package-stream
Advanced tools
An endless stream of nice package data from the npm registry.
See also all-the-packages, a similar package designed for offline use.
npm install package-stream --save
The stream is an event emitter that emits two events: package and up-to-date.
The up-to-date event is emitted when the stream reaches the end of all
existing packages, but unlike typical read streams, this stream has no end
event. It remains open indefinitely, emitting package events as new package
versions are published to the npm registry in real time.
const registry = require('package-stream')()
registry
.on('package', function (pkg, seq) {
// pkg: nice clean package object
// seq: the sequence number of the "package" event, useful for logging/tracking
})
.on('up-to-date', function () {
// consumed all changes (for now)
// The stream will remain open and continue receiving package
// updates from the registry as they occur in real time.
})
Each object emitted by the package event is a
nice-package instance.
Nice packages have cleaner metadata than you'd get directly from the npm
registry, and some handy
convenience methods
.
Here's an example that uses the
somehowDependsOn()
method to find all packages the have choo in their dependencies or
devDependencies:
const registry = require('package-stream')()
const dependents = []
registry
.on('package', function (pkg) {
if (pkg.someHowDependsOn('choo')) dependents.push(pkg.name)
})
.on('up-to-date', function () {
process.stdout.write(JSON.stringify(dependents))
process.exit()
})
To see the full list of available methods, check out the nice-package documentation.
The changes-stream package is used
under the hood, and
all of its options
are supported by package-stream. The default options used by package-stream
are:
{
db: 'https://replicate.npmjs.com',
include_docs: true
}
The options you provide are merged with the defaults above.
npm install
npm test
MIT
Generated by package-json-to-readme
FAQs
An endless stream of clean package data from the npm registry.
We found that package-stream demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Company News
Socket won two 2026 Reppy Awards from RepVue, ranking in the top 5% of all sales orgs. AE Alexandra Lister shares what it's like to grow a sales career here.
Security News
NIST will stop enriching most CVEs under a new risk-based model, narrowing the NVD's scope as vulnerability submissions continue to surge.
Company News
/Security News
Socket is an initial recipient of OpenAI's Cybersecurity Grant Program, which commits $10M in API credits to defenders securing open source software.