microsoft@rnx-kit/lint-lockfile
🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧
THIS TOOL IS EXPERIMENTAL — USE WITH CAUTION
🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧🚧
@rnx-kit/lint-lockfile is a standalone tool for scanning your lockfiles for
potential issues.
Supported lockfile formats:
Installation
yarn add @rnx-kit/lint-lockfile --dev
Usage
yarn lint-lockfile
Configuration
@rnx-kit/lint-lockfile can be configured in your root package.json file. For
example:
{
"rnx-kit": {
"lint": {
"lockfile": {
"noDuplicates": {
"enabled": true, // enabled by default
"packages": [
"react",
"react-native"
]
},
"noWorkspacePackageFromNpm": {
"enabled": true // enabled by default
}
}
}
}
}
Rules
noDuplicates
This rule checks for duplicate packages in the lockfile. It must be configured to check for specific packages. For example, to check for duplicates of React and React Native, configure it like this:
{
"rnx-kit": {
"lint": {
"lockfile": {
"noDuplicates": {
"packages": [
"react",
"react-native"
]
}
}
}
}
}
You can allow multiple copies of a package by specifying a max count:
{
"rnx-kit": {
"lint": {
"lockfile": {
"noDuplicates": {
"packages": [
"react-native",
["react", 2], // allow up to 2 copies of `react`
["left-pad", 0] // disallow `left-pad` entirely
]
}
}
}
}
}
This rule also has a built-in preset for React Native. You can enable it with
#react-native:
{
"rnx-kit": {
"lint": {
"lockfile": {
"noDuplicates": {
"packages": [
"#react-native"
]
}
}
}
}
}
noWorkspacePackageFromNpm
This rule checks for workspace packages that are unintentionally installed from npm. It is enabled by default, but can be disabled like this:
{
"rnx-kit": {
"lint": {
"lockfile": {
"noWorkspacePackageFromNpm": {
"enabled": false
}
}
}
}
}