Dependency management in Node
David is watching

By Alan Shaw

Introduction

What is David?

A service that helps you keep your project dependencies up to date.

A Node module, CLI tool and website.

Node Module

Node Module

You can get:

  1. A list of all dependencies in your project
  2. A list of updated dependencies in your project
  3. A list of updated STABLE dependencies in your project

For each dependency, david tells you:

  1. The latest version
  2. The latest STABLE version
  3. The semver version or range your project currently requires

Some code


var david = require("david");
var manifest = {/* Your package.json */};

david.getUpdatedDependencies(manifest, {dev: false, stable: true}, function(err, deps) {
	console.log('dependencies with newer STABLE versions for', manifest.name);
	console.log(deps);
});

// Example output:
// dependencies with newer STABLE versions for aaa
// {
//   foo: {required: "~0.3.4", stable: "0.4.0", latest: "0.5.0-pre"},
//   bar: {required: "~1.0.0", stable: "1.2.0", latest: "1.2.0"}
// }

CLI

CLI

Install david globally npm install david -g

Website

Website

Uses expressjs, built using grunt, nodeunit for tests. Help from d3 for data visualisations.

Semantic Versioning

semver

semver is the version standard.

NPM uses semver. NPM allows you to specify version ranges. This is fantastic!

~1.0.2

This is shorthand for >= 1.0.2 < 1.1.0

http://semver.org
https://npmjs.org/doc/json.html#Tilde-Version-Ranges

Out of date?

...what?

Absolute versions, repositories or tags.

Some hurdles

What next?

What next?

Where can we take this tool?

What next?

Where can we take this tool?

EOF

David

https://david-dm.org
http://davidiswatching.tumblr.com
https://github.com/alanshaw/david
https://github.com/alanshaw/david-www
https://github.com/alanshaw/david-presentation

Alan

https://twitter.com/_alanshaw
https://github.com/alanshaw

Slides

https://github.com/LeaVerou/CSSS