Open stuff like URLs, files, executables. Cross-platform.
This is meant to be used in command-line tools and scripts, not in the browser.
If you need this for Electron, use shell.openPath() instead.
This package does not make any security guarantees. If you pass in untrusted input, it's up to you to properly sanitize it.
spawn instead of exec.node-open issues.xdg-open script for Linux.npm install open
Warning: This package is native ESM and no longer provides a CommonJS export. If your project uses CommonJS, you will have to convert to ESM or use the dynamic import() function. Please don't open issues for questions regarding CommonJS / ESM.
import open, {openApp, apps} from 'open';
// Opens the image in the default image viewer and waits for the opened app to quit.
await open('unicorn.png', {wait: true});
console.log('The image viewer app quit');
// Opens the URL in the default browser.
await open('https://sindresorhus.com');
// Opens the URL in a specified browser.
await open('https://sindresorhus.com', {app: {name: 'firefox'}});
// Specify app arguments.
await open('https://sindresorhus.com', {app: {name: 'google chrome', arguments: ['--incognito']}});
// Opens the URL in the default browser in incognito mode.
await open('https://sindresorhus.com', {app: {name: apps.browserPrivate}});
// Open an app.
await openApp('xcode');
// Open an app with arguments.
await openApp(apps.chrome, {arguments: ['--incognito']});
It uses the command open on macOS, start on Windows and xdg-open on other platforms.
Returns a promise for the spawned child process. You would normally not need to use this for anything, but it can be useful if you'd like to attach custom event listeners or perform other operations directly on the spawned process.
Type: string
The thing you want to open. Can be a URL, file, or executable.
Opens in the default app for the file type. For example, URLs opens in your default browser.
Type: object
Type: boolean
Default: false
Wait for the opened app to exit before fulfilling the promise. If false it's fulfilled immediately when opening the app.
Note that it waits for the app to exit, not just for the window to close.
On Windows, you have to explicitly specify an app for it to be able to wait.
Type: boolean
Default: false
Do not bring the app to the foreground.
Type: boolean
Default: false
Open a new instance of the app even it's already running.
A new instance is always opened on other platforms.
Type: {name: string | string[], arguments?: string[]} | Array<{name: string | string[], arguments: string[]}>
Specify the name of the app to open the target with, and optionally, app arguments. app can be an array of apps to try to open and name can be an array of app names to try. If each app fails, the last error will be thrown.
The app name is platform dependent. Don't hard code it in reusable modules. For example, Chrome is google chrome on macOS, google-chrome on Linux and chrome on Windows. If possible, use apps which auto-detects the correct binary to use.
You may also pass in the app's full path. For example on WSL, this can be /mnt/c/Program Files (x86)/Google/Chrome/Application/chrome.exe for the Windows installation of Chrome.
The app arguments are app dependent. Check the app's documentation for what arguments it accepts.
Type: boolean
Default: false
Allow the opened app to exit with nonzero exit code when the wait option is true.
We do not recommend setting this option. The convention for success is exit code zero.
Open an app.
Returns a promise for the spawned child process. You would normally not need to use this for anything, but it can be useful if you'd like to attach custom event listeners or perform other operations directly on the spawned process.
Type: string
The app name is platform dependent. Don't hard code it in reusable modules. For example, Chrome is google chrome on macOS, google-chrome on Linux and chrome on Windows. If possible, use apps which auto-detects the correct binary to use.
You may also pass in the app's full path. For example on WSL, this can be /mnt/c/Program Files (x86)/Google/Chrome/Application/chrome.exe for the Windows installation of Chrome.
Type: object
Same options as open except app and with the following additions:
Type: string[]
Default: []
Arguments passed to the app.
These arguments are app dependent. Check the app's documentation for what arguments it accepts.
An object containing auto-detected binary names for common apps. Useful to work around cross-platform differences.
import open, {apps} from 'open';
await open('https://google.com', {
app: {
name: apps.chrome
}
});
browser and browserPrivate can also be used to access the user's default browser through default-browser.
chrome - Web browserfirefox - Web browseredge - Web browserbrave - Web browserbrowser - Default web browserbrowserPrivate - Default web browser in incognito modebrowser and browserPrivate only supports chrome, firefox, edge, and brave.
The 'opn' package was the predecessor to 'open' and has since been deprecated in favor of 'open'. It offered similar functionality to open resources with the default application or a specified one.
While 'execa' is more of a process execution tool than a direct alternative to 'open', it can be used to achieve similar results by running system commands to open files or URLs with specific applications.
The 'start' package is another alternative that can open files or URLs using the default application. It is less feature-rich compared to 'open' and is specific to Windows.
FAQs
Open stuff like URLs, files, executables. Cross-platform.
The npm package open receives a total of 77,084,015 weekly downloads. As such, open popularity was classified as popular.
We found that open demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A recent burst of security disclosures in the OpenClaw project is drawing attention to how vulnerability information flows across advisory and CVE systems.
Research
/Security News
Mixed-script homoglyphs and a lookalike domain mimic imToken’s import flow to capture mnemonics and private keys.
Security News
Latio’s 2026 report recognizes Socket as a Supply Chain Innovator and highlights our work in 0-day malware detection, SCA, and auto-patching.