UNPKG

@hyrious/dup

Version:

Find duplicates in your lockfile

github.com/hyrious/dup

hyrious/dup

54 lines (37 loc) 1.75 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# @hyrious/dup Find duplicates in your package-lock.json / pnpm-lock.yaml. This script is using string matching, it is very fast. ## Usage <pre><code>$ cd path/to/your/npm-project $ <a href="https://github.com/antfu/ni">nlx</a> @hyrious/dup foo@1.0.0 foo@2.0.0</code></pre> ### Next Steps You can run <code><a href="https://github.com/antfu/ni">na</a> why {package-name}</code> to find out why they are there in your dependencies tree. - The duplicates are likely to happen after you have run <code><a href="https://github.com/antfu/taze">taze</a> -wi</code>. This is because package managers tend to keep indirect dependencies' versions if updating them is not necessary and for smaller downloading footprint. You can run <code><a href="https://github.com/antfu/ni">na</a> dedupe</code> to force update all dependencies to the same version (if possible). - Some modules may deploy their function and CLI in the same package, which results in the CLI's dependencies (`yargs`, `commander`, etc.) being included in your dependencies tree and you actually does not need them. You can add [overrides](https://pnpm.io/package_json#pnpmoverrides) to remove them, for example: ```json "pnpm": { "overrides": { "critters>chalk": "npm:noop-package@1.0.0", "html-minifier>commander": "npm:noop-package@1.0.0" } } ``` - If an indirect dependency's newer version breaks your codebase, you can either - Hack into it (if possible) in your codebase and alter its behavior; - Make a [patch](https://pnpm.io/cli/patch) to fix it manually; - Raise an issue to the package's repo. I'm just encouraging you to use less dependencies to risk less. ## License MIT @ [hyrious](https://github.com/hyrious)