Return to Blog Home

NPM Dependency Backdator

Source 

NPM Dependency Backdator

Thinkk updating NPM dependencies is bad? Backdating them was even harder - at least before this tool existed!

This makes both easier, allowing users to backdate their dependencies to a specific date - and all in a user-friendly TUI for the less tech-savvy!

But Why?

If you are lucky you at at least using version control, and then if you're super lucky every committed state of your code is perfectly working, but if you're not, then this process - finding out what dependency versions were running at a specific date - can be a pain.

That was the primary motivation for this tool, but I quickly realized it could also be used to update dependencies to a specific date, which is probably more useful for the general public.

How to use

After installing it via

npm install -g RascalTwo/npm-dependency-backdater

One only needs to run it, pointing it to a package.json and a date - or not and it will use the current date

npm-dependency-backdater package.json 2023-01-01

Of course there are a lot more options available, making so no matter your use case, it'll probably help you in some way!

Usage: n​pm-dependency-backdater <package.json location> [<datetime>] [--silent] [--tui] [--strip-prefixes] [--interactive] [--allow-pre-release] [--dry-run] [--preload-dependencies] [--no-cache] [--lock-major] [--lock-minor] [--warnings-as-errors] [--delay[=milliseconds]]

package.json location: The location of the package.json file to update
datetime: The datetime to update the package versions to (YYYY-MM-DDTHH:mm:ssZ)
          Defaults to the current time if not provided

I antecipate the primary use for most people of this tool to be for updating dependencies, which can be done in a non-breaking manner by using the --lock-major flag, only allowing minor and patch updates, or the --lock-minor flag, to only allow patch updates.

The experts may wish to use the --interactive flag, presenting them with a prompt for each package, allowing them to choose whether to update it or not.

How it works

Thanks to the NPM Registry API providing information on every published version of a NPM package, most of the actual work is just data manipulation and comparison.

How it's made

As a testing ground for a project using similar patterns, I decided to write this tool with half of the logic offloaded to a event handling system, not only making it extreamly easy for me to customize - leading to me supporting the classic CLI interface, a silent one, and even a TUI - but others can also easily handle each event as they see fit.

Of course I used TypeScript along with ESLint and Prettier to keep the code clean and consistent, and finally Jest to test it all.