Product
Introducing GitHub Actions Scanning Support
Detect malware, unsafe data flows, and license issues in GitHub Actions with Socket’s new workflow scanning support.
By Rakesh Chatrath, Greg Tystahl - Oct 23, 2025
🚀 DAY 4 OF LAUNCH WEEK: Introducing GitHub Actions Scanning Support.Learn more →
clean-pkg-json
Advanced tools
clean-pkg-json
Script to remove unnecessary properties from package.json on prepublish hook.
Support this project by ⭐️ starring and sharing it. Follow me to see what other cool projects I'm working on! ❤️
Why?
package.json is primarily for declaring an npm package and describing how it can be consumed.
However, it can often get bloated with development concerns such as devDependencies and configuration like eslintConfig, prettier, lint-staged, simple-git-hooks, etc.
Use clean-pkg-json in a prepublish hook to remove unnecessary properties from package.json. Useful in micropackages where every byte matters.
Install
npm install --save-dev clean-pkg-json
Usage
Add clean-pkg-json to the prepack hook, which runs before npm publish and npm pack.
// package.json
{
"name": "my-package",
// ...
"scripts": {
// ...
"prepack": "clean-pkg-json",
},
}
Flags
| Flag | Description |
|---|---|
-k, --keep <property name> | Property names to keep. Accepts multiple flags or a comma-delimited list. |
-r, --remove <property name> | Property names to remove. Accepts multiple flags or a comma-delimited list. |
-v, --verbose | Verbose logs. |
-d, --dry | Dry run mode. Instead of writing to disk, it will log it. |
-h, --help | Show help |
--version | Show version |
Default preserved properties
By default, these properties are preserved in package.json:
npm
nameversionprivatepublishConfigscripts.preinstallscripts.installscripts.postinstallscripts.dependenciesfilesbinbrowsermainmandependenciespeerDependenciespeerDependenciesMetabundledDependenciesoptionalDependenciesenginesoscpudescriptionkeywordsauthormaintainerscontributorslicensehomepagerepositorybugsfunding
CDNs
Node.js
typeexportsimports
VSCode Extension Manifest
sponsorpublisherdisplayNamecategoriesgalleryBannerpreviewcontributesactivationEventsbadgesmarkdownqnasponsorextensionPackextensionDependenciesextensionKindicon
Angular Package Format
fesm2022fesm2020fesm2015esm2020es2020
TypeScript
typestypingstypesVersions
Bundlers (Webpack, Rollup, esbuild)
Keywords
FAQs
Clean package.json before publish by removing unnecessary properties
The npm package clean-pkg-json receives a total of 4,604 weekly downloads. As such, clean-pkg-json popularity was classified as popular.
We found that clean-pkg-json demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 20 Apr 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Webhook Events for Pull Request Scans
Add real-time Socket webhook events to your workflows to automatically receive pull request scan results and security alerts in real time.
By Jeppe Hasseriis - Oct 22, 2025
Research
Malicious NuGet Packages Typosquat Nethereum to Exfiltrate Wallet Keys
The Socket Threat Research Team uncovered malicious NuGet packages typosquatting the popular Nethereum project to steal wallet keys.
By Kirill Boychenko - Oct 22, 2025