get-npm-tarball-url
Advanced tools
The npm package 'get-npm-tarball-url' is designed to retrieve the tarball URL of a given npm package. This is useful for various purposes such as downloading the package source code, analyzing package contents, or integrating with build systems that require direct access to npm package tarballs.
Retrieve tarball URL
This feature allows users to fetch the tarball URL for a specific version of an npm package. The function 'getTarballUrl' takes a package name and a version, then logs the URL or an error if it fails.
const getNpmTarballUrl = require('get-npm-tarball-url');
async function getTarballUrl(packageName, version) {
try {
const url = await getNpmTarballUrl(packageName, version);
console.log('Tarball URL:', url);
} catch (error) {
console.error('Error fetching tarball URL:', error);
}
}
getTarballUrl('express', '4.17.1');This package provides a more comprehensive API for interacting with the npm registry, including fetching tarball URLs. It offers more extensive control over requests such as custom headers or specific registry settings, making it more flexible than 'get-npm-tarball-url' for complex use cases.
Pacote is a library that abstracts fetching npm package metadata and tarballs. It supports various types of package sources like git, npm, and others. Compared to 'get-npm-tarball-url', Pacote offers a broader feature set for handling package manifests and tarballs, making it suitable for applications needing more than just URL retrieval.
Create the tarball URL of a npm package
pnpm add get-npm-tarball-url
import getNpmTarballUrl from 'get-npm-tarball-url'
const url = getNpmTarballUrl('foo', '1.0.0')
console.log(url)
// 'https://registry.npmjs.org/foo/-/foo-1.0.0.tgz'
FAQs
Create the tarball URL of a npm package
The npm package get-npm-tarball-url receives a total of 1,549,235 weekly downloads. As such, get-npm-tarball-url popularity was classified as popular.
We found that get-npm-tarball-url demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.
Security News
Sonar’s acquisition of Tidelift highlights a growing industry shift toward sustainable open source funding, addressing maintainer burnout and critical software dependencies.