Gathering detailed insights and metrics for @run1t/npkill
Gathering detailed insights and metrics for @run1t/npkill
List any node_modules 📦 dir in your system and how heavy they are. You can then select which ones you want to erase to free up space 🧹
Installations
npm install @run1t/npkillDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
11.0.0
NPM Version
6.10.0
Score
71
Supply Chain
98
Quality
73.9
Maintenance
100
Vulnerability
98.9
License
Releases
32
Languages
3
TypeScript
JavaScript
Shell
TypeScript (99.26%)
JavaScript (0.65%)
Shell (0.09%)
Developer
Download Statistics
Total Downloads
484
Last Day
1
Last Week
1
Last Month
7
Last Year
91
GitHub Statistics
MIT License
8,570 Stars
641 Commits
198 Forks
41 Watchers
2 Branches
23 Contributors
Updated on Apr 07, 2025
Bundle Size
208.63 kB
Minified
55.82 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
2.0.0
Package Id
@run1t/npkill@2.0.0
Unpacked Size
44.59 kB
Size
13.12 kB
File Count
26
NPM Version
6.10.0
Node Version
11.0.0
Total Downloads
Cumulative downloads
Total Downloads
484
Last Day
0%
1
Compared to previous day
Last Week
0%
1
Compared to previous week
Last Month
-56.3%
7
Compared to previous month
Last Year
0%
91
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Easily find and remove old and heavy node_modules folders :sparkles:
This tool allows you to list any node_modules directories in your system, as well as the space they take up. You can then select which ones you want to erase to free up space. Yay!
Table of Contents
:heavy_check_mark: Features
-
Clear space: Get rid of old and dusty node_modules cluttering up your machine.
-
Very fast: NPKILL is written in TypeScript, but searches are performed at a low level, improving performance greatly.
-
Easy to use: Say goodbye to lengthy commands. Using npkill is as simple as reading a list of your node_modules, and pressing Del to get rid of them. Could it be any easier? ;)
-
Minified: It barely has any dependencies.
:cloud: Installation
1$ npm i -g npkill
Unix users may need to run the command with sudo. Go carefully
:clipboard: Usage
1$ npkill
By default, npkill will scan for node_modules starting at the path where npkill command is executed.
Move between the listed folders with ↓ ↑, and use Space to delete the selected folder (v0.2.2 and below the key was Del).
To exit, Q or Ctrl + c if you're brave.
Options
| ARGUMENT | DESCRIPTION |
|---|---|
| -c, --bg-color | Change row highlight color. (Available: blue, cyan, magenta, white, red and yellow) |
| -d, --directory | Set the directory from which to begin searching. By default, starting-point is . |
| -D, --delete-all | CURRENTLY DISABLED. Automatically delete all node_modules folders that are found. |
| -e, --show-errors | Show error messages related to the search if any |
| -f, --full | Start searching from the home of the user (example: "/home/user" in linux) |
| -gb | Show folders in Gigabytes instead of Megabytes. |
| -h, --help, ? | Show this help page and exit |
| -nu, --no-check-update | Dont check for updates on startup. |
| -v, --version | Show npkill version |
Warning: In future versions some commands may change
Examples
- Search node_modules directories in your projects directory:
1npkill -d ~/projects 2 3# other alternative: 4cd ~/projects 5npkill
- Delete all node_modules that have sneaked into your backups, and show errors if any occur:
1npkill -d ~/backups/ -e
:crystal_ball: Roadmap
- Release 0.1.0 !
- Improve code
- Improve performance
- Improve performance even more!
- Sort results by size and path
- Reduce dependencies to be a more minimalist module
- Allow the search for other types of directories (targets)
- Allow to filter by directories that have not been used in a period of time
- Create option for displaying directories in tree format
- Add some menus
- Periodic and automatic cleaning (?)
:bug: Known bugs :bug:
- Sometimes, CLI is blocked while folder is deleting.
- Some terminals that do not use TTY (like git bash in windows) do not work.
- (SOLVED) Performance issues when searching from high level directories (like / in linux).
- (SOLVED) Sometimes text collapses when updating the cli.
- (SOLVED) Analyzing the size of the directories takes longer than it should.
If you find any bugs, don't hesitate and open an issue :)
:revolving_hearts: Contributing
Available soon
:scroll: License
MIT © Nya García Gallardo and Juan Torres Gómez
:cat::baby_chick:
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 0 commits out of 6 are checked with a SAST tool
Reason
5 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Reason
Found 3/27 approved changesets -- score normalized to 1
Reason
dependency not pinned by hash detected -- score normalized to 1
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/voidcosmos/npkill/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/voidcosmos/npkill/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/voidcosmos/npkill/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/voidcosmos/npkill/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/voidcosmos/npkill/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/voidcosmos/npkill/nodejs.yml/main?enable=pin
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:24
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:25
- Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1
- Warn: no topLevel permission defined: .github/workflows/nodejs.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Score
3.6
/10
Last Scanned on 2025-03-31
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More