Gathering detailed insights and metrics for sync-deps
Gathering detailed insights and metrics for sync-deps
Compares your lockfile with installed dependencies and triggers an installation on mismatches. Works with npm, yarn 1 and pnpm.
Installations
npm install sync-depsDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
15.5.1
NPM Version
7.3.0
Releases
Unable to fetch releases
Languages
2
TypeScript
JavaScript
TypeScript (92.25%)
JavaScript (7.75%)
Developer
manuschillerdev
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
1 Stars
9 Commits
1 Forks
2 Watchers
1 Branches
2 Contributors
Updated on Feb 04, 2022
Maintainers
1
Package Meta Information
Latest Version
1.0.1-rc1
Package Id
sync-deps@1.0.1-rc1
Unpacked Size
10.33 kB
Size
3.58 kB
File Count
7
NPM Version
7.3.0
Node Version
15.5.1
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Dev Dependencies
5
sync-deps
TLDR; Compares your lockfile with installed dependencies and triggers an installation on mismatches. Works with npm, yarn and pnpm.
Tired of your local dev-server not starting after you checked out a branch that has different dependencies than you previous
one? Normally you would have to manually update your dependencies. sync-deps can automate this step.
Based on your lockfile it automatically detects whether you use npm, yarn or pnpm and acts accordingly.
heavily inspired by this gist!
Usage
Install as devDependency (adds ~1MB to your node_modules): yarn add -D sync-deps
Option one: add as pre-hook of your dev task:
In this case sync-deps checks your dependencies before your dev server starts.
Example - in a NextJS environment:
1{ 2 "scripts": { 3 "predev": "sync-deps", 4 "dev": "next dev" 5 } 6}
Option two: usage with husky on post-checkout
In this case sync-deps checks your dependencies, whenever you check out a different branch via git.
with yarn:
1yarn add -D husky 2yarn husky install 3yarn husky add .husky/post-checkout "sync-deps"
with npx:
1npm install husky --save-dev 2npx husky install 3npx husky add .husky/post-checkout "sync-deps"
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
3 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Reason
Found 0/9 approved changesets -- score normalized to 0
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Score
2.2
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More