mkdir my-project
cd my-project
npm init -y
Introduction
This will be a quick post! Today I'll be sharing how to validate if your project dependency has beem used in your repository. This is a common issue as your project scales and you need to make sure you're not using, installing or even downloading unnecessary dependencies in your local environment, in your CI/CD pipelines or even deploying these packages in your production environment.
Checking for unused project dependencies with depcheck
To make this a quick process, we can use a NPM package called depcheck. This package will validate every dependency of your codebase and check if the dependency if you missing to declare some specific dependencies (in order to avoid imports of packages added as transitient dependencies by another dependency of your project) and if the packages have been used or not in your project folder.
Creating a project to simulate the problem
To create our project inside a folder called my-project. Inside this folder, we can run a command npm init -y. This command will start a NPM project to be used as an example.
The package.json file generated initially for this project won't have any dependencies, neither dev dependencies. As a next step, we'll install a new dev dependency, a NPM package called perf-marks by using the command npm install perf-marks --save-dev.
npm install perf-marks --save-devWhen the command finishes, you might see a new field called devDependencies in your package.json.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| ... | |
| "devDependencies": { | |
| "perf-marks": "^1.14.2" | |
| } | |
| ... | |
| } |
Now if you run the command npx depcheck you might see a message like that, listing perf-marks as an unused dependency.
Unused dependencies
* perf-marksAnd that's it! π
Ignoring a dependency in depcheck
In case you want to ignore a specific dependency for some reason, you can do it too! Just need to create a file called .depcheckrc at the root of your repository.
In this file, you can add perf-marks as a package to be ignored by depcheck validation.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ignores: ["perf-marks"] |
So, in the next time you run npx depcheck command, the call should not return any error message.
Also, this is a video I recorded showing how to use depcheck package in your project. Enjoy π€π€π€
Thatβs all forΒ now
I hope you enjoyed this reading as much as I enjoyed writing it. Thank you so much for reading until the end and see you soon!
ππππππ