npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

delivery-intel

v1.0.2

Published

Point it at any GitHub repo — get DORA metrics, vulnerability scan, and a health score. No setup, no tokens for public repos. CLI + web dashboard.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

parthibanrajasekaranparthibanrajasekaran

Keywords

doradora-metricsdevopsmetricsgithubci-cddeployment-frequencylead-timechange-failure-ratevulnerabilityosvclidashboardsoftware-deliveryengineering-metrics

Readme

📊 delivery-intel

Software Delivery Intelligence — in one command.

Point it at any GitHub repo. Get DORA metrics, vulnerability scan, and a health score.
No setup. No tokens for public repos. Just run it.

npm version CI License: MIT TypeScript Node 18+

⚡ 30-Second Demo

npx delivery-intel facebook/react
  ┌─────────────────────────────────────────────────┐
  │  📊 Delivery Intel  — Software Delivery Intelligence  │
  └─────────────────────────────────────────────────┘

  Repository:  facebook/react
  Analyzed:    2026-02-18T12:00:00.000Z

  Overall Health Score
  ██████████████████████████░░░░ 87/100

  DORA Metrics  ─────────────────────────────────────

  Deploy Frequency  Elite
  12.4 deployments/week  (source: merged PRs)

  Lead Time  Elite
  3.2 hours median  (0.1 days)

  Change Failure Rate  High
  4.8%  (2 failed / 42 total pipeline runs)

  Vulnerability Scan  (OSV.dev)  ───────────────────
  ✓ No known vulnerabilities found

  Suggestions  ─────────────────────────────────────
  ✓ Looking good — no critical issues detected

Works with full URLs too: npx delivery-intel https://github.com/vercel/next.js

🔍 What It Measures

| Metric | What it tells you | Source | |--------|-------------------|--------| | Deploy Frequency | How often code ships to production | GitHub Deployments API → merged PRs fallback | | Lead Time | PR creation → merge (branch active duration) | Pull Requests API | | Change Failure Rate | % of CI pipeline runs that failed + raw counts | Workflow Runs API | | Vulnerabilities | Known CVEs in your dependencies | OSV.dev (free, no auth) | | Health Score | Single 0–100 rollup of everything above | Weighted composite | | Suggestions | Prioritized, actionable recommendations | Heuristic engine |

Supports package.json, requirements.txt, and go.mod for vulnerability scanning.

🚀 Quick Start

CLI (zero install)

# Any public repo — no token needed
npx delivery-intel facebook/react

# JSON output
npx delivery-intel vercel/next.js --json

# Save report to file
npx delivery-intel vercel/next.js --json --output report.json

Web Dashboard

git clone https://github.com/ParthibanRajasekaran/delivery-intel.git
cd delivery-intel
npm install
npm run dev
# → http://localhost:3000

Paste a repo URL and get an animated dashboard with score ring, DORA cards, charts, vulnerability table, and suggestions — all in a dark theme with smooth animations.

Docker

# Dashboard
docker compose up dashboard

# CLI
REPO=facebook/react docker compose run --rm cli

🔐 Authentication

| Method | Setup | Best for | |--------|-------|----------| | None | Just run it | Public repos (60 req/hr) | | gh auth login | brew install gh && gh auth login | Daily use — token stays in OS keychain ✨ | | GITHUB_TOKEN | export GITHUB_TOKEN=ghp_... | CI environments | | --token | --token ghp_... | Quick one-off (avoid in CI) |

Token resolution order: --token flag → GITHUB_TOKEN env → gh auth token

Private repos require a token with repo scope. For CI, use ${{ secrets.GITHUB_TOKEN }} — it's auto-scoped and expires per job.

🔄 CI Integration

Add delivery-intel as a quality gate in your pipeline:

# .github/workflows/delivery-intel.yml
name: Delivery Intelligence

on:
  push:
    branches: [main]
  pull_request:

jobs:
  analyze:
    runs-on: ubuntu-latest
    steps:
      - name: Run delivery-intel
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: npx delivery-intel@latest ${{ github.repository }} --json --output report.json

      - name: Check health score
        run: |
          SCORE=$(jq '.score' report.json)
          echo "Health score: $SCORE / 100"
          if (( $(echo "$SCORE < 40" | bc -l) )); then
            echo "::error::Score $SCORE is below threshold (40)"
            exit 1
          fi

A ready-to-use workflow file is included at .github/workflows/delivery-intel.yml.

🏗️ Architecture

┌──────────────────────────────────────────────────────────────┐
│                      delivery-intel                          │
├──────────────┬───────────────┬───────────────────────────────┤
│   CLI        │   Dashboard   │   GitHub Action               │
│  (npx)       │  (Next.js)    │   (workflow)                  │
├──────────────┴───────────────┴───────────────────────────────┤
│                  Shared Analysis Engine                       │
├──────────┬────────────┬──────────────┬───────────────────────┤
│ GitHub   │ OSV.dev    │  Metrics     │  Suggestions          │
│ REST API │ Vuln API   │  Engine      │  Engine               │
│ GraphQL  │            │  (DORA)      │  (Heuristics)         │
├──────────┴────────────┴──────────────┴───────────────────────┤
│               Optional: Redis Cache (ioredis)                │
└──────────────────────────────────────────────────────────────┘

🛠 Tech Stack

🤝 Contributing

Contributions welcome! See CONTRIBUTING.md for dev setup, coding standards, and workflow.

git clone https://github.com/ParthibanRajasekaran/delivery-intel.git
cd delivery-intel
npm install
npm run validate   # lint + typecheck + test in one shot

📄 License

MIT — use it however you want.