Product
Introducing Module Reachability: Focus on the Vulnerabilities That Matter
Module Reachability filters out unreachable CVEs so you can focus on vulnerabilities that actually matter to your application.
By Trevor Norris - Apr 23, 2025
🚀 Socket Launch Week 🚀 Day 2: Introducing Repository Labels and Security Policies.Learn More →
What is is-npm?
The 'is-npm' package is a simple utility that allows developers to check if their code is running in an npm script environment. This can be particularly useful for adjusting the behavior of scripts based on the environment they are executed in, such as enabling certain features only when run through npm.
What are is-npm's main functionalities?
Check if running in npm script
This code checks if the current script is executed through npm. If 'isNpm' is true, it logs that the script is running via npm; otherwise, it logs that it is not.
const isNpm = require('is-npm');
if (isNpm) {
console.log('Running via npm!');
} else {
console.log('Not running via npm.');
}Other packages similar to is-npm
is-ci
Similar to 'is-npm', 'is-ci' checks if your code is running in a Continuous Integration environment. While 'is-npm' is specific to npm, 'is-ci' covers a broader range of CI environments, making it more versatile for projects that need to detect CI contexts rather than just npm.
npm-run-path
While 'is-npm' checks if a script is running through npm, 'npm-run-path' enhances the system PATH to include node_modules/.bin, similar to how npm scripts work. This is useful for executing local binaries of npm packages in scripts not run through npm, providing a functionality that complements what 'is-npm' offers.
is-npm
Install
npm install is-npm
Usage
import {isNpmOrYarn, isNpm, isYarn} from 'is-npm';
console.table({isNpmOrYarn, isNpm, isYarn});
$ node foo.js
# ┌─────────────┬────────┐
# │ (index) │ Values │
# ├─────────────┼────────┤
# │ isNpmOrYarn │ false │
# │ isNpm │ false │
# │ isYarn │ false │
# └─────────────┴────────┘
$ npm run foo
# ┌─────────────┬────────┐
# │ (index) │ Values │
# ├─────────────┼────────┤
# │ isNpmOrYarn │ true │
# │ isNpm │ true │
# │ isYarn │ false │
# └─────────────┴────────┘
$ yarn run foo
# ┌─────────────┬────────┐
# │ (index) │ Values │
# ├─────────────┼────────┤
# │ isNpmOrYarn │ true │
# │ isNpm │ false │
# │ isYarn │ true │
# └─────────────┴────────┘
Related
- is-npm-cli - CLI for this module
Get professional support for this package with a Tidelift subscription
Tidelift helps make open source sustainable for maintainers while giving companies
assurances about security, maintenance, and licensing for their dependencies.
Tidelift helps make open source sustainable for maintainers while giving companies
assurances about security, maintenance, and licensing for their dependencies.
FAQs
Check if your code is running as an npm script
The npm package is-npm receives a total of 4,164,755 weekly downloads. As such, is-npm popularity was classified as popular.
We found that is-npm demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 18 Sep 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Repository Labels and Security Policies
Socket is introducing a new way to organize repositories and apply repository-specific security policies.
By Nolan Lawson - Apr 22, 2025
Research
Security News
The Bad Seeds: Malicious npm and PyPI Packages Pose as Developer Tools to Steal Wallet Credentials
Socket researchers uncovered malicious npm and PyPI packages that steal crypto wallet credentials using Google Analytics and Telegram for exfiltration.
By Kirill Boychenko - Apr 22, 2025