Auditing NPM Modules in Microservices

Clean-up some of the mess across your repositories

October 01 2016
Reading Time: 5 minutes
Contribute to this post on Github

Where i work at Beamery we follow Microservices Architecture and have a good 20+ git repositories. With time, these repos become bloated with old NPM modules that are either outdated or not used anymore at all. I wanted to find a way to easily audit and clean this mess.

Where i work at Beamery we follow Microservices Architecture and have a good 20+ git repositories. With time, these repos become bloated with old NPM modules that are either outdated or not used anymore at all. I wanted to find a way to easily audit and clean this mess.

I came across the great npm-check that:

To automate running npm-check across all of our repos and generate one coherent report, i created a simple bash-it plugin. The plugin in its core does:

# Generate NPM report using the npm-check module to inspect the state of our npm modules
# The function will check if npm-check is installed and install it otherwise
# The report will be generated in the root directory and will be called npm-report.txt

generate_npm_report() {
    if command_exists npm-check ; then
        find . -maxdepth 1 -type d \( ! -name . \) -exec bash -c "cd '{}' && printf 'Examining NPM modules for '{}'' && echo '{}' >> ../npm-report.txt && npm-check >> ../npm-report.txt" \;
    else
        printf 'npm-check module was not found. Installing now:';
        npm install -g npm-check
        find . -maxdepth 1 -type d \( ! -name . \) -exec bash -c "cd '{}' && printf 'Examining NPM modules for '{}'' && echo '{}' >> ../npm-report.txt && npm-check >> ../npm-report.txt" \;
    fi
}

# Some helper functions to check if a certain command exists
command_exists () {
    type "$1" &> /dev/null ;
}

This script is executed at the root folder that contains all of your repositories, will execute the npm-check command and aggregate the results in the npm-report.txt at the root directory where you executed your script. The script also checks first if the npm-check command exists or we need to install it via an npm install -g npm-check.

To go step by step inside of the main function:

Auditing NPM Modules

After knowing the various modules used, i cleaned a bit my file, pasted the results in an Excel sheet, sorted the cells and created a subTotal on the count. This generated a list of all my NPM modules used and their respective count.

Cleaning out unused NPM modules

The previous function is good at giving us an idea of what modules are being used and in what frequency. However, we might have a bunch of unused modules that were left over old code and will just increase the size of our containers with no actual use.

We can easily clean out those modules by taking advantage of the npm-clean and plug that in a similar wrapper as the function above:

# Clean unused NPM modules from each repository
# The function will check if npm-clean is installed and install it otherwise

clean_npm_modules() {

    if command_exists npm-clean ; then
        find . -maxdepth 1 -type d \( ! -name . \) -exec bash -c "cd '{}' && printf 'Cleaning NPM modules for '{}'' && echo '{}' >> ../npm-clean-report.txt && npm-clean >> ../npm-clean-report.txt" \;
    else
        printf 'npm-check module was not found. Installing now:';
        npm install -g npm-clean
        find . -maxdepth 1 -type d \( ! -name . \) -exec bash -c "cd '{}' && printf 'Cleaning NPM modules for '{}'' && echo '{}' >> ../npm-clean-report.txt && npm-clean >> ../npm-clean-report.txt" \;
    fi
}

# Some helper functions to check if a certain command exists
command_exists () {
    type "$1" &> /dev/null ;
}

I hope this helps you in cleaning out your repositories as well.


Twitter Facebook Google+