npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

nanoprobe

v1.4.0

Published

A CLI to help better understand the massive amount of information that surrounds Node.js versions.

Downloads

36

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

bnbbnb

Keywords

nodejsnodeutilitysecuritycliciborg

Readme

nanoprobe: A nice Node.js Version Utility

A CLI to help better understand the massive amount of information that surrounds Node.js versions.

Usage

nanoprobe [command] [args]

Commands:
  nanoprobe deps <version>        Expose the versions of Node.js's dependencies
                                  at a specific version. Defaults to the latest
                                  version in an incomplete semver string.
  nanoprobe latest [releaseLine]  List the latest versions of Node.js
  nanoprobe safe [version]        Lets  you know whether or not you are running
                                  a version of Node.js with zero known
                                  vulnerabilities

Options:
  -h, --help     Show help                                             [boolean]
  -v, --version  Show version number                                   [boolean]

Examples

nanoprobe deps

nanoprobe deps 12.0.0 # see a fancy output of deps for v12.0.0
nanoprobe deps 10.15.0 --json # see the information as JSON
nanoprobe deps 6.12.0 --plain # see a very plain, human-readable output rather than a fancy one

nanoprobe latest

nanoprobe latest # will return the most recent Currrent release
nanoprobe latest v10 # will return the latest release in the Node.js v10.x release line
nanoprobe latest --json # see the information as JSON
nanoprobe latest --ci # exits as a 1 or a 0

nanoprobe safe

nanoprobe safe # will tell you if you're currently running a safe version of Node.js or not
nanoprobe safe v9
nanoprobe safe v10.14
nanoprobe safe 10.14.0 ## will tell you if [email protected] is safe
nanoprobe safe --json # JSON output of the vulnerability data, if any
nanoprobe safe --ci # exits 0 or 1 depending on if there are or are not vulnerabilities, respectively
nanoprobe safe --plain # plain (rather than formatted) human-readable output

TODOs

  • [x] nanoprobe safe
    • [x] tell you if your current Node.js version is secure.
    • [x] add ci flag that will process.exit(0) if you're not secure.
    • [ ] add flag that allows you to pass a version or array of security releases to ignore
      • [ ] should only change the exit code, and should still warn that you are running insecure versions.
  • [ ] make all data exposed by commands consumable if the module is require()'d
    • we will likely want to split out an underlying module and then make the CLI consume the module
  • [ ] nanoprobe lts
    • [ ] expose LTS data
    • [ ] expose LTS EOL if possible?
  • [ ] nanoprobe update
    • [ ] print all ways to update to the latest version of the Node.js release line you're using
    • [ ] pass a flag that allows you to filter output
      • for example, nanoprobe update --type=docker/nanoprobe update --type=nvm or nanoprobe update --docker/nanoprobe update --nvm
  • [ ] crerate helper that parses the version we're checking in various commands
    • returns an object that includes various acceptable inputs (v12.1.0, 12.1.0) as well as all semver ranges that apply and their varients (v12.1, 12.1, v12, 12)
      • this would allow us to remove our require of semver in both deps and safe, in addition to future commands.
    • could also parse keywords like latest, current, and possibly lts
  • [x] Improve consistency
    • [x] Make version passing consistent (currently latest and safe have different requirements for version arguments)
  • [ ] Find a way test every command and every flag by running them as a part of our tests
  • [ ] Add // @ts-check to all code files and resolve problems if they exist.
  • [ ] Tests
  • [ ] Better README.md