Using monorepos

Using the listen.dev Configuration File

To customize how listen.dev scans your projects, users can provide a configuration file. This file allows for detailed settings specifically tailored to your project's structure and dependencies.

Locations

The config file can be placed in one of the following locations within your repository, listed in order of preference.

1. /.listendev/config.yaml

2. /.listendev/config.yml

3. /.listendev.yaml

4. /.listendev.yml

The Listen.dev app will search for the configuration file in these locations, in the order listed, and will use the first one it finds.

Configuration Structure

Below is the structure of the configuration that you should include in your config file, specifically tailored for NPM projects.

NPM Configuration using lockfiles

The npm section within the configuration file holds information specific to Node Package Manager (NPM) settings. This section is crucial for specifying which lockfiles should be analyzed by Listen.dev, particularly important for monorepos where multiple package-lock.json files may exist.

Users can specify an array of file paths to NPM lockfiles in your repository. Listen.dev will perform an analysis on each specified lockfile to monitor and evaluate the project's dependencies.

Example YAML Configuration:

npm:
  lockfiles:
    - /path/to/package-lock.json
    - package-lock.json

In this example, two lockfiles are specified:

• The first path is an absolute path to a package-lock.json file, which might be useful for specifying lockfiles in specific directories within a monorepo.

• The second path is a relative path, assuming the lockfile is in the root directory or the directory where the Listen.dev configuration file is located.

Testing it out

After configuring the config file as above, commit the file to your repository in one of the specified locations. Listen.dev will automatically detect this configuration file during its next scan and analyze your NPM projects according to the specified settings.