Product
Introducing License Enforcement in Socket
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
validate-npm-package-name
Advanced tools
Give me a string and I'll tell you if it's a valid npm package name
The validate-npm-package-name package is used to check if a given string is a valid npm package name. It ensures that the package name meets the npm naming constraints, such as length, format, and character restrictions. It is useful for developers who are creating new npm packages and want to validate their package names before publishing to the npm registry.
Validation of package names
This feature allows you to validate a string to see if it would be a valid npm package name. It checks against rules for both new packages and old packages that were allowed before stricter rules were applied. The result object contains two boolean properties: 'validForNewPackages' and 'validForOldPackages'.
{"validForNewPackages": true, "validForOldPackages": true}
Error and warning messages
If the package name is invalid, the function will return an object with 'errors' and 'warnings' arrays that provide information about why the name is invalid. This is useful for giving feedback to users so they can correct their package names.
{"validForNewPackages": false, "validForOldPackages": false, "errors": ["name cannot start with a dot"], "warnings": ["name is discouraged"]}
The npm-name package checks whether a package name is available on the npm registry. It differs from validate-npm-package-name in that it specifically checks for name availability rather than just format validity.
This package provides a regular expression to test if a string is a valid npm package name. It is similar to validate-npm-package-name but offers a lower-level approach using regex matching instead of a function that returns an object with details.
Give me a string and I'll tell you if it's a valid npm
package name.
This package exports a single synchronous function that takes a string
as
input and returns an object with two properties:
validForNewPackages
:: Boolean
validForOldPackages
:: Boolean
Below is a list of rules that valid npm
package name should conform to.
.
or _
~)('!*
var validate = require("validate-npm-package-name")
validate("some-package")
validate("example.com")
validate("under_score")
validate("123numeric")
validate("@npm/thingy")
validate("@jane/foo.js")
All of the above names are valid, so you'll get this object back:
{
validForNewPackages: true,
validForOldPackages: true
}
validate("excited!")
validate(" leading-space:and:weirdchars")
That was never a valid package name, so you get this:
{
validForNewPackages: false,
validForOldPackages: false,
errors: [
'name cannot contain leading or trailing spaces',
'name can only contain URL-friendly characters'
]
}
In the old days of npm, package names were wild. They could have capital letters in them. They could be really long. They could be the name of an existing module in node core.
If you give this function a package name that used to be valid, you'll see
a change in the value of validForNewPackages
property, and a warnings array
will be present:
validate("eLaBorAtE-paCkAgE-with-mixed-case-and-more-than-214-characters-----------------------------------------------------------------------------------------------------------------------------------------------------------")
returns:
{
validForNewPackages: false,
validForOldPackages: true,
warnings: [
"name can no longer contain capital letters",
"name can no longer contain more than 214 characters"
]
}
npm install
npm test
ISC
6.0.0 (2024-09-24)
validate-npm-package-name
now supports node ^18.17.0 || >=20.5.0
FAQs
Give me a string and I'll tell you if it's a valid npm package name
The npm package validate-npm-package-name receives a total of 9,301,084 weekly downloads. As such, validate-npm-package-name popularity was classified as popular.
We found that validate-npm-package-name demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
Product
We're launching a new set of license analysis and compliance features for analyzing, managing, and complying with licenses across a range of supported languages and ecosystems.
Product
We're excited to introduce Socket Optimize, a powerful CLI command to secure open source dependencies with tested, optimized package overrides.