@namics/env-linter

Ensures that all developers on your project use the same node version, install dependencies in an unambiguous manner and utilize githooks.

Usage no npm install needed!

<script type="module">
  import namicsEnvLinter from 'https://cdn.skypack.dev/@namics/env-linter';
</script>

README

env-linter

Ensures that all developers on your project use the same, secure LTS version of node, install dependencies in an unambiguous manner and utilize githooks.

npm Travis License

env-linter screencast

Usage example

Feel free to use env-linter in any way that makes sense for your project. Here is an example of how env-linter could be applied as part of your package.json:

{
    "postinstall": "env-linter -s -se -d -vs 'node=14.x.x,npm=7.x.x'",
    "prestart": "env-linter -h -vs 'node=14.x.x,npm=7.x.x'",
    "lint-staged": {
        "**/package.json": ["env-linter -s -d"]
    }
}

You can skip all env-linter checks by using the environment variable ENV_LINTER_SKIP=true. This could be useful on certain CI environments which are not automatically detected by env-linter.

API usage

const { api } = require('@namics/env-linter');

await api({
    versions: 'node=14.x.x,npm=7.x.x',
    hooksInstalled: true,
    saveExact: true,
    dependenciesExactVersion: true,
    lts: true,
    security: true,
});

Options

-vs, --versions [string]

Checks the installed versions of global packages or programs like node, npm, yo, etc. against a required version. For example calling env-linter --versions 'node=14.x.x' will ensure that version 14 of node is being used. Multiple versions can be checked by separating them with a comma (eg. --versions 'node=14.x.x,npm=7.x.x,yo=4.x.x'). env-linter will stop any further process-execution if a package or program does not satisfy the required version.

Calling env-linter with --versions but without any arguments will compare the installed node-version with the node-version from the .node-version file.

In any case, the used node version is compared to the list of official node-releases and process-execution is stopped if the used npm version is older than the npm version that node comes with.

-h, --hooksInstalled

Checks if git-hooks are installed (i.e. husky installed). env-linter will stop any further process-execution if git-hooks are not installed.

-se, --security

Checks if the used node version is considered secure according to the current list of node releases. If a newer node-version is available which was released due to a security concern, env-linter will stop any further process-execution. Find out more about the security-flag in this github issue.

-s, --saveExact

Checks if the npm option save-exact is enabled, either through a .npmrc file in the project or in the user-directory. env-linter will stop any further process-execution if save-exact is disabled.

-d, --dependenciesExactVersion

Checks if the version definitions of the dependencies and devDependencies in the package.json (or in a monorepository all available packages) are fitting our standards, which means; no approximate versions eg. tilde ~ or caret ^, no star * wildcard and no tarball embeds via https://*.

-l, --lts

Checks if the used node version is a LTS version. Here is some more information why it might be a good idea to use an LTS version.

License

MIT License