{"id":12716,"library":"checkpoint-client","title":"Checkpoint Client","description":"The `checkpoint-client` is a TypeScript client library designed to integrate version checking and security alerting into command-line interface (CLI) tools. It connects to a Checkpoint Server to fetch the latest version information and notify users of any security vulnerabilities relevant to their installed product. Currently, version 1.1.33 is stable, and while no explicit release cadence is detailed, such clients typically update in conjunction with the products they monitor, like Prisma. A key differentiator is its design to be non-intrusive, ensuring \"no impact on the developer experience of your CLI,\" allowing easy integration into various products, and supporting custom styling. As of the current documentation, it exclusively supports the `prisma` product, requiring specific product and version strings, along with unique hashes for CLI and project paths to function correctly.","status":"active","version":"1.1.33","language":"javascript","source_language":"en","source_url":null,"tags":["javascript","typescript"],"install":[{"cmd":"npm install checkpoint-client","lang":"bash","label":"npm"},{"cmd":"yarn add checkpoint-client","lang":"bash","label":"yarn"},{"cmd":"pnpm add checkpoint-client","lang":"bash","label":"pnpm"}],"dependencies":[],"imports":[{"note":"The library primarily uses a default export, typically consumed via ES module imports in TypeScript or modern Node.js projects.","wrong":"const checkpoint = require('checkpoint-client')","symbol":"checkpoint","correct":"import checkpoint from 'checkpoint-client'"}],"quickstart":{"code":"import checkpoint from 'checkpoint-client';\nimport { createHash } from 'crypto';\nimport * as path from 'path';\n\nasync function runCheck() {\n  const product = 'prisma';\n  const version = '2.0.0'; // Replace with actual product version\n  const cliPath = process.env.CLI_PATH || path.join(process.cwd(), 'node_modules', '.bin', product);\n  const projectPath = process.env.PROJECT_PATH || process.cwd();\n\n  // Generate unique hashes for required fields\n  const cli_path_hash = createHash('sha256').update(cliPath).digest('hex');\n  const project_hash = createHash('sha256').update(projectPath).digest('hex');\n\n  try {\n    const result = await checkpoint.check({\n      product,\n      version,\n      cli_path_hash,\n      project_hash,\n      disable: false, // Explicitly set if you want to allow network checks\n      // endpoint: 'https://checkpoint.prisma.io', // Optional, defaults to Prisma's endpoint\n      // timeout: 5000, // Optional timeout in milliseconds\n    });\n\n    console.log('Checkpoint check completed:', result);\n\n    if (result.status === 'ok' || result.status === 'reminded') {\n      const { data } = result;\n      console.log(`Product: ${data.product}`);\n      console.log(`Current version: ${data.current_version}`);\n      if (data.latest_version && data.latest_version !== data.current_version) {\n        console.log(`New version available: ${data.latest_version}`);\n      }\n      if (data.security_vulnerabilities && data.security_vulnerabilities.length > 0) {\n        console.warn('Security vulnerabilities found:', data.security_vulnerabilities);\n      }\n    } else {\n      console.log('Checkpoint status:', result.status, ' - No update or reminder was triggered.');\n    }\n  } catch (error) {\n    console.error('Failed to perform checkpoint check:', error);\n  }\n}\n\nrunCheck();","lang":"typescript","description":"This quickstart demonstrates how to perform a version and security check using `checkpoint-client`. It shows how to correctly import the library, construct the required `Input` object including dynamically generated hashes for `cli_path_hash` and `project_hash`, and handle the `Result` object for updates or security notices."},"warnings":[{"fix":"Always set `product: 'prisma'` in the input object when calling `checkpoint.check()`.","message":"The `product` field in the `checkpoint.check` input object currently only supports the string value 'prisma'. Attempting to use other product names will result in an error or unexpected behavior.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Ensure `cli_path_hash` and `project_hash` are generated (e.g., using `crypto.createHash`) and included in the input object for `checkpoint.check()`.","message":"The `cli_path_hash` and `project_hash` fields are explicitly marked as required in the `Input` type. These fields must be provided as unique string hashes (e.g., SHA256) of the CLI installation path and the project's root path, respectively.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Always include `disable: false` in the `checkpoint.check()` input object if you intend for the client to perform a check.","message":"The `disable` field is a required boolean in the input object. This can be counter-intuitive for a flag that typically defaults to `false` or is optional. For checkpoint checks to run, `disable` must be explicitly set to `false`.","severity":"gotcha","affected_versions":">=1.0.0"}],"env_vars":null,"last_verified":"2026-04-19T00:00:00.000Z","next_check":"2026-07-18T00:00:00.000Z","problems":[{"fix":"Provide `product: 'prisma'` in the input object.","cause":"The `product` field was omitted or provided as an empty string in the `checkpoint.check` input object.","error":"Error: Missing required field: product"},{"fix":"Generate a SHA256 hash of the CLI installation path and include it as `cli_path_hash` in the input.","cause":"The `cli_path_hash` was not provided in the `checkpoint.check` input object.","error":"Error: Missing required field: cli_path_hash"},{"fix":"Ensure you are using `import checkpoint from 'checkpoint-client'` for TypeScript or ES module environments.","cause":"This error typically occurs when attempting to use CommonJS `require()` syntax with `checkpoint-client` in an ES module context, or when the `checkpoint` object is not correctly imported.","error":"TypeError: checkpoint.check is not a function"}],"ecosystem":"npm"}