The 'is-npm' package is a simple utility that allows developers to check if their code is running in an npm script environment. This can be particularly useful for adjusting the behavior of scripts based on the environment they are executed in, such as enabling certain features only when run through npm.
Check if running in npm script
This code checks if the current script is executed through npm. If 'isNpm' is true, it logs that the script is running via npm; otherwise, it logs that it is not.
const isNpm = require('is-npm');
if (isNpm) {
console.log('Running via npm!');
} else {
console.log('Not running via npm.');
}Similar to 'is-npm', 'is-ci' checks if your code is running in a Continuous Integration environment. While 'is-npm' is specific to npm, 'is-ci' covers a broader range of CI environments, making it more versatile for projects that need to detect CI contexts rather than just npm.
While 'is-npm' checks if a script is running through npm, 'npm-run-path' enhances the system PATH to include node_modules/.bin, similar to how npm scripts work. This is useful for executing local binaries of npm packages in scripts not run through npm, providing a functionality that complements what 'is-npm' offers.
npm install is-npm
import {isNpmOrYarn, isNpm, isYarn} from 'is-npm';
console.table({isNpmOrYarn, isNpm, isYarn});
$ node foo.js
# ┌─────────────┬────────┐
# │ (index) │ Values │
# ├─────────────┼────────┤
# │ isNpmOrYarn │ false │
# │ isNpm │ false │
# │ isYarn │ false │
# └─────────────┴────────┘
$ npm run foo
# ┌─────────────┬────────┐
# │ (index) │ Values │
# ├─────────────┼────────┤
# │ isNpmOrYarn │ true │
# │ isNpm │ true │
# │ isYarn │ false │
# └─────────────┴────────┘
$ yarn run foo
# ┌─────────────┬────────┐
# │ (index) │ Values │
# ├─────────────┼────────┤
# │ isNpmOrYarn │ true │
# │ isNpm │ false │
# │ isYarn │ true │
# └─────────────┴────────┘
FAQs
Check if your code is running as an npm script
We found that is-npm demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.