npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

npm-attribution-generator

v2.0.0

Published

utility to parse npm packages used in a project and generate an attribution file to include in your product

Downloads

80

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

devinmattedevinmatte

Keywords

licenseattributionnpmcredit

Readme

npm-attribution-generator

utility to parse npm packages used in a project and generate an attribution file to include in your product

Fork of oss-attribution-generator

This project is based on the work of zumwald/oss-attribution-generator.

Major Updates (v2.0.0)

  • Removed Bower support - Bower is deprecated and no longer used
  • Updated dependencies to modern versions for better security and compatibility
  • Fixed yargs API compatibility for version 18+
  • Improved error handling with better user feedback
  • Added node_modules detection with helpful error messages
  • Enhanced package counting to show how many packages were processed
  • Removed deprecation warnings for cleaner output

Installation

npm i -g npm-attribution-generator

Usage

For a single Node project

cd pathToYourProject
generate-attribution
git add ./oss-attribution
git commit -m 'adding open source attribution output from oss-attribution-generator'

For multiple projects

For Node.js projects that use other Node.js projects located in different directories, the -b option can be used to provide a variable number of input directories. Each of the input directories are processed, and any duplicate entries (dependencies with same name and version number) are combined to produce a single attribution text.

cd pathToYourMainProject
generate-attribution -b pathToYourMainProject pathToYourFirstProjectDependency pathToYourSecondProjectDependency
git add ./oss-attribution
git commit -m 'adding open source attribution output from oss-attribution-generator'

Help

Use the --help argument to get further usage details about the various program arguments:

generate-attribution --help

Understanding the "overrides"

Ignoring a package

Sometimes, you may have an "internal" module which you/your team developed, or a module where you've arranged a special license with the owner. These wouldn't belong in your license attributions, so you can ignore them by creating an overrides.json file like so:

{
  "signaling-agent": {
      "ignore": true 
  }
}

Changing the properties of package in the attribution file only

Other times, you may need to supply your own text for the purpose of the attribution/credits. You have full control of this in the overrides.json file as well:

{
  "some-package": {
    "name": "some-other-package-name",
    "version": "1.0.0-someotherversion",
    "authors": "some person",
    "url": "https://thatwebsite.com/since/their/original/link/was/broken",
    "license": "MIT",
    "licenseText": "you can even override the license text in case the original contents of the LICENSE file were wrong for some reason"
  }
}

Prior art

Like most software, this component is built on the shoulders of giants; npm-attribution-generator was inspired in part by the following work: