NPM Dependency Backdator
Thinkk updating NPM dependencies is bad? Backdating them was even harder - at least before this tool existed!
This makes both easier, allowing users to backdate their dependencies to a specific date - and all in a user-friendly TUI for the less tech-savvy!
But Why?
If you are lucky you at at least using version control, and then if you're super lucky every committed state of your code is perfectly working, but if you're not, then this process - finding out what dependency versions were running at a specific date - can be a pain.
That was the primary motivation for this tool, but I quickly realized it could also be used to update dependencies to a specific date, which is probably more useful for the general public.
How to use
After installing it via
npm install -g RascalTwo/npm-dependency-backdater
One only needs to run it, pointing it to a package.json
and a date - or not and it will use the current date
npm-dependency-backdater package.json 2023-01-01
Of course there are a lot more options available, making so no matter your use case, it'll probably help you in some way!
Usage: npm-dependency-backdater <package.json location> [<datetime>] [--silent] [--tui] [--strip-prefixes] [--interactive] [--allow-pre-release] [--dry-run] [--preload-dependencies] [--no-cache] [--lock-major] [--lock-minor] [--warnings-as-errors] [--delay[=milliseconds]]
package.json location: The location of the package.json file to update
datetime: The datetime to update the package versions to (YYYY-MM-DDTHH:mm:ssZ)
Defaults to the current time if not provided
--silent
- Whether to suppress logging
--tui
- Whether to use a text-based user interface (TUI) instead of the command line
--strip-prefixes
- Whether to strip the (>=, <=, >, <, ~, ^) prefixes from the updated versions
--interactive
- Whether to prompt the user before updating each package version
--allow-pre-release
- Whether to allow the latest version to be a pre-release version (e.g. 1.0.0-alpha.1)
--dry-run
- Whether to log the changes that would be made without actually making them
--preload-dependencies
- Whether to preload all package names before updating them
--no-cache
- Whether to ignore the cache when getting package version dates
--lock-[major/minor]
- Prevent updating the major/minor version of a package
--warnings-as-errors
- Treat warnings as errors, exiting the program if any are encountered
--delay[=milliseconds]
- Milliseconds to wait between events, defaults to 1000
I antecipate the primary use for most people of this tool to be for updating dependencies, which can be done in a non-breaking manner by using the --lock-major
flag, only allowing minor and patch updates, or the --lock-minor
flag, to only allow patch updates.
The experts may wish to use the --interactive
flag, presenting them with a prompt for each package, allowing them to choose whether to update it or not.
How it works
Thanks to the NPM Registry API providing information on every published version of a NPM package, most of the actual work is just data manipulation and comparison.
How it's made
As a testing ground for a project using similar patterns, I decided to write this tool with half of the logic offloaded to a event handling system, not only making it extreamly easy for me to customize - leading to me supporting the classic CLI interface, a silent one, and even a TUI - but others can also easily handle each event as they see fit.
Of course I used TypeScript along with ESLint and Prettier to keep the code clean and consistent, and finally Jest to test it all.