Investigating NPM Dependencies

I have been working with a number of Node projects recently.

Keeping dependencies upto date is a big time sink. I use Dependabot to help with these.

Here is a utility that I have written that allows visualisation of module dependencies:

It loads node_modules into a Neo4j graph database.

To use this you need to install neo4j, create a database user with a password and the Erlang OTP runtime.

Here are the important details:

Once you have run mix then you can use the following:

./package_compare path-to-the/package.json localhost neo4j_username neo4j_password

This can be run across multiple projects to compare the dependencies. Once you have loaded multiple applications you can you the simple query:


This will allow you to find the core set of dependencies that your applications are using. If two projects have a large core then there may be a common library waiting to be extracted.

This is an example of an Elixir escript application. This takes an unusual approach with the Sips library, it uses start link itself so that the database configuration can be supplied on the command line. Normally this would be started as a dependent application and the config found from a config file.