npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

basic-package-template

v1.4.0

Published

Package description

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

0xtiby0xtiby

Keywords

Readme

Package Name

Package description

Installation

npm install package-name
# or
pnpm add package-name
# or
yarn add package-name

Usage

import { YourClass } from "package-name";

// Usage example
const instance = new YourClass();

API

YourClass

Description of your main export.

Methods

  • method() - Description of method

Development

🔧 Quick Setup

To quickly set up branch protection rules, run the automated script:

# Make sure you have GitHub CLI installed and authenticated
gh auth login

# Run the setup script (choose one method)
./scripts/setup-branch-protection.sh
# or
npm run setup:branch-protection

This script will automatically:

  • ✅ Detect your main branch (main/master)
  • ✅ Configure branch protection rules
  • ✅ Require pull requests before merging
  • ✅ Require at least 1 approval
  • ✅ Dismiss stale reviews on new commits
  • ✅ Disable force pushes and deletions
  • ✅ Apply rules to administrators
  • Allow GitHub Actions to create and approve pull requests

🤖 GitHub Actions Permissions

The script automatically configures GitHub Actions to create and approve pull requests. This is essential for:

  • Automated releases: Allows semantic-release to create PRs for version bumps and changelog updates
  • Dependency updates: Enables Dependabot and other bots to create PRs
  • Automated workflows: Permits GitHub Actions to interact with pull requests

To modify this behavior:

# Disable GitHub Actions PR creation/approval
gh api repos/OWNER/REPO/actions/permissions/workflow \
  --method PUT \
  --field can_approve_pull_request_reviews=false

# Re-enable GitHub Actions PR creation/approval
gh api repos/OWNER/REPO/actions/permissions/workflow \
  --method PUT \
  --field can_approve_pull_request_reviews=true

To allow administrators to bypass branch protection:

# Edit the script and change line 54 to:
"enforce_admins": false

Or manually in GitHub: Settings → Branches → Edit rule → Uncheck "Include administrators"

Manual Repository Security Setup (Alternative)

If you prefer manual setup, configure branch protection rules:

Branch Protection Rules

  1. Go to your GitHub repository
  2. Navigate to Settings → Branches
  3. Click "Add rule" for the main/master branch
  4. Configure the following settings:

Required settings:

  • ✅ Require a pull request before merging
  • ✅ Require approvals: 1 (or more for team projects)
  • ✅ Dismiss stale PR approvals when new commits are pushed
  • ✅ Require status checks to pass before merging
  • ✅ Require branches to be up to date before merging
  • ✅ Require conversation resolution before merging
  • ✅ Restrict pushes that create files larger than 100MB

Optional but recommended:

  • ✅ Require signed commits
  • ✅ Include administrators (applies rules to repo admins too)
  • ✅ Allow force pushes: No one (or "Specify who can force push" for admins only)
  • ✅ Allow deletions: No one

Status Checks (if you add CI/tests)

If you add testing workflows, also enable:

  • ✅ Require status checks to pass before merging
  • Add your test workflow names to required checks

This ensures:

  • No direct commits to main/master
  • All changes go through pull requests
  • Code review is mandatory
  • Automated releases work properly

Setup for Automated Releases

To enable automated releases, configure the following secrets in your GitHub repository:

1. NPM Token

  1. Go to npmjs.com and sign in
  2. Click on your avatar → "Access Tokens"
  3. Click "Generate New Token" → "Automation"
  4. Copy the generated token
  5. In your GitHub repo: Settings → Secrets and variables → Actions
  6. Click "New repository secret"
  7. Name: NPM_TOKEN
  8. Value: paste your npm token

2. GitHub Token

The GITHUB_TOKEN is automatically provided by GitHub Actions, no additional configuration needed.

3. Repository Configuration

Make sure in Settings → Actions → General:

  • "Allow GitHub Actions to create and approve pull requests" is checked
  • Workflow permissions: "Read and write permissions" is selected

Releases

This project uses semantic-release for automated releases. Use conventional commits:

  • feat: - New feature (minor version)
  • fix: - Bug fix (patch version)
  • feat!: or BREAKING CHANGE: - Breaking change (major version)

Examples:

feat: add new authentication method
fix: resolve memory leak in parser
feat!: remove deprecated API endpoints

Release Process

  1. Make your commits following conventional commits
  2. Create a pull request to main/master
  3. Get code review and approval
  4. Merge the pull request
  5. GitHub Actions triggers automatically
  6. A new release is created if significant changes are detected
  7. The package is published to npm
  8. A GitHub release with changelog is generated
  9. 🤖 Automated repo update: A pull request is automatically created to update package.json version and CHANGELOG.md
  10. Review and merge the automated PR to keep your repository in sync

License

MIT