npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@opendpp/sdk

v1.11.1

Published

Official TypeScript SDK for the OpenDPP Digital Product Passport API — a fully-typed client generated from the public OpenAPI contract (ESM, Node >=20). Zero runtime dependencies; version-locked to the API contract.

Readme

@opendpp/sdk

Official TypeScript SDK for the OpenDPP Digital Product Passport API — a fully-typed client for every endpoint, generated from the public OpenAPI contract and version-locked to it (this package's major.minor is the API contract version). ESM, Node ≥ 20, zero runtime dependencies (the fetch client is bundled).

Part of the OpenDPP open client surface (Apache-2.0). The SDK is ergonomics only — it embeds no tier/masking logic and no restricted-key knowledge; every privileged operation is a typed call to the hosted node behind your Developer-Plan key. A rival could regenerate an equivalent from the public spec in an afternoon — the value is the hosted node it calls, not the client.

Install

npm install @opendpp/sdk

Quick start

import { createOpenDppClient, getHealth, createPassport, getPassport } from "@opendpp/sdk";

const client = createOpenDppClient({ apiKey: process.env.OPENDPP_API_KEY });

// Public, no key needed:
const health = await getHealth({ client });

// Behind your Developer-Plan key:
const created = await createPassport({
  client,
  body: { productId: "09501101531000", metadata: { category: "batteries", /* … */ } },
});

const passport = await getPassport({ client, path: { id: created.data!.id } });

Every operation is a tree-shakeable, fully-typed function (createPassport, sealPassport, decodeGs1, resolveGs1Gtin, whoami, …) and every request/response shape is an exported type. The OpenAPI description for each endpoint comes through as JSDoc, so your editor shows permissions, rate limits, and content-negotiation notes inline.

Configuring the client

createOpenDppClient({ baseUrl?, apiKey? }) defaults baseUrl to the public node (https://opendpp-node.eu) and sends the key as Authorization: Bearer … on operations that require it. You can also configure the exported default client globally instead of passing it per call:

import { client, listPassports } from "@opendpp/sdk";
client.setConfig({ baseUrl: "https://opendpp-node.eu", auth: () => process.env.OPENDPP_API_KEY });
const page = await listPassports();

Content-negotiated public resolvers

The 200 of the public resolvers (GET /passport/{id}, /01/{gtin14}, /8003/{grai}, /unit/{id}) is negotiated via the Accept header, but the generated operations are typed against the default JSON-LD representation only. Two guards keep the typed surface honest:

  • Clients from this package (both createOpenDppClient() and the default client) pin Accept: application/ld+json on those paths when you don't set an Accept yourself, so a typed resolvePublicPassport(...) receives the JSON-LD document by construction.
  • To request an alternate representation (AAS environment, vc+jwt / vc+ld+json / dc+sd-jwt credential, HTML page), use the *As helpers — resolvePublicPassportAs, resolveGs1GtinAs, resolveGs1GraiAs, resolvePublicBatteryUnitAs — which set the Accept header and the matching body parsing, and type data per media type. (Hand-rolling the Accept header on a generated resolver operation would silently mismatch its declared response type — the bundled fetch client would even hand you a Blob for the JWT representations.)
import { resolvePublicPassport, resolvePublicPassportAs } from "@opendpp/sdk";

const { data: jsonLd } = await resolvePublicPassport({ client, path: { id } }); // PublicPassportJsonLd
const { data: jws } = await resolvePublicPassportAs({ client, path: { id }, accept: "application/vc+jwt" }); // string
const { data: aas } = await resolvePublicPassportAs({ client, path: { id }, accept: "application/aas+json" }); // AasEnvironment

Versioning

@opendpp/sdk's major.minor is version-locked to OPENAPI_VERSION — e.g. @opendpp/[email protected] targets API contract 1.11. The patch digit is the SDK's own lane: client-only fixes ship as patch releases against the same contract (e.g. 1.11.1 fixes the client, still targeting contract 1.11.0), so always take the latest patch of your contract's major.minor. The generated client under src/generated/ is committed and CI-checked against openapi.json (a drift guard: regenerating must produce no diff). Install the SDK major that matches the /api/v1 major you call.

License

Apache-2.0 © Opendpp UAB. See NOTICE. "OpenDPP" is a trademark of Opendpp UAB; this license grants no rights to the marks.