It lives.

.editorconfig

@@ -0,0 +1,15 @@
+# http://editorconfig.org/
+
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
+
+[Makefile]
+indent_style = tab
+indent_size = 4

.eslintrc.js

@@ -0,0 +1,6 @@
+module.exports = {
+  root: true,
+  extends: [
+    'standard'
+  ]
+}

.gitignore

@@ -0,0 +1,4 @@
+.DS_Store
+/*.tgz
+/node_modules/
+/npm-debug.log

.npmignore

@@ -0,0 +1,5 @@
+.DS_Store
+/*.tgz
+/example.png
+/node_modules/
+/npm-debug.log

LICENSE

@@ -0,0 +1,13 @@
+Copyright © 2016 Simo Kinnunen
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

README.md

@@ -0,0 +1,53 @@
+# please-update-dependencies
+
+[![npm](https://img.shields.io/npm/v/please-update-dependencies.svg)](https://www.npmjs.com/package/please-update-dependencies)
+
+**please-update-dependencies** is a useful addition to [Node.js](https://nodejs.org/) CLI applications. It checks that currently installed dependencies satisfy the requirements set in your `package.json`, and won't let the user continue till they've updated the dependencies.
+
+![Example](example.png?raw=true)
+
+## Benefits/philosophy
+
+### Pros
+
+* Easy to understand error messages.
+* Encourages users to solve issues by themselves rather than overloading the maintainer with questions or issues.
+* No output when nothing's wrong.
+
+### Cons
+
+* If you release a botched update and forget to release a dependency that you've bumped up, users can't run your app.
+* Only [semver](http://semver.org/) compatible dependencies are checked.
+  - If you use URLs as dependencies, they will simply be ignored.
+* Slight but mostly unnoticeable overhead.
+
+## Installation
+
+Using [yarn](https://yarnpkg.com/):
+
+```sh
+yarn add please-update-dependencies
+```
+
+Using [npm](https://www.npmjs.com/):
+
+```sh
+npm install --save please-update-dependencies
+```
+
+Now, in your main file, before anything else, insert the following line:
+
+```js
+require('please-update-dependencies')(module)
+```
+
+
+If you're using [Babel](https://babeljs.io/) or similar, you probably have an existing entry point. You should put the line there before activating babel or anything else.
+
+If you don't put the line as the first thing in your file, you risk running into incompatibilities before any checks even run.
+
+The dependency check will run every time the binary is invoked, unless you've exported `ALLOW_OUTDATED_DEPENDENCIES=1`. It'll find the nearest `package.json` (either in the same folder or a parent folder) and check things from there.
+
+## License
+
+See [LICENSE](LICENSE).

index.js

@@ -0,0 +1,111 @@
+var fs = require('fs')
+var path = require('path')
+var url = require('url')
+var util = require('util')
+var chalk = require('chalk')
+
+var semver = require('semver')
+
+var ERROR = chalk.red('ERROR:')
+var HINT = chalk.yellow('HINT:')
+var BYPASS = 'ALLOW_OUTDATED_DEPENDENCIES'
+
+function verify (mod) {
+  var ctx = path.parse(mod.filename)
+  var pkg = null
+
+  // The calling module might not be in the root folder of the package. Go
+  // through its parent folders until it's found.
+  do {
+    try {
+      pkg = mod.require(path.resolve(ctx.dir, './package.json'))
+      break
+    } catch (err) {
+      if (err.code !== 'MODULE_NOT_FOUND') {
+        throw err
+      }
+      ctx = path.parse(ctx.dir)
+      continue
+    }
+  } while (ctx.root !== ctx.dir)
+
+  // Or did we not find it at all? That's bad.
+  if (pkg === null) {
+    console.error(ERROR, util.format(
+      'No %s in any parent folder of %s',
+      chalk.cyan('package.json'),
+      chalk.inverse(mod.filename)
+    ))
+    return false
+  }
+
+  function validateDeps (deps, type) {
+    return Object.keys(deps).reduce(function (state, name) {
+      var wanted = deps[name]
+      var depPkg = null
+
+      // Is it a full URL? Can't handle those.
+      var wantedUrl = url.parse(wanted)
+      if (wantedUrl.protocol) {
+        return state
+      }
+
+      // Or if it's a shorthand GitHub URL, we can't handle those either.
+      if (/[^@].*\//.test(wanted)) {
+        return state
+      }
+
+      try {
+        depPkg = mod.require(path.join(name, './package'))
+      } catch (err) {
+        console.error(ERROR, type, util.format(
+          '%s is not installed',
+          chalk.cyan(name)
+        ))
+        return false
+      }
+
+      if (!semver.satisfies(depPkg.version, wanted)) {
+        console.error(ERROR, type, util.format(
+          '%s is currently %s but needs to be %s',
+          chalk.cyan(name),
+          chalk.red(depPkg.version),
+          chalk.green(wanted)
+        ))
+        return false
+      }
+
+      return state
+    }, true)
+  }
+
+  if (!validateDeps(pkg.dependencies || {}, 'dependency')) {
+    try {
+      fs.statSync(path.resolve(ctx.dir, 'yarn.lock'))
+      console.error(HINT,
+        'Please run `yarn`, `npm install` or equivalent before continuing.')
+    } catch (err) {
+      console.error(HINT,
+        'Please run `npm install` or equivalent before continuing.')
+    }
+    return false
+  }
+
+  return true
+}
+
+module.exports.verify = verify
+
+module.exports = function (mod) {
+  if (process.env[BYPASS] === '1') {
+    return
+  }
+
+  if (!verify(mod)) {
+    console.error(HINT, util.format(
+      'You can also export %s=1 to bypass verification.',
+      BYPASS
+    ))
+    process.exit(1)
+  }
+}

package.json

@@ -0,0 +1,27 @@
+{
+  "name": "please-update-dependencies",
+  "version": "1.0.0",
+  "description": "Ensure that users of your package don't forget to run `npm install`.",
+  "keywords": [
+    "dependencies",
+    "update",
+    "cli",
+    "relief"
+  ],
+  "license": "Apache-2.0",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/sorccu/please-update-dependencies.git"
+  },
+  "main": "./index",
+  "dependencies": {
+    "chalk": "^1.1.3",
+    "semver": "^5.3.0"
+  },
+  "devDependencies": {
+    "eslint": "^3.9.1",
+    "eslint-config-standard": "^6.2.1",
+    "eslint-plugin-promise": "^3.3.1",
+    "eslint-plugin-standard": "^2.0.1"
+  }
+}