Check npm package dependencies size, licenses and impact on your package before installing it 🤔
- calculate dependencies size recursively
- show dependencies license policy for linking
- calculates impact on current package
- show full dependency graph
- analyzes packages without downloading it
npm install -g npm-consider
Note: this tool is more useful when you colleagues also use it 😉
npm-consider has the same arguments as npm install:
npm-consider install --save express
The command recursively requests packages info from npm and builds dependencies graph. Size of the package determined via HEAD request to tarball download URL.
npm-consider calculates license type for every dependency. The type defines license policy for linking as a librtary. Data collected from Comparison of free and open-source software licenses on Wikipedia.
Public DomainandPermissivelicense allows you to do anything except sue the authorWeakly Protectivelicense have restriction to how can it be linked and combined with other licensesProtectiveor Copyleft dependency license requires dependent module to have a free license, which prevents it from being proprietaryNetwork Protectivesame as Protective but also triggers with network interactionUncategorizedmeans that license was not found in a package info or was not categorised in terms of linking; feel free to contribute to license categorisation;
Note: that even permissive licenses have some restrictions. Check the following slide and article to learn about license compatibility:
The Free-Libre / Open Source Software (FLOSS) License Slide
- Install runs
npm installwith the same arguments - Impact takes onto account already installed dependencies and shows relative impact. It behaves differently, depending on
--saveor--save-devoption. The second one takes into account already installeddependenciesanddevDpenedencies. - Details prints dependencies graph
- Skip cancels
npm install; no changes in your project will apply.