You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

check-pkg-new-version-engine

Package Overview
Dependencies
Maintainers
1
Versions
4
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

check-pkg-new-version-engine

Provide generic engine for npm CLI packages to check newer version

1.0.3
latest
Source
npmnpm
Version published
Weekly downloads
4
-90%
Maintainers
1
Weekly downloads
 
Created
Source

check-pkg-new-version-engine

Provide generic engine for npm CLI packages to check newer version.

  • bundler friendly (webpack etc)
  • minimal - no bloats, depend on caller to provide fetch and npm config

Example:

import os from "os";
import Path from "path";
import { promises as Fs } from "fs";
import fetch from "node-fetch"; // or your favorite fetch lib
import ini from "ini";
import semver from "semver";
import { checkPkgNewVersionEngine } from "check-pkg-new-version-engine";

const myPkg = require("./package.json");

async function loadIni(dir, rcFile = ".npmrc") {
  try {
    const iniFile = Path.join(dir, rcFile);
    const iniData = await Fs.readFile(iniFile, "utf-8");
    const iniRc = ini.parse(iniData);
    return iniRc;
  } catch {
    return {};
  }
}

async function getNpmRcConfig() {
  return { ...(await loadIni(os.homedir())), ...(await loadIni(process.cwd())) };
}

async function start() {
  checkPkgNewVersionEngine({
    pkg,
    // without npm config the engine falls back to "https://registry.npmjs.org/"
    npmConfig: await getNpmRcConfig(),
    checkIsNewer: (pkg, distTags, tag) => semver.gt(distTags[tag], pkg.version),
    fetchJSON: async (url, options) => {
      const res = await fetch(url, options);
      return await res.json();
    },
  });
}

Keywords

npm
package
new
version
check
checker

FAQs

Package last updated on 08 Apr 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Bun 1.2.19 Adds Isolated Installs for Better Monorepo Support

Security News

Bun 1.2.19 Adds Isolated Installs for Better Monorepo Support

Bun 1.2.19 introduces isolated installs for smoother monorepo workflows, along with performance boosts, new tooling, and key compatibility fixes.

By Sarah Gooding  -  Jul 22, 2025
npm Phishing Email Targets Developers with Typosquatted Domain

Security News

/

Research

npm Phishing Email Targets Developers with Typosquatted Domain

A phishing attack targeted developers using a typosquatted npm domain (npnjs.com) to steal credentials via fake login pages - watch out for similar scams.

By Sarah Gooding  -  Jul 18, 2025