Sha256: fd245269328fbec8e1576dc60a2b88047ed0ff904c224e89c1851aeea8706362
Contents?: true
Size: 1.52 KB
Versions: 1
Compression:
Stored size: 1.52 KB
Contents
### package_json_lockdown
Force locking down of version numbers in package.json
Shrinkwrap isn't the solution you want it to be, and none of the other tools
quite do what you want. So you'll get fed up and force manual management of
your dependencies (after all, `npm outdated` is fairly easy to deal with.)
This plugin will warn you if you're commiting anything that looks like:
- "^1.0.0"
- "~1.0.0"
- "<=1.0.0"
- "<1.0.0"
- ">=1.0.0"
- ">1.0.0"
- "1.0.x"
- "*"
- ""
So you can still specify a git hash, a tag, or a URL (and so on), and, most
importantly, you can specify a version number.
<blockquote>Basic operation, throwing warnings in specified package.json(s)
<pre>
package_json_lockdown.verify('package.json')
package_json_lockdown.verify('path/to/sub/package.json')</pre>
</blockquote>
<blockquote>Blacklisting specific dependencies nodes
<pre>
# Will only check the `dependencies` node, but allow
# `devDependencies` to contain non-specific versions
package_json_lockdown.dependency_keys = ['dependencies']
package_json_lockdown.verify('package.json')</pre>
</blockquote>
<blockquote>Returning values to handle manually
<pre>
problems = package_json_lockdown.inspect('package.json')
puts(problems)</pre>
</blockquote>
#### Attributes
`dependency_keys` - Allows you to specify dependency nodes to check. By default it will check
all nodes known to contain dependencies.
#### Methods
`verify` - Verifies the supplied `package.json` file
`inspect` - Inspects the supplied `package.json` file and returns problems
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| danger-package_json_lockdown-0.9.9 | README.md |