I noticed that in my normal dev workflow, I often (sometimes) run into the following problem:
- pull changes from github
- run build tool, for example
- get cryptic errors
- blame someone for breaking the build
- find out that someone just added a dependency / updated a version (that's a tricky one to find)
npm installand everything works after that
This lead to me thinking: can grunt check if I have the correct dependencies installed automatically as part of the build?
I looked around and found a few plugins that do this, for example
Unfortunately, they all seem to be wrappers around
npm ls command.
The problem with that command is that it checks the entire dependency tree = slow.
On a typical project it takes 5-10 seconds, which adds significantly to the build time.
I want to check the dependencies very quickly as part of the default task.
The key shortcut is that we only need to really worry about two cases:
- new dependencies have been added to the package.json and missing from the local node_modules folder.
- an existing dependency has been bumped to newer version and needs to be reinstalled.
So I wrote deps-ok and a grunt
plugin grunt-deps-ok to check missing folders and version
compatibility for npm modules. As long as installed version is greater or equal to declared, it is ok. If a check fails, it just suggests to run
I used semver to compare package version numbers. This works great as long as
you have valid versions for your dependencies
2.8.0, etc. Please do not use
is a bad practice in general and would not work with deps-ok.
The same approach might be easy to extend to bower dependencies, feel free to try and let me know.