Ensures that all developers on your project use the same, secure LTS version of node, install dependencies in an unambiguous manner and utilize githooks.
Feel free to use env-linter in any way that makes sense for your project. Here is an example of how env-linter could be applied as part of your package.json:
{
"postinstall": "env-linter -s -se -d -vs 'node=16.x.x,npm=8.x.x'",
"prestart": "env-linter -h -vs 'node=16.x.x,npm=8.x.x'",
"lint-staged": {
"**/package.json": ["env-linter -s -d"]
}
}You can skip all env-linter checks by using the environment variable ENV_LINTER_SKIP=true. This could be useful on certain CI environments which are not automatically detected by env-linter.
const { api } = require('env-linter');
await api({
versions: 'node=16.x.x,npm=8.x.x',
hooksInstalled: true,
saveExact: true,
dependenciesExactVersion: true,
lts: true,
security: true,
});Checks the installed versions of global packages or programs like node, npm, yo, etc. against a required version.
For example calling env-linter --versions 'node=16.x.x' will ensure that version 16 of node is being used. Multiple versions can be checked by separating them with a comma (eg. --versions 'node=16.x.x,npm=8.x.x,yo=4.x.x').
env-linter will stop any further process-execution if a package or program does not satisfy the required version.
Calling env-linter with --versions but without any arguments will compare the installed node-version with the node-version from the .node-version file.
In any case, the used node version is compared to the list of official node-releases and process-execution is stopped if the used npm version is older than the npm version that node comes with.
Checks if git-hooks are installed (i.e. husky installed). env-linter will stop any further process-execution if git-hooks are not installed.
Checks if the used node version is considered secure according to the current list of node releases. If a newer node-version is available which was released due to a security concern, env-linter will stop any further process-execution. Find out more about the security-flag in this github issue.
Checks if the npm option save-exact is enabled, either through a .npmrc file in the project or in the user-directory. env-linter will stop any further process-execution if save-exact is disabled.
Checks if the version definitions of the dependencies and devDependencies in the package.json (or in a monorepository all available packages) are fitting our standards, which means; no approximate versions eg. tilde ~ or caret ^, no star * wildcard and no tarball embeds via https://*.
Checks if the used node version is a LTS version. Here is some more information why it might be a good idea to use an LTS version.
You want to contribute to the env-linter? That's awesome!