npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

dependency-insight

v1.11.0

Published

A CLI tool to audit and analyze your project's dependencies.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

ssatwikssatwik

Keywords

dependencyauditnpmclitoolcheckunusedpackagepackagesdepcheckdependenciesdevDependencieslicensecompliancepeer-dependencieslockfile

Readme

Dependency Insight CLI Tool

dep-insight

Overview

dependency-insight is a tiny, powerful, and user-friendly command-line tool designed to help you audit, analyze, and manage your project's dependencies. It provides a wide range of features to ensure that your project uses the most up-to-date, secure, and efficient libraries. Available on NPM registry.

Installation

You can install dependency-insight globally via npm:

npm install -g dependency-insight

Alternatively, you can install it locally in your project:

npm install --save-dev dependency-insight

Or simply npm i (but you may have to use npx before dep-insight)

npm install dependency-insight #use npx

Features

1. Audit Dependencies

  • Command: dep-insight audit
  • Description: Audits your project's dependencies for known vulnerabilities and displays the severity of each.

2. Check Outdated Dependencies

  • Command: dep-insight outdated
  • Description: Identifies outdated dependencies and checks for newer versions.

3. Prune Unused Dependencies

  • Command: dep-insight prune
  • Description: Detects unused dependencies and helps keep your project lean.

4. Visualize Dependency Tree

  • Command: dep-insight tree
  • Description: Visualizes the complete dependency tree of your project.

5. Suggest Lightweight Alternatives

  • Command: dep-insight suggest
  • Description: Suggests lightweight alternatives for heavy dependencies.

6. Analyze Bundle Size

  • Command: dep-insight size
  • Description: Analyzes the size of your project's dependencies and provides a summary.

7. Check Project Health

  • Command: dep-insight health
  • Description: Checks the health of your dependencies by reviewing download statistics, GitHub activity, and more.

8. Interactive Update for Dependencies

  • Command: dep-insight update
  • Description: Allows you to interactively update outdated dependencies in your project.

9. Clear npm Cache

  • Command: dep-insight clear-cache
  • Description: Clears the npm cache completely after confirming with the user.

10. Check License Compliance

  • Command: dep-insight licenses
  • Description: Scans all dependencies for their license types, flags packages with restrictive or incompatible licenses, and generates compliance reports.

11. Dependency Impact Analysis

  • Command: dep-insight impact <package-name>
  • Description: Analyze how updating a specific dependency might affect your project, including breaking changes and risk scoring.

12. Dependency Usage Analyzer

  • Command: dep-insight usage
  • Description: Shows which files/modules are importing each dependency, identifies underutilized or unused packages, and finds redundant dependencies.

13. Lockfile Validator

  • Command: dep-insight lock
  • Description: Analyzes your lockfile (package-lock.json, yarn.lock, or pnpm-lock.yaml) for inconsistencies or potential issues and verifies lockfile integrity.

14. Peer Dependency Validator

  • Command: dep-insight peers
  • Description: Checks for missing or incompatible peer dependencies and highlights potential conflicts.

15. CI/CD Integration

  • Command: dep-insight ci
  • Description: Runs all critical checks in CI environments, generates machine-readable reports, and sets appropriate exit codes for failing builds.

16. Default/Help Command

  • Command: No command or dep-insight help
  • Description: Displays the available commands and their descriptions when no command is provided or the help flag is used.

Usage

After installation, you can run the tool from the command line by typing dep-insight followed by the desired command. For example:

  • To audit dependencies:
    dep-insight audit
  • To check for outdated dependencies:
    dep-insight outdated
  • To check license compliance:
    dep-insight licenses
  • To analyze dependency usage:
    dep-insight usage
  • To validate lockfile:
    dep-insight lock
  • To validate peer dependencies:
    dep-insight peers
  • To run all checks in CI:
    dep-insight ci

For a full list of commands, use the help command:

dep-insight help

Example Output

When you run the dep-insight audit command, it will analyze your dependencies for security vulnerabilities and output a summary:

Auditing dependencies for vulnerabilities...

Low: 2, Moderate: 1, High: 3, Critical: 0

When you run dep-insight outdated, it will show any outdated dependencies:

Outdated dependencies:

express: 4.16.3 → 4.18.2 (4.18.2)

When you run dep-insight licenses, it will show license risk summary and details:

License Risk Summary:
High Risk: 1 - Copyleft licenses with strict requirements
Moderate Risk: 0 - Licenses with some restrictions
Low Risk: 10 - Permissive licenses
Unknown: 2

⚠️ High Risk Licenses:
- some-copyleft-package  GPL-3.0

All Licenses:
some-copyleft-package   GPL-3.0
chalk                   MIT
...

When you run dep-insight usage, it will show dependency usage analysis:

Dependency Usage Analysis:
──────────────────────────────────────────────────────────────
Dependency                      Imports    Files   Coverage
──────────────────────────────────────────────────────────────
chalk                                18       18        86%
inquirer                              3        3        14%
depcheck                              1        1         5%
filesize                              0        0         0%

⚠️ Unused Dependencies:
- filesize (consider removing)

When you run dep-insight lock, it will validate your lockfile:

Validating lockfile integrity...

Detected lockfiles:
- package-lock.json

✅ package-lock.json is up to date.
Lockfile version: 2
✅ All packages have integrity hashes.

When you run dep-insight peers, it will validate peer dependencies:

Validating peer dependencies...

✅ All peer dependencies are satisfied!

When you run dep-insight ci, it will run all checks and output a machine-readable report.

Dependencies

This tool uses the following libraries:

  • chalk: For colorful and easy-to-read outputs in the terminal.
  • depcheck: For identifying unused dependencies in your project.
  • inquirer: For prompting users during interactive commands.
  • filesize: For displaying file sizes in human-readable formats.

Contributing

Feel free to fork this project, submit issues, or create pull requests. Contributions are welcome!

License

This project is licensed under the MIT License. See the LICENSE file for more information.

Note: GitHub API is rate-limited to 60 requests per hour for unauthenticated requests, which may