Question 1

How to ignore certain packages when using David?

Accepted Answer

Add a david.ignore property in your package.json with an array of package names or glob patterns, as shown in the README's ignore configuration example. This allows you to skip specific dependencies during checks and updates.

Question 2

David vs npm-check-updates: what's the difference?

Accepted Answer

Both tools check for outdated npm dependencies, but David offers a simpler programmatic API and direct update commands, while npm-check-updates might provide more granular control and additional features like interactive updates. David is better for automation-focused workflows.

Question 3

How to update dependencies to beta or unstable versions with David?

Accepted Answer

Use the --unstable flag with the david update command, which allows updating to the latest versions including non-stable ones, as specified in the CLI documentation. This is useful for testing cutting-edge features.

Question 4

Does David work with private npm registries?

Accepted Answer

Yes, David supports custom registries via the --registry flag, allowing you to specify alternate npm registry URLs for dependency resolution, making it suitable for enterprise environments with private packages.

Question 5

Can David be used in continuous integration pipelines?

Accepted Answer

Absolutely, by using its programmatic API in Node.js scripts or running the CLI in build steps, David can automate dependency checks as part of CI/CD workflows, helping ensure projects stay up to date.

Question 6

What happens if a dependency is a Git URL in package.json?

Accepted Answer

David prints a warning by default, but you can make it throw an error and exit by using the --errorSCM option, as explained in the SCM dependencies section. This helps manage non-standard dependency sources.

David

What is David?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions