Table of Contents generated with DocToc
DePendancy ANalyzer, an SQLite-based database of your projects' npm dependency trees
- DB file created and re-used by default
- most
inserts
areupserts
/on conflict do nothing
, so faster on updates - unclear how to deal with deletions though
-
[–] implement
-
[–] document
-
[–] add property
dba
toDpan::constructor()
to pass configuration directly to ICQL/DBA -
[–] fetch data from
https://registry.npmjs.cf/$pkg_name
-
[–] provide info about vulnerabilities
- [–] from GitHub
- [–] from npm
-
[–] package manager used (npm/pnpm/yarn...)
-
[–] circular dependencies
-
[–] try to handle spurious changes caused by Unicode Normalization on some file systems (e.g. APFS); case in point is dbay-rustybuzz which has some filenames with
ä
; originally entered as single codepoint, theä
is turned into a sequence of base letter plus combining diacritic. This change is not reported bygit status
, butgit-utils
repo.getStatus()
returns an object like this:{ 'fonts/schäffel.ch/1455_gutenberg_b42.otf': 128, 'fonts/schäffel.ch/1458_gutenberg_b36.otf': 128, 'fonts/schäffel.ch/2002_horatius.otf': 128, 'fonts/schäffel.ch/LICENSE.txt': 128, 'fonts/schäffel.ch/1455_gutenberg_b42.otf': 512, 'fonts/schäffel.ch/1458_gutenberg_b36.otf': 512, 'fonts/schäffel.ch/2002_horatius.otf': 512, 'fonts/schäffel.ch/LICENSE.txt': 512 }
where the files in question both have a
deleted
and anew
marker. One should suspect this being a flaw in eithergit
or ingit-utils
; also check how [nodegit
][https://github.com/nodegit/nodegit] deals with this situation.