npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

deploy-check-cli

v1.6.5

Published

Deployment Risk Analyzer CLI - Analyze code changes for deployment risks

Downloads

94

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

aryanyadav01aryanyadav01

Keywords

deploymentriskanalyzerclidevopsci-cdcode-analysis

Readme

deploy-check-cli

Analyze code changes for deployment risks before they reach production.

npm version License: AGPL v3

Installation

# npm
npm install -g deploy-check-cli

# pnpm
pnpm add -g deploy-check-cli

# yarn
yarn global add deploy-check-cli

# npx (no install)
npx deploy-check-cli analyze

Quick Start

deploy-check analyze                    # Analyze against main branch
deploy-check analyze --base develop     # Analyze against specific branch
deploy-check analyze --json             # Output as JSON
deploy-check runbook                    # Generate deployment runbook
deploy-check config init                # Initialize configuration

What It Detects

| Risk Type | Languages/Files | Detection | |-----------|-----------------|-----------| | Breaking API Changes | TypeScript, Python, Go, Java, C/C++, Swift, Rust | AST-based analysis | | Destructive Migrations | SQL files | Pattern matching (DROP, TRUNCATE, etc.) | | Permission Changes | IAM, RBAC configs | Pattern detection | | Low Test Coverage | All (via LCOV) | Coverage report parsing | | Undocumented APIs | OpenAPI specs | Spec comparison |

Commands

deploy-check analyze

Analyze code changes for deployment risks.

deploy-check analyze [options]

| Option | Description | Default | |--------|-------------|---------| | --base <ref> | Base branch/commit to compare against | main | | --head <ref> | Head commit to analyze | HEAD | | --files <glob> | Limit analysis to specific files | all | | --coverage <path> | Path to lcov coverage report | auto-detect | | --openapi <path> | Path to OpenAPI specification | auto-detect | | --json | Output results as JSON | false | | --output <file> | Write markdown report to file | stdout | | --fail-on <level> | Exit with error on severity level | high |

deploy-check runbook

Generate a deployment runbook based on detected risks.

deploy-check runbook [options]

| Option | Description | Default | |--------|-------------|---------| | --output <file> | Write runbook to file | stdout | | --template <path> | Custom runbook template | built-in |

deploy-check config

Manage configuration.

deploy-check config init    # Create config interactively
deploy-check config show    # Display current config

deploy-check jira

Integrate with Atlassian Jira.

deploy-check jira auth                      # Authenticate
deploy-check jira auth --logout             # Remove credentials
deploy-check jira create --project KEY      # Create issues for findings
deploy-check jira create --severity high    # Filter by severity
deploy-check jira create --dry-run          # Preview without creating
deploy-check jira board --list              # List all Jira boards
deploy-check jira board --name "My Board"   # View board details & columns
deploy-check jira board --name "My Board" --issues  # Show board issues
deploy-check jira board --id 123 --columns # Show column statistics

deploy-check confluence

Publish reports to Atlassian Confluence.

deploy-check confluence auth                # Authenticate
deploy-check confluence publish --space KEY # Publish report
deploy-check confluence publish --runbook   # Publish runbook

Configuration

Create .deploy-check.json in your project root:

{
  "coverageThreshold": 40,
  "ignoredPaths": ["node_modules/**", "dist/**"],
  "outputFormat": "terminal",
  "baseRef": "main",
  "failOn": "high"
}

Risk Scoring

| Finding Type | Points | Description | |--------------|--------|-------------| | DESTRUCTIVE_MIGRATION | 30 | DROP TABLE, DROP COLUMN, etc. | | BREAKING_API | 25 | Removed exports, changed signatures | | PERMISSION_CHANGE | 20 | IAM/RBAC modifications | | LOW_COVERAGE | 10 | Test coverage below threshold | | UNDOCUMENTED_API | 5 | Endpoints missing from OpenAPI spec |

Risk Levels

| Level | Score | Exit Code | |-------|-------|-----------| | LOW | 0-34 | 0 | | MEDIUM | 35-59 | 1 | | HIGH | 60-79 | 2 | | CRITICAL | 80+ | 2 |

Exit Codes

| Code | Meaning | |------|---------| | 0 | No findings or all LOW severity | | 1 | MEDIUM severity findings | | 2 | HIGH or CRITICAL findings |

CI/CD Integration

GitHub Actions

- run: npm install -g deploy-check-cli
- run: deploy-check analyze --base ${{ github.event.pull_request.base.sha }} --fail-on high

GitLab CI

script:
  - npm install -g deploy-check-cli
  - deploy-check analyze --base origin/$CI_MERGE_REQUEST_TARGET_BRANCH_NAME --fail-on high

Pre-commit Hook

npx husky add .husky/pre-commit "npx deploy-check-cli analyze --fail-on high"

Supported Languages

| Language | Extensions | What's Detected | |----------|------------|-----------------| | TypeScript/JavaScript | .ts, .tsx, .js, .jsx | Exported functions, classes, interfaces | | Python | .py | Functions, classes, methods | | Go | .go | Exported functions, structs | | Java | .java | Public methods, classes, interfaces | | C/C++ | .c, .cpp, .h, .hpp | Functions, structs, classes | | Swift | .swift | Public functions, classes, protocols | | Rust | .rs | pub fn, structs, enums, traits |

Links

License

GNU Affero General Public License v3.0 (AGPL-3.0)

Copyright (C) 2025 Aryan Yadav

This software is licensed under the AGPL-3.0 license. See LICENSE and NOTICE for full details.