Dependency Audit Skill
Comprehensive npm dependency security and health check.
Security Audit
- •
Run npm audit:
bashnpm audit
- •
For detailed JSON output:
bashnpm audit --json
- •
Fix automatically if safe:
bashnpm audit fix
- •
For breaking changes (be careful):
bashnpm audit fix --force
Outdated Packages
- •
Check for outdated:
bashnpm outdated
- •
Update specific package:
bashnpm update <package-name>
- •
Update to latest (major versions):
bashnpx npm-check-updates -u npm install
License Check
- •
List all licenses:
bashnpx license-checker --summary
- •
Check for problematic licenses:
bashnpx license-checker --onlyAllow "MIT;Apache-2.0;BSD-2-Clause;BSD-3-Clause;ISC"
Bundle Analysis
- •
Analyze bundle size:
bashnpx source-map-explorer dist/**/*.js
- •
Find duplicate dependencies:
bashnpx npm-dedupe
Output Report
markdown
## Dependency Audit Report ### Security - Critical: X - High: X - Medium: X - Low: X ### Outdated Packages | Package | Current | Wanted | Latest | | ------- | ------- | ------ | ------ | | ... | ... | ... | ... | ### Actions Required 1. [Action with priority] 2. [Action with priority]