A lightweight CLI tool to analyze package freshness in your Node.js or Web projects. Roest - meaning "Rust" in Dutch - helps you identify outdated packages by checking when they were last updated, making it easier to keep your dependencies current and secure.
Navigate to your project directory and run:
npx roest checkThis will analyze your package-lock.json file and display package update information.
You can also analyze any GitHub repository directly. In order to do this, you need to make sure you have the GITHUB_TOKEN environment variable set. You can create a new GitHub token here.
Once you have your token, run the following command:
npx roest repo owner/repositoryThis will find and analyze all lock files in the specified GitHub repository.
After running an analysis, you can generate a visual HTML report:
npx roest showThis will read the output.json file and generate a report.html file with a visual representation of your package freshness data.
You can also specify custom input and output paths:
npx roest show ./custom-output.json -o ./custom-report.html-f, --file <path>: Path to your lock file (default: auto-detect in current directory)-o, --output <path>: Output file path for JSON results (default:./output.json)
-o, --output <path>: Output file path for JSON results (default:./output.json)
[input]: Input JSON file path (default:./output.json)-o, --output <path>: Output HTML file path (default:./report.html)
The tool also generates a detailed JSON file containing:
[
{
"name": "chalk",
"current": {
"version": "5.6.2",
"publishDate": "2024-01-15T10:30:00.000Z"
},
"next": {
"version": "5.6.3",
"publishDate": "2024-03-01T14:20:00.000Z"
}
}
]- npm package-lock.json v2: Full support
- npm package-lock.json v3: Full support
- pnpm: Planned
- bun: Full support
- yarn: Planned
Make sure you have Bun installed on your system.
bun installMIT License - see LICENSE file for details.