Awesome

vim-package-info

It lets you view the latest version of the packages you depend on and see if any of them are vulnerable.

Vulnerability detection is still a work in progress (disabled at the moment)

Currently supports:

• javascript:
  • package.json
• rust:
  • Cargo.toml
• python:
  • requirements.txt
  • Pipfile
  • pyproject.toml

Default colors:

• green: patch update
• cyan: minor update
• red: major update

Installation

Make sure you have node support for neovim. Run the command npm install -g neovim to add it. #20

Use your favorite plugin manager to install the plugin. I use vim-plug.

Plug 'meain/vim-package-info', { 'do': 'npm install' }

After installing the plugin, run :UpdateRemotePlugins to register it with Neovim.

Needs virtual text support. ( Neovim 0.3.2 )

Check if echo has('nvim-0.3.2') returns 1

Configuration

Change prefix

let g:vim_package_info_virutaltext_prefix = '  ¤ '

Change highlight group

let g:vim_package_info_virutaltext_highlight = 'NonText'

There are three other highlight groups that you can change. You can change them like this

hi VimPackageInfoPatch guifg=#8BC34A
hi VimPackageInfoMinor guifg=#00BCD4
hi VimPackageInfoMajor guifg=#F44336

Possible issues

The plugin might conflict with ALE or any other plugins that use virtualtext. This is because virtualtext context is the same for all the plugins and if one clears the virtualtext it will clear the virutaltext that was made by all plugins.

Not a lot can be done about this, but in the case of ALE you can checkout #14.

Alternatives

Other options for you to checkout if this does not work for you

• akinsho/dependency-assist.nvim
• vuki656/package-info.nvim
• mhinz/vim-crates