read-package-json-fast
Advanced tools
The read-package-json-fast npm package is designed to quickly read and parse package.json files in a Node.js environment. It is optimized for performance and provides a simple API for accessing package metadata.
Read and parse package.json
This feature allows you to read and parse the contents of a package.json file asynchronously. The function returns a promise that resolves with the parsed package data.
const readPackageJsonFast = require('read-package-json-fast');
async function getPackageData() {
try {
const packageData = await readPackageJsonFast('path/to/package.json');
console.log(packageData);
} catch (error) {
console.error('Error reading package.json:', error);
}
}
getPackageData();This package is similar to read-package-json-fast but is not as performance-optimized. It provides more features, such as handling various edge cases and running scripts defined in the package.json file.
While not a direct alternative, this package can be used in conjunction with others to normalize the data from a package.json file. It doesn't read the file itself but can be used after reading the file to ensure the package data adheres to the npm package specification.
pkg-conf is a package that reads and parses configuration from package.json files. It is focused on the configuration aspect and allows you to easily retrieve nested configuration values.
Like read-package-json, but faster and
more accepting of "missing" data.
This is only suitable for reading package.json files in a node_modules tree, since it doesn't do the various cleanups, normalization, and warnings that are beneficial at the root level in a package being published.
const rpj = require('read-package-json-fast')
// typical promisey type API
rpj('/path/to/package.json')
.then(data => ...)
.catch(er => ...)
// or just normalize a package manifest
const normalized = rpj.normalize(packageJsonObject)
Errors raised from parsing will use
json-parse-even-better-errors,
so they'll be of type JSONParseError and have a code: 'EJSONPARSE'
property. Errors will also always have a path member referring to the
path originally passed into the function.
To preserve indentation when the file is saved back to disk, use
data[Symbol.for('indent')] as the third argument to JSON.stringify, and
if you want to preserve windows \r\n newlines, replace the \n chars in
the string with data[Symbol.for('newline')].
For example:
const data = await readPackageJsonFast('./package.json')
const indent = Symbol.for('indent')
const newline = Symbol.for('newline')
// .. do some stuff to the data ..
const string = JSON.stringify(data, null, data[indent]) + '\n'
const eolFixed = data[newline] === '\n' ? string
: string.replace(/\n/g, data[newline])
await writeFile('./package.json', eolFixed)
Indentation is determined by looking at the whitespace between the initial
{ and the first " that follows it. If you have lots of weird
inconsistent indentation, then it won't track that or give you any way to
preserve it. Whether this is a bug or a feature is debatable ;)
bundledDependencies/bundleDependencies naming to just
bundleDependencies (without the extra d)true, false, or object values passed to bundleDependenciesfunding: <string> to funding: { url: <string> }scripts members that are not a string value.bin member to { [name]: bin }.optionalDependencies into dependencies._id property if name and version are set. (This is
load-bearing in a few places within the npm CLI.)README.md file, or attach the readme to
the parsed data object.HEAD value out of the .git folder.tset instead of test)files field exist and are
valid files.dependencies.dependencies fields that are not strictly objects of string values.directories field (ie, bins, mans, and so on).FAQs
Like read-package-json, but faster
We found that read-package-json-fast demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
Research
/Security News
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.