Comments (11)
Version 0.4.3 is already on the air!
We have included a new option that avoids checking any type of parameter
-nu
or --no-check-update
from npkill.
Hi! Sorry for the delay.
Yes, I understand. There is a simple reason for not using update-notifier, and that is that npkill aspires to be a lightweight module. That is, to have as few dependencies as possible.
About the updating only once a day, we could implement it in the future, it's certainly an interesting option. We do, however, have our hands full with fixing a few bugs that have come up. We'll add it to our roadmap.
Once again, thank you for your suggestions, we appreciate it
from npkill.
Interesting ... but in the end, it remains an https request.
I see the option of being able to configure that updates are not checked interesting.
We will implement this option in npkill.
Thank you for the suggestion!
from npkill.
Also, maybe just switch to using this: https://github.com/yeoman/update-notifier
It seems to be a more common approach that other CLIs yse.
from npkill.
+1 for update-notifier. Users can choose to opt-out.
from npkill.
@zaldih Thanks for the update. I haven't checked carefully, but I presume you check for updates anytime the cli is called?
That's one reason I was suggesting update-notifier, it only checks once a day (configurable),see https://www.npmjs.com/package/update-notifier#how.
from npkill.
Hi! The HTTP request that npkill makes is a GET request to a file hosted on a github server (https://npkill.js.org/version.json), as you may see if you take a look at the source code. However, I can understand perfectly that this may seem suspicious at first sight.
We check for new versions by means of an HTTP request because it is the only way we could think of to achieve this. Would you care to suggest a better method to check versions? We would appreciate it.
Thanks for opening this issue :)
from npkill.
Yeah, I know it's benign. I am just thinking that with all of these recent scares in the NPM world with injections and all. We all should be careful. I have a firewall set to deny all calls to third parties. And it got triggered.
I just don't think tools should be even checking for new versions. There are tools on NPM that can assist you with updates already.
But it's just my opinion.
from npkill.
I will look into the NPM tools that you mention. To be honest, I wasn't quite happy with our solution, but it was the only way we could think of. Thank you.
from npkill.
I like using this one: https://www.npmjs.com/package/npm-check
It has a flag for checking global package versions:
$> npm-check -g
It is not automatic though.
from npkill.
Sincerely thank you for your participation. we appreciate it.
I will close the issue. Do not hesitate to reopen it if you have any news!
from npkill.
Related Issues (20)
- Instead of doing both npx and npm global install, we can do... HOT 1
- [Feature request]: Copy path HOT 1
- [Feature request]: Open the folder
- Better way to distribute the binary? (windows-find.exe) HOT 3
- Use of mutation testing in npkill - Help needed HOT 1
- Can you stop at the high level node_modules? HOT 2
- Getting SyntaxError: Unexpected token '.' during npkill launch HOT 3
- Freezes calculating stats HOT 13
- Moving back to an item that has started deleting, or is deleted, disables the arrow key and produces error HOT 3
- Invalid count value HOT 6
- Thank you for this amazing package
- TypeError: Cannot read properties of undefined (reading 'message') HOT 1
- Help command does not print all the result in the large-size window HOT 1
- Node.js v18.16.0,There is a type error at line 262 of the controller file controller.js, the line of code tries to access error.message, but the error variable is undefined, causing the program to crash HOT 3
- npkill does NOT show `node_module`s in the nested projects. HOT 6
- Errors on symlinked node_modules HOT 1
- Does not show any node_modules HOT 1
- delete is too slow HOT 2
- Support for `--target` with multiple directories
- gar dependency is deprecated HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from npkill.