package-stream
Advanced tools
An endless stream of nice package data from the npm registry.
See also all-the-packages, a similar package designed for offline use.
npm install package-stream --save
The stream is an event emitter that emits two events: pkg and up-to-date.
The up-to-date event is emitted when the stream reaches the end of all
existing packages, but unlike typical read streams, this stream has no end
event. It remains open indefinitely, emitting package events as new package
versions are published to the npm registry in real time.
const registry = require('package-stream')()
registry
.on('package', function (pkg) {
// nice clean package object
})
.on('up-to-date', function () {
// consumed all changes (for now)
// The stream will remain open and continue receiving package
// updates from the registry as they occur in real time.
})
Each object emitted by the package event is a
nice-package instance.
Nice packages have cleaner metadata than you'd get directly from the npm
registry, and some handy
convenience methods
.
Here's an example that uses the
somehowDependsOn()
method to find all packages the have choo in their dependencies or
devDependencies:
const registry = require('package-stream')()
const dependents = []
registry
.on('package', function (pkg) {
if (pkg.someHowDependsOn('choo')) dependents.push(pkg.name)
})
.on('up-to-date', function () {
process.stdout.write(JSON.stringify(dependents))
process.exit()
})
To see the full list of available methods, check out the nice-package documentation.
The changes-stream package is used
under the hood, and
all of its options
are supported by package-stream. The default options used by package-stream
are:
{
db: 'https://replicate.npmjs.com',
include_docs: true
}
The options you provide are merged with the defaults above.
npm install
npm test
MIT
Generated by package-json-to-readme
FAQs
An endless stream of clean package data from the npm registry.
The npm package package-stream receives a total of 19 weekly downloads. As such, package-stream popularity was classified as not popular.
We found that package-stream demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Claude Opus 4.6 has uncovered more than 500 open source vulnerabilities, raising new considerations for disclosure, triage, and patching at scale.
Research
/Security News
Malicious dYdX client packages were published to npm and PyPI after a maintainer compromise, enabling wallet credential theft and remote code execution.
Security News
gem.coop is testing registry-level dependency cooldowns to limit exposure during the brief window when malicious gems are most likely to spread.