dependabit / monitor/src / Monitor

Class: Monitor

Defined in: packages/monitor/src/monitor.ts:115

Orchestrates dependency checking across multiple access methods.

Remarks

Built-in checkers are registered for github-api, http, and openapi access methods. Additional checkers (e.g., from plugin packages) can be registered with Monitor.registerChecker.

All checks in Monitor.checkAll run concurrently via Promise.all. If one checker throws, its result contains an error string but the other checks complete normally.

Use When

Polling a set of tracked dependencies for state changes on a schedule.

Avoid When

You only need to check a single dependency type — instantiate the specific checker (e.g., GitHubRepoChecker) directly to avoid loading all built-in checkers.

Pitfalls

• Concurrent update races: if two Monitor instances watch the same dependency and call updateDependency on the shared manifest file simultaneously, one write will silently overwrite the other. Serialise monitor runs or use a single shared Monitor instance.
• ETag drift false positives: the URLContentChecker hashes the full HTTP response body. Dynamic content (ads, timestamps, CSP nonces) in the response will produce hash changes that are not real dependency updates. Use monitoring.ignoreChanges: true for URLs with high natural churn, or replace them with a more specific checker.
• Clock skew: Scheduler.shouldCheckDependency compares dependency.lastChecked to wall clock time. If the system clock jumps backward (e.g., NTP correction), dependencies may be skipped until the clock catches up to the stored lastChecked timestamp.

Example

import { Monitor } from '@dependabit/monitor';

const monitor = new Monitor();
const results = await monitor.checkAll(dependencies);
for (const result of results) {
  if (result.hasChanged) {
    console.log(`${result.dependency.url} changed with severity ${result.severity}`);
  }
}

Constructors

Constructor

new Monitor(): Monitor;

Defined in: packages/monitor/src/monitor.ts:119

Returns

Monitor

Methods

checkAll()

checkAll(dependencies): Promise<CheckResult[]>;

Defined in: packages/monitor/src/monitor.ts:177

Checks multiple dependencies, respecting monitoring rules

Parameters

Parameter	Type
dependencies	DependencyConfig[]

Returns

Promise<CheckResult[]>

---

checkDependency()

checkDependency(dependency): Promise<CheckResult>;

Defined in: packages/monitor/src/monitor.ts:131

Checks a single dependency for changes

Parameters

Parameter	Type
dependency	DependencyConfig

Returns

Promise<CheckResult>

---

registerChecker()

registerChecker(accessMethod, checker): void;

Defined in: packages/monitor/src/monitor.ts:198

Registers a custom checker for an access method

Parameters

Parameter	Type
accessMethod	string
checker	Checker

Returns

void