{"id":15536901,"url":"https://github.com/bmish/check-dependency-version-consistency","last_synced_at":"2025-04-12T18:48:34.188Z","repository":{"id":36995975,"uuid":"324202156","full_name":"bmish/check-dependency-version-consistency","owner":"bmish","description":"CLI tool which checks that dependencies are on consistent versions across a monorepo / npm/pnpm/Yarn workspace.","archived":false,"fork":false,"pushed_at":"2025-03-31T11:53:59.000Z","size":3476,"stargazers_count":71,"open_issues_count":19,"forks_count":6,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-03T22:07:20.751Z","etag":null,"topics":["dependencies","linter","monorepo","nodejs","npm","npm-workspaces","package-json","packages","pnpm","pnpm-workspaces","workspace","yarn","yarn-workspaces"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bmish.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-12-24T17:06:04.000Z","updated_at":"2025-03-31T11:53:48.000Z","dependencies_parsed_at":"2024-06-18T17:07:59.017Z","dependency_job_id":"500e5138-f54e-4854-bfb4-cf47090f9efe","html_url":"https://github.com/bmish/check-dependency-version-consistency","commit_stats":{"total_commits":504,"total_committers":7,"mean_commits":72.0,"dds":"0.36904761904761907","last_synced_commit":"526e55f733e59f2eee3ed982747b4ab6793c4f33"},"previous_names":[],"tags_count":31,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bmish%2Fcheck-dependency-version-consistency","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bmish%2Fcheck-dependency-version-consistency/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bmish%2Fcheck-dependency-version-consistency/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bmish%2Fcheck-dependency-version-consistency/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bmish","download_url":"https://codeload.github.com/bmish/check-dependency-version-consistency/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248618133,"owners_count":21134197,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dependencies","linter","monorepo","nodejs","npm","npm-workspaces","package-json","packages","pnpm","pnpm-workspaces","workspace","yarn","yarn-workspaces"],"created_at":"2024-10-02T11:54:18.562Z","updated_at":"2025-04-12T18:48:34.160Z","avatar_url":"https://github.com/bmish.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# check-dependency-version-consistency\n\n[![npm version][npm-image]][npm-url]\n[![CI][ci-image]][ci-url]\n\nThis CLI tool enforces the following aspects of consistency across a monorepo with npm / pnpm / Yarn workspaces:\n\n1. Dependencies are on consistent versions. For example, every package in a workspace that has a dependency on `eslint` should specify the same version for it.\n2. Dependencies on local packages use the local packages directly instead of older versions of them. For example, if one package `package1` in a workspace depends on another package `package2` in the workspace, `package1` should request the current version of `package2`.\n\n## Motivation\n\n* **Supports a uniform developer experience.** Like shared code formatting standards, consistent dependency versions reduce friction and make it easier for developers to jump around and work across packages in a monorepo.\n* **Discourages piecemeal upgrades.** When possible, a dependency should be upgraded everywhere it exists in a monorepo at the same time. Upgrades are also simpler and easier to perform when fewer versions are present.\n* **Reduces unexpected behavior.** Having old versions present can lead to confusion, e.g., a bug present in some parts of a monorepo but not others, or uncertainty about which version wins out when served to the browser.\n* **Cuts down on bundle size.** Avoid serving excess dependency code to the browser.\n* **Saves disk space and installation time.** Faster local development and CI.\n\n## Usage\n\nTo install:\n\n```sh\nyarn add --dev check-dependency-version-consistency\n```\n\nTo run, use this command and optionally pass the path to the workspace root (where the `package.json` file containing `workspaces` or `pnpm-workspace.yaml` is located):\n\n```sh\nyarn check-dependency-version-consistency .\n```\n\nIf there are no inconsistencies, the program will exit with success.\n\nIf there are any inconsistencies, the program will exit with failure and output the mismatching versions.\n\n## Example\n\n`package.json` (workspace root):\n\n```json\n{\n  \"workspaces\": [\"*\"],\n  \"scripts\": {\n    \"lint\": \"npm-run-all --continue-on-error --aggregate-output --parallel \\\"lint:*\\\"\",\n    \"lint:dependency-versions\": \"check-dependency-version-consistency .\",\n    \"lint:dependency-versions:fix\": \"npm-run-all \\\"lint:dependency-versions --fix\\\"\"\n  },\n  \"devDependencies\": {\n    \"check-dependency-version-consistency\": \"*\",\n    \"npm-run-all\": \"*\"\n  }\n}\n```\n\n`package1/package.json`:\n\n```json\n{\n  \"name\": \"package1\",\n  \"devDependencies\": {\n    \"eslint\": \"^8.0.0\"\n  },\n  \"dependencies\": {\n    \"package2\": \"^0.0.0\"\n  }\n}\n```\n\n`package2/package.json`:\n\n```json\n{\n  \"name\": \"package2\",\n  \"version\": \"1.0.0\",\n  \"devDependencies\": {\n    \"eslint\": \"^7.0.0\"\n  }\n}\n```\n\n`package3/package.json`:\n\n```json\n{\n  \"name\": \"package3\",\n  \"devDependencies\": {\n    \"eslint\": \"^7.0.0\"\n  }\n}\n```\n\nOutput:\n\n```pt\nFound 2 dependencies with mismatching versions across the workspace. Fix with `--fix`.\n╔════════╤════════╤════════════════════╗\n║ eslint │ Usages │ Packages           ║\n╟────────┼────────┼────────────────────╢\n║ ^8.0.0 │ 1      │ package1           ║\n╟────────┼────────┼────────────────────╢\n║ ^7.0.0 │ 2      │ package2, package3 ║\n╚════════╧════════╧════════════════════╝\n╔══════════╤════════╤══════════╗\n║ package2 │ Usages │ Packages ║\n╟──────────┼────────┼──────────╢\n║ 1.0.0    │ 1      │ package2 ║\n╟──────────┼────────┼──────────╢\n║ ^0.0.0   │ 1      │ package1 ║\n╚══════════╧════════╧══════════╝\n```\n\n## Options\n\nThese options are available on the CLI and as parameters to the [Node API](#node-api).\n\n| Name | Description |\n| :-- | :-- |\n| `--dep-type` | Type of dependency to check (`dependencies`, `devDependencies`, `optionalDependencies`, `peerDependencies` (optional), `resolutions`) (default: `dependencies`, `devDependencies`, `optionalDependencies`, `resolutions`) (option can be repeated). |\n| `--fix` | Whether to autofix inconsistencies (using latest version present). |\n| `--ignore-dep` | Dependency to ignore mismatches for (option can be repeated). |\n| `--ignore-dep-pattern` | RegExp of dependency names to ignore mismatches for (option can be repeated). |\n| `--ignore-package` | Workspace package to ignore mismatches for (option can be repeated). |\n| `--ignore-package-pattern` | RegExp of package names to ignore mismatches for (option can be repeated). |\n| `--ignore-path` | Workspace-relative path of packages to ignore mismatches for (option can be repeated). |\n| `--ignore-path-pattern` | RegExp of workspace-relative path of packages to ignore mismatches for (option can be repeated). |\n\n## Node API\n\n```ts\nimport { CDVC } from 'check-dependency-version-consistency';\n\nconst cdvc = new CDVC(path, options);\n\nconst result = cdvc.getDependency('eslint');\n\n// Result could look like this:\nconst result = {\n  isFixable: true,\n  isMismatching: true,\n  name: 'eslint',\n  versions: [\n    {\n      packages: [{ pathRelative: 'packages/package1' }, { pathRelative: 'packages/package2' }],\n      version: '^7.0.0',\n    },\n    {\n      packages: [{ pathRelative: 'packages/package3' }],\n      version: '^8.0.0',\n    },\n  ],\n};\n```\n\n| [`CDVC`](./lib/cdvc.ts) Class Constructor Parameter | Type | Description |\n| :-- | :-- | :-- |\n| `path` | `string` | Path to the workspace root (where the `package.json` file containing `workspaces` or `pnpm-workspace.yaml` is located). |\n| `options` | `object` | See [Options](#options). |\n\n| [`CDVC`](./lib/cdvc.ts) Class Member | Description |\n| :-- | :-- |\n| `getDependencies()` | Returns an array of all dependencies in the workspace. |\n| `getDependency(name: string)` | Returns an object with information about an individual dependency. |\n| `hasMismatchingDependenciesFixable` | `true` if there are any dependencies with mismatching versions that are autofixable. |\n| `hasMismatchingDependenciesNotFixable` | `true` if there are any dependencies with mismatching versions that are not autofixable. |\n| `hasMismatchingDependencies` | `true` if there are any dependencies with mismatching versions. |\n| `toFixedSummary()` | Returns a string summary of the mismatching dependency versions that were fixed (if the `fix` option was specified). |\n| `toMismatchSummary()` | Returns a string of human-readable tables describing the mismatching dependency versions. |\n\n| Dependency Object Property | Description |\n| :-- | :-- |\n| `isFixable` | `true` if the mismatching versions of this dependency are autofixable. |\n| `isMismatching` | `true` if there are multiple versions of this dependency. |\n| `name` | The dependency's name. |\n| `versions` | A list of the versions present of this dependency and the packages each is found in, in the form of: `{ version: string, packages: { pathRelative: string }[] }`. |\n\nSee [`lib/cli.ts`](./lib/cli.ts) for an example of how to use it.\n\n## Related\n\n* [npm-package-json-lint](https://github.com/tclindner/npm-package-json-lint) — use this complementary tool to enforce that your dependency versions use consistent range types (i.e. [prefer-caret-version-dependencies](https://npmpackagejsonlint.org/docs/rules/dependencies/prefer-caret-version-dependencies), [prefer-caret-version-devDependencies](https://npmpackagejsonlint.org/docs/rules/dependencies/prefer-caret-version-devDependencies))\n* [Yarn Constraints](https://yarnpkg.com/features/constraints) - experimental built-in Yarn feature that can perform many workspace consistency checks\n\n## References\n\n* [npm workspaces](https://docs.npmjs.com/cli/using-npm/workspaces)\n* [pnpm workspaces](https://pnpm.io/pnpm-workspace_yaml)\n* [Yarn workspaces](https://classic.yarnpkg.com/lang/en/docs/workspaces/)\n\n[npm-image]: https://badge.fury.io/js/check-dependency-version-consistency.svg\n[npm-url]: https://www.npmjs.com/package/check-dependency-version-consistency\n[ci-image]: https://github.com/bmish/check-dependency-version-consistency/workflows/CI/badge.svg\n[ci-url]: https://github.com/bmish/check-dependency-version-consistency/actions/workflows/ci.yml\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbmish%2Fcheck-dependency-version-consistency","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbmish%2Fcheck-dependency-version-consistency","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbmish%2Fcheck-dependency-version-consistency/lists"}