read-pkg-up
Advanced tools
Read the closest package.json file
npm install read-pkg-up
import {readPackageUp} from 'read-pkg-up';
console.log(await readPackageUp());
/*
{
packageJson: {
name: 'awesome-package',
version: '1.0.0',
…
},
path: '/Users/sindresorhus/dev/awesome-package/package.json'
}
*/
Returns a Promise<object>, or Promise<undefined> if no package.json was found.
Returns the result object, or undefined if no package.json was found.
Type: object
Type: URL | string
Default: process.cwd()
The directory to start looking for a package.json file.
Type: boolean
Default: true
Normalize the package data.
read-pkg is similar to read-pkg-up but does not search upwards from the current directory. It simply reads the package.json file from the specified directory or the current directory if no directory is specified. It is less flexible when you need to find package.json files in parent directories.
pkg-up is another package that finds the closest package.json file by searching upwards from a given directory. It is similar to read-pkg-up but does not read or parse the package.json file, it only returns the path to it. This package is useful if you only need the path and not the contents.
find-up is a more general tool that can be used to find files or directories by searching upwards from a given directory. While it is not limited to package.json files, it can be used for a similar purpose as read-pkg-up. However, it requires additional work to read and parse the package.json file after finding it.
FAQs
Read the closest package.json file
The npm package read-pkg-up receives a total of 29,546,506 weekly downloads. As such, read-pkg-up popularity was classified as popular.
We found that read-pkg-up demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Malicious Namastex.ai npm packages appear to replicate TeamPCP-style Canister Worm tradecraft, including exfiltration and self-propagation.
Product
Explore exportable charts for vulnerabilities, dependencies, and usage with Reports, Socket’s new extensible reporting framework.
Product
Socket for Jira lets teams turn alerts into Jira tickets with manual creation, automated ticketing rules, and two-way sync.