Security News
Crates.io Implements Trusted Publishing Support
Crates.io adds Trusted Publishing support, enabling secure GitHub Actions-based crate releases without long-lived API tokens.
By Sarah Gooding - Jul 16, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
better-npm-run
Advanced tools
Intro
Better NPM scripts runner
- Avoid hard-coded commands in package.json
- Cross-platform compatibility, originally needed by:
Inspired by
Alternatives
Usage in package.json
From this:
{
"scripts": {
"build:dist": "NODE_ENV=development webpack --config $npm_package_webpack --progress --colors",
"test": "NODE_ENV=production karma start"
}
}
To this:
{
"devDependencies": {
"better-npm-run": "~0.0.1"
},
"scripts": {
"build:dist": "better-npm-run build:dist",
"test": "better-npm-run test"
},
"betterScripts": {
"build:dist": {
"command": "webpack --config $npm_package_webpack --progress --colors",
"env": {
"NODE_ENV": "development"
}
},
"build:prod": {
"command": "webpack --config $npm_package_webpack --progress --colors",
"env": {
"NODE_ENV": "production"
}
},
"test": {
"command": "karma start",
"env": {
"NODE_ENV": "test"
}
}
}
}
.env File
If you have an .env file in your project root it will be loaded on every command
NODE_PATH=./:./lib
PORT=5000
Shell scripts
Currently, using bash variables (PWD, USER, etc.) is not possible:
"command": "forever start -l ${PWD}/logs/forever.log -o ${PWD}/logs/out.log -e ${PWD}/logs/errors.log -a index.js",
In order to use them, you can create an script file (.sh) instead:
forever.sh:
forever start -l ${PWD}/logs/forever.log -o ${PWD}/logs/out.log -e ${PWD}/logs/errors.log -a index.js
package.json:
"command": "./forever.sh"
cli commands
This module expose 2 cli commands:
better-npm-runand,- a shorter one:
bnrwhich is an alias to the former.
The shorter one is useful for cases where you have a script that calls several better-npm-run scripts. e.g:
using the normal cli name
"scripts": {
"dev": "shell-exec 'better-npm-run install-hooks' 'better-npm-run watch-client' 'better-npm-run start-dev' 'better-npm-run start-dev-api' 'better-npm-run start-dev-worker' 'better-npm-run start-dev-socket'",
}
using the shorter alias
"scripts": {
"dev": "shell-exec 'bnr install-hooks' 'bnr watch-client' 'bnr start-dev' 'bnr start-dev-api' 'bnr start-dev-worker' 'bnr start-dev-socket'",
}
FAQs
Better NPM scripts runner
The npm package better-npm-run receives a total of 37,293 weekly downloads. As such, better-npm-run popularity was classified as popular.
We found that better-npm-run demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 23 Jul 2016
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Tracking Protestware Spread: 28 npm Packages Affected by Payload Targeting Russian-Language Users
Undocumented protestware found in 28 npm packages disrupts UI for Russian-language users visiting Russian and Belarusian domains.
By Olivia Brown - Jul 15, 2025
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
By Kirill Boychenko - Jul 14, 2025