Skip to content

Releases: tinovyatkin/action-check-deprecated-js-deps

GitHub action that checks NPM deprecated dependencies

13 Dec 16:41
@tinovyatkin tinovyatkin
release
233d9ec
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
GitHub action that checks NPM deprecated dependencies Latest
Marketplace
Latest
Marketplace

NPM deprecated packages is sometimes even bigger security or stability risk for a project than known vulnerabilities (that have a lot of monitoring tools). However, there is no easy way to check for deprecation as both npm outdated nor yarn outdated says nothing about deprecated packages.

You may see NPM warning on first install of that package, but those warning can be easily lost in a lot of log messages during install or even will not appear for a mature project.

This action checks for all project dependencies (dependencies, devDependencies and resolutions) and fails the action if a deprecated dependency found:

screenshot of action run

Compatible with Yarn and Lerna monorepos.

Assets 2