Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
What is npm-name?
The npm-name package is used to check the availability of package names on the npm registry. It helps developers to determine if a particular package name is already taken or if it is available for use.
What are npm-name's main functionalities?
Check single package name
This feature allows you to check if a single package name is available on the npm registry. The code sample demonstrates how to use the npm-name package to check the availability of 'some-package-name'.
const npmName = require('npm-name');
(async () => {
const isAvailable = await npmName('some-package-name');
console.log(isAvailable ? 'Available' : 'Taken');
})();Check multiple package names
This feature allows you to check the availability of multiple package names at once. The code sample shows how to check the availability of 'package-one' and 'package-two' using the npm-name package.
const npmName = require('npm-name');
(async () => {
const result = await npmName.many(['package-one', 'package-two']);
console.log(result);
})();Check scoped package name
This feature allows you to check the availability of a scoped package name. The code sample demonstrates how to check if '@scope/some-package-name' is available on the npm registry.
const npmName = require('npm-name');
(async () => {
const isAvailable = await npmName('@scope/some-package-name');
console.log(isAvailable ? 'Available' : 'Taken');
})();Other packages similar to npm-name
npm-name-cli
The npm-name-cli package is a command-line interface tool for checking the availability of npm package names. While npm-name is a library that can be integrated into other Node.js applications, npm-name-cli is specifically designed for use in the terminal, making it a good choice for developers who prefer command-line tools.
npm-name
Check whether a package or organization name is available on npm
Install
npm install npm-name
Usage
import npmName from 'npm-name';
// Check a package name
console.log(await npmName('chalk'));
//=> false
// Check an organization name
console.log(await npmName('@ava'));
//=> false
console.log(await npmName('@abc123'));
//=> true
try {
await npmName('_ABC');
} catch (error) {
console.log(error.message);
// Invalid package name: _ABC
// - name cannot start with an underscore
// - name can no longer contain capital letters
}
API
npmName(name, options?)
Check whether a package/organization name is available (not registered) on npm.
An organization name should start with @ and should not be a scoped package.
Returns a Promise<boolean> of whether the given name is available.
name
Type: string
The name to check.
options
Type: object
registryUrl
Default: User's configured npm registry URL.
THe registry URL to check name availability against.
Note: You're unlikely to need this option. Most use-cases are best solved by using the default. You should only use this option if you need to check a package name against a specific registry.
npmNameMany(names, options?)
Check whether multiple package/organization names are available (not registered) on npm.
Returns a Promise<Map> of name and status.
import {npmNameMany} from 'npm-name';
const result = await npmNameMany(['chalk', '@sindresorhus/is', 'abc123']);
console.log(result.get('chalk'));
//=> false
console.log(result.get('@sindresorhus/is'));
//=> false
console.log(result.get('abc123'));
//=> true
names
Type: string[]
Multiple names to check.
options
Type: object
Same as npmName().
Related
- npm-name-cli - CLI for this module
FAQs
Check whether a package or organization name is available on npm
We found that npm-name demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 10 Feb 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024