package-json

What is package-json?

The package-json npm package is used to fetch metadata about a package from the npm registry without needing to download the entire package. It can be used to get the latest version of a package, its dependencies, versions, and other useful metadata.

What are package-json's main functionalities?

Get the latest version of a package

Fetches the latest version of the specified package from the npm registry.

{"packageJson": require('package-json'), "getLatestPackageVersion": async function(packageName) { const packageData = await packageJson(packageName); return packageData.version; }}

Get metadata for a specific version of a package

Retrieves metadata for a specific version of a package, including dependencies, repository information, and more.

{"packageJson": require('package-json'), "getPackageDataForVersion": async function(packageName, version) { const packageData = await packageJson(packageName, {version: version}); return packageData; }}

Get all versions of a package

Fetches a list of all available versions of a package from the npm registry.

{"packageJson": require('package-json'), "getAllVersions": async function(packageName) { const packageData = await packageJson(packageName, {allVersions: true}); return Object.keys(packageData.versions); }}

Get the full metadata of a package

Retrieves the full metadata of a package, which includes additional information that's not part of the default output, such as deprecated versions and peerDependencies.

{"packageJson": require('package-json'), "getFullMetadata": async function(packageName) { const packageData = await packageJson(packageName, {fullMetadata: true}); return packageData; }}

Other packages similar to package-json

npm-registry-fetch

Similar to package-json, npm-registry-fetch is used to make requests to the npm registry. It provides more control over the HTTP requests, such as custom headers, but it's lower-level and requires more setup compared to package-json.

pacote

Pacote is a library that can fetch metadata and tarballs from npm. It's more feature-rich than package-json, offering manifest fetching, tarball extraction, and more. It's also used internally by npm CLI.

registry-auth-token

While not directly similar, registry-auth-token is often used in conjunction with packages like package-json to handle private packages that require authentication. It retrieves the auth token for the npm registry from the user's .npmrc file.

README

package-json

Get the package.json of a package from the npm registry

Install

$ npm install --save package-json

Usage

const packageJson = require('package-json');

packageJson('pageres', 'latest').then(json => {
	console.log(json);
	//=> {name: 'pageres', ...}
});

// also works with scoped packages
packageJson('@company/package', 'latest').then(json => {
	console.log(json);
	//=> {name: 'package', ...}
});

API

packageJson(name, [version])

You can optionally specify a version (e.g. 1.0.0) or latest.
If you don't specify a version you'll get the main entry containing all versions.

The version can also be in any format supported by the semver module. For example:

• 1 - get the latest 1.x.x
• 1.2 - get the latest 1.2.x
• ^1.2.3 - get the latest 1.x.x but at least 1.2.3
• ~1.2.3 - get the latest 1.2.x but at least 1.2.3

Related

• package-json-cli - CLI for this module
• latest-version - Get the latest version of an npm package
• npm-keyword - Get a list of npm packages with a certain keyword
• npm-user - Get user info of an npm user
• npm-email - Get the email of an npm user

License

MIT © Sindre Sorhus