Pepper Scanner is an innovative CLI tool designed to enhance project security and maintenance for Node.js developers. By scanning your Node.js project, Pepper Scanner provides comprehensive insights into package dependencies, including version discrepancies, deprecations, vulnerabilities, and Node.js compatibility checks. It streamlines the update process by offering options to update packages, audit for vulnerabilities, and much more, all from the comfort of your terminal.
- Dependency Analysis: Quickly identify outdated, deprecated, or vulnerable packages.
- Node.js Compatibility: Checks if your packages are compatible with your Node.js version.
- Interactive Updates: Update packages individually or in bulk with interactive prompts.
- Vulnerability Audit: Leverage npm audit seamlessly within the tool to identify security issues.
- Custom Commands: Execute custom npm commands directly through the tool for added flexibility.
- Peer Dependencies Check: Automatically checks and informs about missing peer dependencies.
- Project Dependency Analyzer: Analyze and manage dependencies during Node.js version migrations.
Pepper Scanner is available as an npm package. You can install it globally using npm or yarn:
npm install -g pepper-scannerOr using yarn:
yarn global add pepper-scanner
Once installed, you can run Pepper Scanner within your Node.js project directory using the following command:
pepper-scannerThe tool will then guide you through various options and actions you can perform on your project.
- Update a Package: Selectively update packages to their latest versions.
- List Vulnerabilities: Run an npm audit to check for known vulnerabilities.
- Show Deprecated Packages: List all dependencies that are marked as deprecated.
- Review Package Information: Display a comprehensive table with details on each package.
- Execute Custom NPM Command: Run any npm command directly from Pepper Scanner.
- Clear Console: Clears the terminal screen for a cleaner workspace.
- Exit: Quit the Pepper Scanner application.
Contributions are what make the open-source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
git checkout -b feature/AmazingFeature
git commit -m 'Add some AmazingFeature'
git push origin feature/AmazingFeature[!IMPORTANT] > Open a Pull Request
- main(): Orchestrates the script's flow, handles user input, and directs the sequence of actions based on user choices.
- initializePackageInfo(): Extracts package information from package.json, checking each package's current version against its latest version and compatibility with the desired Node.js version.
- enrichAllPackageInfo(): Enhances package data with additional details from the npm registry, such as the latest version, deprecation status, and usage within the project.
- listFiles(): Generates and writes a report detailing dependency usage within the project. Helper Functions
- fetchPackageInfo(packageName): Fetches metadata from the npm registry for a given package.
- isDependencyUsed(projectFolder, dependencyName): Scans the project directory to determine if a dependency is used in the project files.
- traverseDirectory(dir, dependencyUsage, dependencies): Recursively traverses the project directory to analyze files for dependencies.
- analyzeFileUsage(filePath, dependencyUsage, dependencies): Analyzes a file to check for import statements and usage of dependencies.
Refer to the attached flowchart in this repository for a visual representation of the script's operational flow.
[!NOTE] >
Distributed under the MIT License.