Dependency Analyzer
Comprehensive dependency analysis and optimization for JavaScript/TypeScript projects
Quick Commands
Analyze all dependencies
npm run analyze:deps
Find outdated packages
npm outdated --long
Check for vulnerabilities
npm audit --audit-level=moderate
Analyze bundle size impact
npx bundle-phobia-cli package-name
Core Functionality
Key Features
-
Dependency Audit: Security vulnerabilities and outdated packages
-
Bundle Analysis: Size impact and tree-shaking effectiveness
-
Circular Detection: Find and resolve circular dependencies
-
License Compliance: Verify license compatibility
-
Update Strategy: Safe update recommendations
Detailed Information
For comprehensive details, see:
cat .claude/skills/dependency-analyzer/references/audit-guide.md
cat .claude/skills/dependency-analyzer/references/optimization-strategies.md
cat .claude/skills/dependency-analyzer/references/security-best-practices.md
Usage Examples
Example 1: Full Dependency Audit
import { DependencyAnalyzer } from '@j0kz/dependency-analyzer';
const analyzer = new DependencyAnalyzer(); const report = await analyzer.audit({ checkVulnerabilities: true, checkOutdated: true, checkLicenses: true, checkBundleSize: true });
console.log(report.summary);
Example 2: Find Circular Dependencies
const circles = await analyzer.findCircularDependencies(); if (circles.length > 0) { console.log('Circular dependencies found:', circles); }
Configuration
{ "dependency-analyzer": { "autoFix": false, "severity": "moderate", "ignoreDev": false, "maxBundleSize": "500kb", "allowedLicenses": ["MIT", "Apache-2.0", "BSD-3-Clause"] } }
Integration with CI/CD
GitHub Actions example
- name: Dependency Audit run: | npm audit --audit-level=moderate npx @j0kz/dependency-analyzer audit --fail-on-high
Notes
-
Integrates with npm, yarn, and pnpm
-
Caches results for faster subsequent runs
-
Supports monorepo structures
-
Can generate SBOM (Software Bill of Materials)