Tanner's BlogNavigate back to the homepage

Using the NPM API to Get Latest Package Versions

Tanner Nielsen
February 18th, 2019 · 1 min read

The official npm API provides a simple way to programmatically retrieve the latest version of any package, along with other metadata you might find in the package.json. This has a variety of use cases, such as checking when a package is out of date, to name one example. Today I’ll demonstrate how to get the latest version of a package with only a few lines of code. However, I was frustrated with what I found in other solutions, so I also want to talk about those and why you shouldn’t use them.

A very popular way to get the latest version is through the latest-version package on npm, which has nearly 3 million weekly downloads. The package sports a shiny

build passing
badge (so you know it’s good), and the README even tells you why you should choose this package over the latest package, which has “massive” dependencies. The code example also looks pretty slick:

1console.log(await latestVersion('ava'));
2//=> '0.18.0'

So my first impression is that the package is popular, reliable, more lightweight than the competition, and simple to use. Sounds great to me! Let’s just check the download size before installing…

Bundle Size according to bundlephobia.com

Wait a minute… This package literally exposes one function that does one thing. How on earth could it possibly require nearly 90kB, minified?! It turns out that the culprit is the package’s only (and much more useful) dependency, package-json, which allows you to extract information from any package.json file on npm.

The crime here (in my opinion) is that this dependency is over-qualified; it feels a lot like cracking an egg with a hammer. Moreover, the hammer itself is overkill, as the npm API already provides this information. We can do better:

A Better Solution

Using the npm API and the much lighter-weight dependency, axios, we can rewrite the entire latest-version module in a handful of lines:

1function latestVersion(packageName) {
2 return axios
3 .get('https://registry.npmjs.org/' + packageName + '/latest')
4 .then(res => res.data.version);
5}

Just like the original package, latestVersion() returns a promise, so you can use it exactly the same as the latest-version docs describe:

1const packageVersion = await latestVersion('some-package');

Conclusion

I hope this saved you some unnecessary code bloat. If you want to see how other packages will affect your bundle size in the future, you can check for yourself at bundlephobia.com.

More articles from Tanner's Blog

Creating an Engraved Leather Effect with CSS

I love the look of gold-engraved leather. You see it all the time on portfolios, diplomas, etc., and I think the reason is because it…

January 25th, 2019 · 13 min read

How to Make an Alpine Linux Bootable USB With Persistence

Bootable USBs are useful to have in your tool belt and relatively easy to make. Some USBs are "live," meaning they are a clean slate every…

December 27th, 2020 · 4 min read
© 2019–2020 Tanner's Blog
Link to $https://github.com/tannerntannern