Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

proposal: --deep / --depth=XX option. #154

Closed
jamestalmage opened this issue Oct 19, 2015 · 7 comments
Closed

proposal: --deep / --depth=XX option. #154

jamestalmage opened this issue Oct 19, 2015 · 7 comments
Labels
enhancement revive-me

Comments

@jamestalmage
Copy link

This would traverse the entire dependency tree and find ALL outdated dependencies throughout the entire graph. This would warn you if you are relying on a library that is not actively maintained and has not updated it's own dependencies in a long time. Hopefully this would drive some users to get involved filing PR's against their dependencies even if they are just simple bump XXX PR's.

There is is some value in deeply traversing the production dependencies of your dev dependencies, but maybe not dev dependencies of your dev dependencies.
@jamestalmage jamestalmage changed the title proposal: --deep / --depth option. proposal: --deep / --depth=XX option. Oct 19, 2015
@raineorshine
Copy link
Owner

Thanks! That would be a nice addition. It would not be hard to call ncu recursively on nested package.json's. It may require some UI thoughtfulness to have an understandable output.

I am putting this at low priority unless others chime in and say this is a strongly desired feature.

@jamestalmage
Copy link
Author

It may require some UI thoughtfulness to have an understandable output

Perhaps it should mix the current output style and that of npm ls

├─┬ chai@^1.9.0 -> 1.9.2
│ ├── assertion-error@^1.0.0 -> 
│ └─┬ deep-eql@~0.1.3 -> ~0.3.0
│   └── type-detect@0.1.x -> 0.2.x

Use chalk to highlight lines that are behind.

Options should include listing everything (regardless of whether it is behind or not), or filtering just the lines that have a outdated dependency. In the filtering case, you would probably want to keep parents of outdated deps in the tree (but give them some light-gray "disabled" color that tells users to ignore them).

Probably the first step is to create a JSON output that captures all the details, then worry about how to format that.

@jamestalmage
Copy link
Author

OK,
So npm ls -json already exports a deep dependency graph in json format.
From there, It is simply a matter of walking that JSON and finding latest for every dependency.

@jamestalmage
Copy link
Author

bower list -j seems equally helpful

@raineorshine
Copy link
Owner

raineorshine commented Jun 8, 2016
edited
Loading

Closing for cleanup purposes and adding the revive-me label. Feel free to re-open if you are interested in working on a pull request.

@mkungla mkungla mentioned this issue Mar 21, 2019
Closed
2 tasks
@kachkaev
Copy link

This is now resolved, thanks to #785 🎉

@milahu
Copy link

milahu commented Jan 3, 2022
edited
Loading

not working with pnpm
-> glob should list the hidden node_modules/.pnpm/?

edit: d'oh. same result with npm.
-> ( cd node_modules && ncu -u --deep )

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
enhancement revive-me
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kachkaev @raineorshine @jamestalmage @milahu