@mazhu/pkgcheck
v1.0.1
Published
npm package security, license, and quality checker CLI
Downloads
263
Maintainers
mazhuReadme
pkgcheck 🔍
npm package security, license, and quality checker — zero dependencies
Features
- 🛡️ Security Audit — Check for known vulnerabilities in your dependencies
- 📜 License Compliance — Scan and validate licenses of all dependencies
- 📦 Outdated Check — Find packages with newer versions available
- 🌳 Dependency Tree — Visualize a package's dependency graph
- 📐 Package Size — Check bundle size via Bundlephobia API
- 📊 Quality Score — Get package quality metrics from npms.io
Install
npm install -g @mazhu/pkgcheckUsage
Security Audit
pkgcheck audit
pkgcheck audit --severity high
pkgcheck audit --jsonLicense Check
pkgcheck licenses
pkgcheck licenses --allow "MIT,Apache-2.0,BSD-3-Clause"
pkgcheck licenses --deny "GPL-3.0"Outdated Packages
pkgcheck outdated
pkgcheck outdated --jsonDependency Tree
pkgcheck deps express
pkgcheck deps lodash --depth 5Package Size
pkgcheck size express
pkgcheck size react --jsonQuality Score
pkgcheck score express
pkgcheck score lodash --jsonExamples
$ pkgcheck audit
🔍 Running security audit...
Vulnerability Summary:
🔴 Critical: 0
🟠 High: 2
🟡 Moderate: 3
🔵 Low: 5
─────────────────────────
Total: 10
Vulnerable Packages:
Severity Package Version Vulnerability Patched
─────────────────────────────────────────────────────────────────
HIGH lodash 4.17.15 Prototype Pollution 4.17.21
MODERATE minimatch 3.0.4 ReDoS 3.0.8
...$ pkgcheck score react
📊 Package quality score: react
[email protected]
React is a JavaScript library for building user interfaces.
Overall Score:
97.5/100 █████████████████████████████░░
Score Breakdown:
Category Score Bar
─────────────────────────────────────────────
Quality 96.2 ████████████████████████░░
Maintenance 99.1 █████████████████████████░
Popularity 97.8 █████████████████████████░Zero Dependencies
pkgcheck has zero runtime dependencies — it only uses Node.js built-in modules:
child_process— for running npm commandshttps/http— for API requestsurl— for URL parsing
Requirements
- Node.js >= 16.0.0
- npm (for audit, licenses, and outdated commands)
License
MIT © Mike Wang