Security News
AI Agent Lands PRs in Major OSS Projects, Targets Maintainers via Cold Outreach
An AI agent is merging PRs into major OSS projects and cold-emailing maintainers to drum up more work.
By Sarah Gooding - Feb 14, 2026
Latest Threat Research:Malicious dYdX Packages Published to npm and PyPI After Maintainer Compromise.Details →
ndu - Visualize your Node app's disk space usage
Requires node 4+ and du. Windows not yet supported.
ndu is a tool for analyzing the size of dependencies in a node.js application.
It's similar to disc, but for server-side
dependencies instead of client-side depedencies.
When building node.js apps, you can choose from hundreds of thousands of libraries available on npm. But sometimes these libraries contain many hidden sub-dependencies that bloat the size of your application. This tool helps you identify which modules are bringing in the bloat. It's very useful when you're wondering why your seemingly simple node app takes up hundreds of MBs of space on disk.
Installation
Install from npm:
npm install --global ndu
Usage
Simply run ndu in the root folder of your node.js application.
By default it will write an HTML file with the results to stdout:
ndu > ndu.html && open ndu.html
Just like disc, ndu can also open the result directly in a browser:
ndu --open
Example
First, let's create a very simple web app using express-generator:
$ npm install -g express-generator
$ express example-web-app
$ cd example-web-app/
$ npm install
Now we have a simple web app built with express.js. Let's see how large the
dependency tree is using ndu:
$ npm install -g ndu
$ ndu --open
This opens your web browser and shows a breakdown of your app's dependency tree:
From here you can see that your app is using 9.64MB of node dependencies. You can highlight areas of the diagram to see which node dependencies use up that space:
This can be especially helpful in a large application. Sometimes just a few dependencies make up the majority of your application's size.
For example, here's a real application that was running at Groupon. You can easily see how one bloated dependency was increasing the size of the application by 10%:
Thanks to ndu, it was easy to clean up the largest dependencies and quickly
shrink the size of the app's footprint.
Similar Tools
disc: For analyzing the size of browserify bundles, platform independentspace-hogs: Generic directory size info, highlights big entries, *nix- WinDirStat: Generic directory size info, Windows
- Grand Perspective: Generic directory size info, OSX
FAQs
node disk usage
The npm package ndu receives a total of 2 weekly downloads. As such, ndu popularity was classified as not popular.
We found that ndu demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 04 Jan 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Malicious Chrome Extension Steals Meta Business Manager Exports and TOTP 2FA Seeds
Chrome extension CL Suite by @CLMasters neutralizes 2FA for Facebook and Meta Business accounts while exfiltrating Business Manager contact and analytics data.
By Kirill Boychenko - Feb 13, 2026
Security News
AI Agent Submits PR to Matplotlib, Publishes Angry Blog Post After Rejection
After Matplotlib rejected an AI-written PR, the agent fired back with a blog post, igniting debate over AI contributions and maintainer burden.
By Sarah Gooding - Feb 12, 2026