rogeriochaves/npm-force-resolutions

Stars
559
Rank 77,158 (Top 2 %)
Language
Clojure
Created about 6 years ago
Updated over 1 year ago

rogeriochaves/npm-force-resolutions

rogeriochaves

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Force npm to install a specific transitive dependency version

NPM Force Resolutions

This packages modifies package-lock.json to force the installation of specific version of a transitive dependency (dependency of dependency), similar to yarn's selective dependency resolutions, but without having to migrate to yarn.

WARNING before you start

The use case for this is when there is a security vulnerability and you MUST update a nested dependency otherwise your project would be vulnerable. But this should only be used as a last resource, you should first update your top-level dependencies and file an issue for them to update the vulnerable sub-dependencies (npm ls <vulnerable dependency> can help you with that).

How to use

First add a field resolutions with the dependency version you want to fix to your package.json, for example:

"resolutions": {
  "hoek": "4.2.1"
}

Then add npm-force-resolutions to the preinstall script so that it patches the package-lock file before every npm install you run:

"scripts": {
  "preinstall": "npx npm-force-resolutions"
}

Now just run npm install as you would normally do:

npm install

To confirm that the right version was installed, use:

npm ls hoek

If your package-lock changes, you may need to run the steps above again.

Contributing

To build the project from source you'll need to install clojure. Then you can run:

npm install
npm run build

langstream

Build robust LLM applications with true composability 🔗

spades

Start an Elm SPA ready to the real world

driver

feedless

elm-peer-tweet

Decentralized feeds using BitTorrent's DHT. Based on lmatteis' peer-tweet.

structured-elm-todomvc

Structured TodoMVC with Elm to exemplify real-world apps

bmo

BMO is a ChatGPT voice assistant

remote-retrospectives

Have fun retrospectives using Google Docs

elm-test-bdd-style

BDD-style matchers for elm-test

react-decompiler

Decompile react components back into jsx format

jasmine-react-diff

Outputs nicely formated jsx when diffing two react components

pictureit-editor

NodeJS-MotionCAPTCHA

josscrowcroft's MotionCAPTCHA server-side validated with NodeJS

elm-suspense

Recreating react-suspense features using elm

rastreiounico

Rastreie qualquer coisa, pra qualquer um, com um clique, de graça, sem cadastro.

elm-todomvc-pwa

elm-todomvc with pwa features

notebooks

I'll munch some data here

Jupyter Notebook

unbreakablejs

JavaScript without runtime errors

codesearch

safe-externals-loader

Load webpack externals only if they are available globally, else require them

elm-ternary

Ternary and Null Coalescing operators for Elm

elm-test-example

Reactbox

A true responsive lightbox, when in mobile, it allows you to zoom and scroll the bigger image

rubber

Evaluate LaTeX math code

ml-101

Jupyter Notebook

unit

Universal Test Generator

simple-platform

Docker Machine + Ngninx + Prometheus + Grafana to provision on a single host

oltwitter

Good Ol' Twitter UI, rebuilt

llm-cost

NodeJS utility for counting tokens and estimating the cost of LLMs

atom-spec-finder

Shortcut for atom editor to switch between the file and its spec

gpt2-bot

require-js-plugins-loader

A webpack loader to lazy load RequireJS plugins

sublime-spec-finder

Shortcut for sublime text to switch between the file and it's spec

ptbr-datascience-crawler

Scrapes links from Pt-BR Data Science telegram group because they are too good to miss

FOADocs

Sistema de controle de arquivos e versão para projetos acadêmicos utilizando cloud storage

signal-concat-map

ConcatMap for Elm Signals

bayes-akinator

Building Akinator with Python using Bayes Theorem

mle

elm-testable-css-helpers

Wraper for elm-testable of helper functions for using elm-css with elm-html

backbone-indexeddb-offline

Allows your Backbone.js app to work offline using indexeddb

chatje

basic version of workchat, because the facebook one is slow as hell

dotfiles

perl-tdd-runner

Run Perl tests continuously

blog

my php (personal home page)

astah-anycode-rails

Generate scaffolds from your astah classes

stop-touching-your-face

Uses your camera to buzz you when you touch your face

react_editable_content

let you edit block of text or image in any page on your Rails application

matrizes-clifford

cálculos simples de matriz para a aula do clifford

memekombat

The best game that existed on facebook circa 2012

langchain-docs-bot

A simple docs retrieval bot, indexing markdown and jupyter notebooks, which also can have a conversation, built using langchain and vectordb, with a nice chainlit UI

Combina--o-de-Conjuntos

newgen-js-bundlers

Comparing new generation of JS bundlers

log-filter

filter repetitive logs and focus on the different ones

Jogo-da-Ket

Online Multiplayer Facebook Card Game in Node.JS with socket.io

hastext

Clone of a social network based on micro-blogging in Elm

prepack-elm-poc

JavaScript-vs-CSS-animations-tests

forecaster

probability weighted weather forecasts

Jupyter Notebook

babel-plugin-unbreakablejs

No runtime errors for javascript!

SEO-Friendly-Single-Page-Website

Create a stylish single-page website without losing links based navigation ;)

spree_pagseguro

deprecated - não use

yyyy_mm_dd

Easy string-based date manipulation library for Python