency: false,                 // Is this a devDependency?
  usedInScripts: undefined,             // Array of `scripts` in package.json that use this module.
  mismatch: false,                      // Does the version installed not match the range in package.json?
  semverValid: '4.6.1',                 // Is the installed version valid semver?
  easyUpgrade: true,                    // Will running just `npm install` upgrade the module?
  bump: 'minor',                        // What kind of bump is required to get the latest, such as patch, minor, major.
  unused: false                         // Is this module used in the code?
},

You will also see this if you use --debug on the command line.

Inspiration

  • npm outdated - awkward output, requires --depth=0 to be grokable.
  • david - does not work with private registries.
  • update-notifier - for single modules, not everything in package.json.
  • depcheck - only part of the puzzle. npm-check-unused uses depcheck.

License

Copyright (c) 2018 Nfer Zhuang, contributors.

Released under the MIT license.

Screenshots are CC BY-SA (Attribution-ShareAlike).