npm Packages
Security Scores
Security scores for npm packages. Audit install scripts, dependency chains, and maintainer trust signals for the JavaScript packages in your stack.
What we analyze for npm packages
All 214 scanned npm packages
Advanced filters@chakra-ui/react
Responsive and accessible React UI components built with React and Emotion
@mui/material
Material UI is an open-source React component library that implements Google's Material Design. It's comprehensive and can be used in production out of the box.
@aws-sdk/client-sqs
AWS SDK for JavaScript Sqs Client for Node.js, Browser and React Native
chalk
Terminal string styling done right. Keywords: color, colour, colors, terminal, console. 1.9B monthly downloads. License: MIT
@emotion/react
> Simple styling in React. 74M monthly downloads. License: MIT
cookie-parser
Parse HTTP request cookies. Keywords: cookie, middleware. 38M monthly downloads. License: MIT
@reduxjs/toolkit
The official, opinionated, batteries-included toolset for efficient Redux development
lodash
Lodash modular utilities. Keywords: modules, stdlib, util. 663M monthly downloads. License: MIT
imagemin
Minify images seamlessly. Keywords: minify, compress, image, images, jpeg. 5M monthly downloads. License: MIT
fluent-ffmpeg
A fluent API to FFMPEG (http://www.ffmpeg.org)
ufo
URL utils for humans. 160M monthly downloads. License: MIT
consola
Elegant Console Wrapper. Keywords: console, logger, reporter, elegant, cli. 143M monthly downloads. License: MIT
clsx
A tiny (239B) utility for constructing className strings conditionally.
kafkajs
A modern Apache Kafka client for node.js
immer
Create your next immutable state by mutating the current one
amqplib
An AMQP 0-9-1 (e.g., RabbitMQ) library and client.
speakeasy
Two-factor authentication for Node.js. One-time passcode generator (HOTP/TOTP) with support for Google Authenticator.
@supabase/auth-helpers-nextjs
Use the Supabase JavaScript library in popular server-side rendering (SSR) frameworks.
rxjs
Reactive Extensions for modern JavaScript
react-dom
React package for working with the DOM. Keywords: react. 514M monthly downloads. License: MIT
ofetch
A better fetch API. Works on node, browser and workers.
pathe
Universal filesystem path utils. 399M monthly downloads. License: MIT
classnames
A simple utility for conditionally joining classNames together
p-queue
Promise queue with concurrency control. Keywords: promise, queue, enqueue, limit, limited. License: MIT
@amplitude/analytics-browser
Official Amplitude SDK for Web. Keywords: analytics, amplitude. 8M monthly downloads. License: MIT
hookable
Awaitable hook system. Keywords: hook, hookable, plugin, tapable, tappable. 45M monthly downloads. License: MIT
c12
Smart Config Loader. 63M monthly downloads. License: MIT
picocolors
The tiniest and the fastest library for terminal output formatting with ANSI colors
execa
Process execution for humans. Keywords: exec, child, process, subprocess, execute. 556M monthly downloads. License: MIT
@sentry/nextjs
Official Sentry SDK for Next.js. License: MIT
keyv
Simple key-value storage with support for multiple backends
formidable
A node.js module for parsing form data, especially file uploads.
ws
Simple to use, blazing fast and thoroughly tested websocket client and server for Node.js
@clerk/nextjs
Clerk SDK for NextJS. Keywords: clerk, typescript, nextjs, auth, authentication. 6M monthly downloads. License: MIT
valibot
The modular and type safe schema library for validating structural data
io-ts
TypeScript runtime type system for IO decoding/encoding
destr
A faster, secure and convenient alternative for JSON.parse
@sinclair/typebox
Json Schema Type Builder with Static Type Resolution for TypeScript
superstruct
A simple and composable way to validate data in JavaScript (and TypeScript).
compression
Node.js compression middleware. Keywords: compression, gzip, deflate, middleware, express. 142M monthly downloads. License: MIT
morgan
HTTP request logger middleware for node.js
body-parser
Node.js body parsing middleware. 418M monthly downloads. License: MIT
postcss
Tool for transforming styles with JS plugins
styled-components
Fast, expressive styling for React. Keywords: react, css, css-in-js, styled-components, styling. 40M monthly downloads. License: MIT
react-router-dom
Declarative routing for React web applications
defu
Recursively assign default properties. Lightweight and Fast!
lucia
A simple and flexible authentication library
@headlessui/react
A set of completely unstyled, fully accessible UI components for React, designed to integrate beautifully with Tailwind CSS.
@radix-ui/react-dialog
View docs [here](https://radix-ui.com/primitives/docs/components/dialog).
@tanstack/react-query
Hooks for managing, caching and syncing asynchronous and remote data in React
@sentry/node
Sentry Node SDK using OpenTelemetry for performance instrumentation
supertest
SuperAgent driven library for testing HTTP servers
@azure/identity
Provides credential implementations for Azure SDK libraries that can authenticate with Microsoft Entra ID
@angular/core
Angular - the core framework. 23M monthly downloads. License: MIT
commander
the complete solution for node.js command-line programs
@aws-sdk/client-s3
AWS SDK for JavaScript S3 Client for Node.js, Browser and React Native
chokidar
Minimal and efficient cross-platform file watching library
bottleneck
Distributed task scheduler and rate limiter
@opentelemetry/api
Public API for OpenTelemetry. Keywords: opentelemetry, nodejs, browser, tracing, profiling. License: Apache-2.0
posthog-js
Posthog-js allows you to automatically capture usage and send events to PostHog.
mixpanel
A simple server-side API for mixpanel. Keywords: mixpanel, analytics, api, stats. License: MIT
ms
Tiny millisecond conversion utility. License: MIT
@segment/analytics-node
https://www.npmjs.com/package/@segment/analytics-node
pdf-lib
Create and modify PDF files with JavaScript
cors
Node.js CORS middleware. Keywords: cors, express, connect, middleware. License: MIT
helmet
help secure Express/Connect apps with various HTTP headers
dotenv
Loads environment variables from .env file
@langchain/core
Core LangChain.js abstractions and schemas
tailwindcss
A utility-first CSS framework for rapidly building custom user interfaces.
react
React is a JavaScript library for building user interfaces.
zod
TypeScript-first schema declaration and validation library with static type inference
langchain
Typescript bindings for langchain. Keywords: llm, ai, gpt3, chain, prompt. License: MIT
socket.io
node.js realtime framework server. Keywords: realtime, framework, websocket, tcp, events. 60M monthly downloads. License: MIT
nodemailer
Easy as cake e-mail sending from your Node.js applications
fastify
Fast and low overhead web framework, for Node.js
vue
The progressive JavaScript framework for building modern web UI.
remix
A framework for building better websites
mysql2
fast mysql driver. Implements core protocol, prepared statements, ssl and compression in native JS
drizzle-orm
Drizzle ORM package for SQL databases. Keywords: drizzle, orm, pg, mysql, singlestore. License: Apache-2.0
jose
JWA, JWS, JWE, JWT, JWK, JWKS for Node.js, Browser, Cloudflare Workers, Deno, Bun, and other Web-interoperable runtimes
@auth/core
Authentication for the Web. Keywords: authentication, authjs, jwt, oauth, oidc. License: ISC
passport
Simple, unobtrusive authentication for Node.js.
node-fetch
A light-weight module that brings Fetch API to node.js
crypto-js
JavaScript library of crypto standards. Keywords: security, crypto, Hash, MD5, SHA1. License: MIT
@apollo/server
Core engine for Apollo GraphQL server. Keywords: GraphQL, Apollo, Server, Javascript. License: MIT
graphql
A Query Language and Runtime which can target any service.
ollama
Ollama Javascript library. License: MIT
replicate
JavaScript client for Replicate. License: Apache-2.0
weaviate-client
JS/TS client for Weaviate. Keywords: weaviate. License: BSD-3-Clause
multer
Middleware for handling `multipart/form-data`.
@sendgrid/mail
Twilio SendGrid NodeJS mail service. License: MIT
resend
Node.js library for the Resend API. License: MIT
archiver
a streaming interface for archive generation
@paypal/checkout-server-sdk
NodeJS SDK for PayPal Checkout APIs. License: SEE LICENSE IN https://github.com/paypal/Checkout-NodeJS-SDK/blob/master/LICENSE
stripe
Stripe API wrapper. Keywords: stripe, payment processing, credit cards, api. 50M monthly downloads. License: MIT
inquirer
A collection of common interactive command line user interfaces.
moment
Parse, validate, manipulate, and display dates
fs-extra
fs-extra contains methods that aren't included in the vanilla Node.js fs package. Such as recursive mkdir, copy, and remove.
ajv
Another JSON Schema Validator. Keywords: JSON, schema, validator, validation, jsonschema. 1.2B monthly downloads. License: MIT
joi
Object schema validation. Keywords: schema, validation. 88M monthly downloads. License: BSD-3-Clause
jotai
👻 Primitive and flexible state management for React
framer-motion
A simple and powerful JavaScript animation library
zustand
🐻 Bear necessities for state management in React
class-validator
Decorator-based property validation for classes.
yup
Dead simple Object schema validation. 48M monthly downloads. License: MIT
ora
Elegant terminal spinner. Keywords: cli, spinner, spinners, terminal, term. 284M monthly downloads. License: MIT
date-fns
Modern JavaScript date utility library. 352M monthly downloads. License: MIT
dayjs
2KB immutable date time library alternative to Moment.js with the same modern API
winston
A logger for just about everything. Keywords: winston, logger, logging, logs, sysadmin. 90M monthly downloads. License: MIT
csv-parse
CSV parsing implementing the Node.js `stream.Transform` API
aws-amplify
AWS Amplify is a JavaScript library for Frontend and mobile developers building cloud-enabled applications.
llamaindex
<p align="center"> <img height="100" width="100" alt="LlamaIndex logo" src="https://ts.llamaindex.ai/square.svg" /> </p> <h1 align="center">LlamaIndex.TS</h1> <h3 align="center"> Data framework for your LLM application. </h3>
@huggingface/inference
Typescript client for the Hugging Face Inference Providers and Inference Endpoints
next-auth
Authentication for Next.js. Keywords: react, nodejs, oauth, jwt, oauth2. License: ISC
@supabase/supabase-js
Isomorphic Javascript SDK for Supabase. Keywords: javascript, typescript, supabase. 78M monthly downloads. License: MIT
ioredis
A robust, performance-focused and full-featured Redis client for Node.js.
redis
A modern, high performance Redis client. Keywords: redis. License: MIT
pg
PostgreSQL client - pure javascript & libpq with the same API
svelte
Cybernetically enhanced web apps. Keywords: svelte, UI, framework, templates, templating. License: MIT
hono
Web framework built on Web Standards. Keywords: hono, web, app, http, application. 158M monthly downloads. License: MIT
@google/generative-ai
Google AI JavaScript SDK. License: Apache-2.0
jsonwebtoken
JSON Web Token implementation (symmetric and asymmetric)
swc
Alias for @swc/cli. License: MIT
express
Fast, unopinionated, minimalist web framework
got
Human-friendly and powerful HTTP request library for Node.js
rollup
Next-generation ES module bundler. Keywords: modules, bundler, bundling, es6, optimizer. 456M monthly downloads. License: MIT
webpack
Packs ECMAScript/CommonJs/AMD modules for the browser. Allows you to split your codebase into multiple bundles, which can be loaded on demand. Supports loaders to preprocess files, i.e. json, jsx, es7, css, less, ... and your custom stuff.
react-hook-form
Performant, flexible and extensible forms library for React Hooks
axios
Promise based HTTP client for the browser and node.js
antd
An enterprise-class UI design language and React components implementation
parcel
Blazing fast, zero configuration web application bundler
next
The React Framework. Keywords: react, framework, nextjs, web, server. 160M monthly downloads. License: MIT
express-rate-limit
Basic IP rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset.
http-proxy-middleware
The one-liner node.js proxy middleware for connect, express, next.js and more
jiti
Runtime typescript and ESM support for Node.js
h3
Minimal H(TTP) framework built for high performance and portability.
ky
Tiny and elegant HTTP client based on the Fetch API
ramda
A practical functional library for JavaScript programmers.
busboy
A streaming parser for HTML form data for node.js
nodemon
Simple monitor script for use during development of a Node.js app.
ts-node
TypeScript execution environment and REPL for node.js, with source map support
bullmq
Queue for messages and jobs based on Redis
terser
JavaScript parser, mangler/compressor and beautifier toolkit for ES6+
autoprefixer
Parse CSS and add vendor prefixes to CSS rules using values from the Can I Use website
less
Leaner CSS. Keywords: compile less, css nesting, css variable, css, gradients css. 40M monthly downloads. License: Apache-2.0
jimp
An image processing library written entirely in JavaScript.
sass
A pure JavaScript implementation of Sass.
undici
An HTTP/1.1 client, written from scratch for Node.js
debug
Lightweight debugging utility for Node.js and the browser
yargs
yargs the modern, pirate-themed, successor to optimist.
husky
Modern native Git hooks. Keywords: git, hooks, pre-commit. 118M monthly downloads. License: MIT
mocha
simple, flexible, fun test framework. Keywords: mocha, test, bdd, tdd, tap. 59M monthly downloads. License: MIT
tsup
Bundle your TypeScript library with no config, powered by esbuild
tsx
TypeScript Execute (tsx): Node.js enhanced with esbuild to run TypeScript & ESM files
turbo
Turborepo is a high-performance build system for JavaScript and TypeScript codebases.
vite
Native-ESM powered web dev build tool. Keywords: frontend, framework, hmr, dev-server, build-tool. 521M monthly downloads. License: MIT
@nextui-org/react
🚀 Beautiful and modern React UI library.
mongoose
Mongoose MongoDB ODM. Keywords: mongodb, document, model, schema, database. License: MIT
superagent
elegant & feature rich browser / node HTTP with a fluent API
@anthropic-ai/sdk
The official TypeScript library for the Anthropic API
@trpc/server
The tRPC server library. Keywords: tanstack-intent. License: MIT
@google-cloud/storage
Cloud Storage Client Library for Node.js
rimraf
A deep deletion module for node (like `rm -rf`)
lru-cache
A cache object that deletes the least-recently-used items.
semver
The semantic version parser used by npm.
prettier
Prettier is an opinionated code formatter
eslint
An AST-based pattern checker for JavaScript.
newrelic
New Relic agent. Keywords: apm, performance, monitoring, instrumentation, debugging. License: Apache-2.0
stylelint
A mighty CSS linter that helps you avoid errors and enforce conventions.
dotenv-expand
Expand environment variables using dotenv
envinfo
Info about your dev environment for debugging purposes
lint-staged
Lint files staged by git. Keywords: lint, git, staged, eslint, prettier. License: MIT
vitest
Next generation testing framework powered by Vite
mammoth
Convert Word documents from docx to simple HTML and Markdown
glob
the most correct and second fastest glob implementation in JavaScript
cross-env
Run scripts that set and use environment variables across platforms
swr
React Hooks library for remote data fetching
xlsx
SheetJS Spreadsheet data parser and writer
@pinecone-database/pinecone
The official Pinecone TypeScript SDK for building vector search applications with AI/ML.
concurrently
Run commands concurrently. Keywords: bash, concurrent, parallel, concurrently, command. 70M monthly downloads. License: MIT
uuid
RFC9562 UUIDs. Keywords: uuid, guid, rfc4122, rfc9562. License: MIT
typeorm
Data-Mapper ORM for TypeScript and ES2023+. Supports MySQL/MariaDB, PostgreSQL, MS SQL Server, Oracle, SAP HANA, SQLite, MongoDB databases.
pino
super fast, all natural json logger. Keywords: fast, logger, stream, json. 134M monthly downloads. License: MIT
jest
Delightful JavaScript Testing. Keywords: ava, babel, coverage, easy, expect. 181M monthly downloads. License: MIT
sequelize
Sequelize is a promise-based Node.js ORM tool for Postgres, MySQL, MariaDB, SQLite, Microsoft SQL Server, Amazon Redshift and Snowflake’s Data Cloud. It features solid transaction support, relations, eager and lazy loading, read replication and more.
cohere-ai

nanoid
A tiny (118 bytes), secure URL-friendly unique string ID generator
knex
A batteries-included SQL query & schema builder for PostgresSQL, MySQL, CockroachDB, MSSQL and SQLite3
typescript
TypeScript is a language for application scale JavaScript development
koa
Koa web app framework. Keywords: web, app, http, application, framework. License: MIT
firebase
Firebase JavaScript library for web and Node.js
supabase
Supabase CLI. License: MIT
cheerio
The fast, flexible & elegant library for parsing and manipulating HTML and XML.
openai
The official TypeScript library for the OpenAI API
bcryptjs
Optimized bcrypt in plain JavaScript with zero dependencies, with TypeScript support. Compatible to 'bcrypt'.
mailgun.js
A javascript sdk for Mailgun built with webpack, babel & es6. This can be used in node or in the browser*.
square
Use Square APIs to manage and run business including payment, customer, product, inventory, and employee management.
postmark
Official Node.js client library for the Postmark HTTP API - https://www.postmarkapp.com
canvas
Canvas graphics API backed by Cairo. Keywords: canvas, graphic, graphics, pixman, cairo. 27M monthly downloads. License: MIT
chromadb
A JavaScript interface for chroma. Keywords: chroma, embedding, ai, vector. License: Apache-2.0
nuxt
Nuxt is a free and open-source framework with an intuitive and extendable way to create type-safe, performant and production-grade full-stack web applications and websites with Vue.js.
astro
Astro is a modern site builder with web best practices, performance, and DX front-of-mind.
@playwright/test
A high-level API to automate web browsers
bcrypt
A bcrypt library for NodeJS. Keywords: bcrypt, password, auth, authentication, encryption. 21M monthly downloads. License: MIT
@slack/bolt
A framework for building Slack apps, fast.
argon2
An Argon2 library for Node. Keywords: argon2, crypto, encryption, hashing, password. License: MIT
pm2
Production process manager for Node.JS applications with a built-in load balancer.
esbuild
An extremely fast JavaScript and CSS bundler and minifier.
@mistralai/mistralai
TypeScript client library for the Mistral AI API
gatsby
Blazing fast modern site generator for React
sharp
High performance Node.js image processing, the fastest module to resize JPEG, PNG, WebP, GIF, AVIF and TIFF images
cypress
Cypress is a next generation front end testing tool built for the modern web
puppeteer
A high-level API to control headless Chrome over the DevTools Protocol
dd-trace
Datadog APM tracing client for JavaScript
Don't see your tool?
Scan a Tool