Paste your package.json to instantly detect version conflicts, ERESOLVE errors, missing peer dependencies, incompatible package combinations, and dev/prod misplacements. No npm install, no CLI, no login required.
// Paste package.json contents
A dependency checker analyzes the packages listed in your project's package.json to detect compatibility problems that cause build failures, runtime errors, and confusing npm warnings. Unlike a vulnerability scanner (which looks for security CVEs), a dependency checker focuses on structural correctness — ensuring your packages can coexist, that peer requirements are met, and that your dependency tree is logically consistent.
The most common problems a dependency checker catches: version conflicts (two packages requiring incompatible versions of a shared dependency), missing peer dependencies (a library expecting another package to be installed by you), incompatible combinations (packages that can't work together), and misplaced packages (production tools accidentally in devDependencies or vice versa).
In npm v7 and later, many of these issues became blocking errors instead of warnings — causing the infamous ERESOLVE error that prevents npm install from completing. This tool detects those conflicts before you run npm, saving you the debugging cycle.
Traditional dependency checking tools like OWASP Dependency-Check or npm itself require a full project installation. This tool analyzes your package.json statically — no node_modules, no CLI, no project setup.
package.json in your project root. Copy its full contents — both dependencies and devDependencies are analyzed.
error //
Version ConflictsDetects when packages require incompatible versions of a shared dependency — like react@17 vs react-dom@18, or TypeScript appearing in both deps and devDeps at different versions.
warning //
Missing Peer DependenciesFlags when a library's peer requirements aren't met: react-dom without react, react-redux without redux, styled-components without react.
warning //
Incompatible CombinationsIdentifies packages that conflict by purpose or API: moment + date-fns (duplicate date libs), lodash + underscore (duplicate utility libs), request + axios (deprecated + replacement).
duplicate //
Duplicate PackagesDetects the same package listed in both dependencies and devDependencies — often at different versions, creating ambiguity about which version runs in each environment.
info //
Dev/Prod MisplacementsFlags build tools in production deps: webpack, jest, eslint, typescript, nodemon, @types/* packages — none of which should be installed in production.
structure //
Structure ValidationChecks for missing name/version fields, malformed version strings, and other package.json structural issues that cause npm parsing errors.
ERESOLVE is an npm v7+ error that occurs when npm cannot resolve a consistent dependency tree. npm v7 introduced strict peer dependency resolution — conflicts that npm v6 silently ignored now block installation entirely. Understanding the root cause is essential for fixing it properly.
npm ERR! ERESOLVE unable to resolve dependency tree
This error means two packages in your tree require incompatible versions of the same peer dependency. The most common cause is mixing package versions that target different major versions of React, TypeScript, or other core libraries.
Example: react-dom@18.2.0 requires react@^18.0.0 as a peer, but you have react@17.0.2 installed. This mismatch triggers ERESOLVE.
The three approaches to fix ERESOLVE, in order of preference:
This dependency checker tool detects the conflicts that cause ERESOLVE before you run npm install — so you can resolve them in your package.json rather than debugging opaque npm error messages.
Three different tools solve three different dependency problems. Choosing the right one depends on whether you're looking for security CVEs, compatibility conflicts, or both.
| Feature | This Tool | npm audit | OWASP Dep-Check |
|---|---|---|---|
| Requires install | ✓ No install | ✗ node_modules needed | ✗ CLI binary |
| Login / account | ✓ No account | ✓ No account | ✓ No account |
| Conflict detection | ✓ Full conflict check | — Not covered | — Not covered |
| Peer dependency check | ✓ Yes | — Partial | — Not covered |
| Security CVE scanning | — Use dep-scanner.top | ✓ npm advisory DB | ✓ NVD + multiple DBs |
| Transitive dependencies | — Direct deps only | ✓ Full tree | ✓ Full tree |
| Languages supported | — npm only | — npm only | ✓ Java, .NET, Python, npm |
| Free | ✓ Always free | ✓ Free | ✓ Open source |
For security CVEs, use npm audit or OWASP Dependency-Check. For compatibility conflicts, ERESOLVE errors, and peer dependency problems — this tool is faster with no setup required.
Common questions from developers debugging npm dependency problems — the kind of discussions found on Stack Overflow, Reddit r/node, and the npm GitHub issues.
How do I find which package is causing an ERESOLVE error?
Run npm install --verbose 2>&1 | grep -i "peer\|conflict\|ERESOLVE" to see the full conflict chain. npm's error message tells you which package triggered the conflict and what versions are incompatible. Alternatively, paste your package.json into this checker — it detects peer version mismatches before you run npm, so you can fix them before hitting the error.
Why does my project install fine but a teammate's doesn't?
This is almost always a Node.js or npm version difference. npm v6 (bundled with older Node) treats peer dependency conflicts as warnings; npm v7+ treats them as errors. If your colleague has npm v7+ and you have v6, they'll see ERESOLVE where you don't. Check with npm --version on both machines. The long-term fix is to align your package versions so the conflict doesn't exist at any npm version.
What is the difference between dependencies, devDependencies, and peerDependencies?
dependencies are packages your app needs to run in production. devDependencies are packages only needed during development and build (test frameworks, bundlers, TypeScript). peerDependencies are packages a library expects the consumer to install — they declare compatibility requirements rather than direct dependencies. Getting these wrong causes either bloated production bundles (devDeps in deps) or missing runtime packages (deps in devDeps).
Is it safe to use --legacy-peer-deps to fix ERESOLVE?
It's safe as a temporary workaround, but it hides the conflict rather than fixing it. With --legacy-peer-deps, npm installs even when peer requirements aren't met — you may see runtime errors, unexpected behavior, or subtle bugs if the incompatible versions have API differences. Always treat it as a bridge while you fix the underlying version mismatch, not a permanent solution.
My package.json looks fine but npm install still fails — what am I missing?
The conflict may be in your transitive dependencies, not your direct ones. For example, two packages you list might both pull in a shared sub-dependency at incompatible versions. This tool checks direct dependencies from package.json. For transitive conflicts, run npm install --dry-run or use npm ls PACKAGE_NAME to see all versions of a specific package in your tree.
What does "unmet peer dependency" mean and do I need to fix it?
An unmet peer dependency warning means a library you installed expects another package at a specific version, but either that package isn't installed or the version doesn't match. In npm v6, these were warnings you could ignore. In npm v7+, they can block installation. Always fix them by installing the required peer at the correct version — unmet peers often cause subtle runtime errors even when installation succeeds with --legacy-peer-deps.
overrides field in package.json to force a specific version, or (3) using npm install --legacy-peer-deps as a temporary workaround. This tool detects the conflicts that trigger ERESOLVE before you run npm install.