npmpackage.info

Gathering detailed insights and metrics for ms

Other packages similar to ms

humanize-ms

2.0.0

transform humanize time to ms

@types/ms

2.1.0

TypeScript definitions for ms

parse-ms

4.0.0

Parse milliseconds into an object

pretty-ms

9.2.0

Convert milliseconds to a human readable string: `1337000000` → `15d 11h 23m 20s`

Gathering detailed insights and metrics for ms

ms - 2.1.3 | npmpackage.info

ms

Tiny millisecond conversion utility

2.1.3

5,298

MIT

TypeScript

701.00 B

46,295,635,002 4.1

Installations

npm install ms

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

12.18.3

NPM Version

6.14.6 Score

99.7

Supply Chain

84.7

Quality

82.6

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

13

Total

132

Closed

56

Merged

63

Issues

Open

19

Total

78

Closed

59

Releases

3.0.0-canary.1

Updated on Sep 15, 2021

3.0.0-canary.0

Updated on Sep 15, 2021

2.1.3

Updated on Dec 08, 2020

2.1.2

Updated on Jun 06, 2019

2.1.1

Updated on Nov 30, 2017

2.1.0

Updated on Nov 30, 2017

View All 20 releases

Languages

TypeScript

JavaScript

Shell

TypeScript (91.41%)

JavaScript (8.4%)

Shell (0.19%)

Developer

vercel

Download Statistics

Total Downloads

46,295,635,002

Last Day

17,122,760

Last Week

262,805,787

Last Month

1,126,189,986

Last Year

12,374,937,419

GitHub Statistics

MIT License

5,298 Stars

163 Commits

276 Forks

90 Watchers

7 Branches

112 Contributors

Updated on Jul 02, 2025

Bundle Size

1.51 kB

Minified

701.00 B

Minified + Gzipped

Bundlephobia

Maintainers

View All 112 Contributors

Package Meta Information

Latest Version

2.1.3

Package Id

ms@2.1.3

Size

2.90 kB

NPM Version

6.14.6

Node Version

12.18.3

Published on

Dec 08, 2020

Total Downloads

Cumulative downloads

Total Downloads

46,295,635,002

Last Day

-2%

17,122,760

Compared to previous day

Last Week

-6%

262,805,787

Compared to previous week

Last Month

1.8%

1,126,189,986

Compared to previous month

Last Year

13.9%

12,374,937,419

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

eslint expect.js husky lint-staged mocha prettier

ms

Use this package to easily convert various time formats to milliseconds.

Examples

1ms('2 days')  // 172800000
2ms('1d')      // 86400000
3ms('10h')     // 36000000
4ms('2.5 hrs') // 9000000
5ms('2h')      // 7200000
6ms('1m')      // 60000
7ms('5s')      // 5000
8ms('1y')      // 31557600000
9ms('100')     // 100
10ms('-3 days') // -259200000
11ms('-1h')     // -3600000
12ms('-200')    // -200

Convert from Milliseconds

1ms(60000)             // "1m"
2ms(2 * 60000)         // "2m"
3ms(-3 * 60000)        // "-3m"
4ms(ms('10 hours'))    // "10h"

Time Format Written-Out

1ms(60000, { long: true })             // "1 minute"
2ms(2 * 60000, { long: true })         // "2 minutes"
3ms(-3 * 60000, { long: true })        // "-3 minutes"
4ms(ms('10 hours'), { long: true })    // "10 hours"

Features

Works both in Node.js and in the browser
If a number is supplied to ms, a string with a unit is returned
If a string that contains the number is supplied, it returns it as a number (e.g.: it returns 100 for '100')
If you pass a string with a number and a valid unit, the number of equivalent milliseconds is returned

TypeScript support

As of v3.0, this package includes TypeScript definitions.

For added safety, we're using Template Literal Types (added in TypeScript 4.1). This ensures that you don't accidentally pass ms values that it can't process.

This won't require you to do anything special in most situations, but you can also import the StringValue type from ms if you need to use it.

1import ms, { StringValue } from 'ms';
2
3// Using the exported type.
4function example(value: StringValue) {
5  ms(value);
6}
7
8// This function will only accept a string compatible with `ms`.
9example('1 h');

In this example, we use a Type Assertion to coerce a string.

1import ms, { StringValue } from 'ms';
2
3// Type assertion with the exported type.
4function example(value: string) {
5  try {
6    // A string could be "wider" than the values accepted by `ms`, so we assert
7    // that our `value` is a `StringValue`.
8    //
9    // It's important to note that this can be dangerous (see below).
10    ms(value as StringValue);
11  } catch (error: Error) {
12    // Handle any errors from invalid vaues.
13    console.error(error);
14  }
15}
16
17// This function will accept any string, which may result in a bug.
18example('any value');

You may also create a custom Template Literal Type.

1import ms from 'ms';
2
3type OnlyDaysAndWeeks = `${number} ${'days' | 'weeks'}`;
4
5// Using a custom Template Literal Type.
6function example(value: OnlyDaysAndWeeks) {
7  // The type of `value` is narrower than the values `ms` accepts, which is
8  // safe to use without coercion.
9  ms(value);
10}
11
12// This function will accept "# days" or "# weeks" only.
13example('5.2 days');

Related Packages

ms.macro - Run ms as a macro at build-time.

Caught a Bug?

Fork this repository to your own GitHub account and then clone it to your local device
Link the package to the global module directory: npm link
Within the module you want to test your local development instance of ms, just link it to the dependencies: npm link ms. Instead of the default one from npm, Node.js will now use your clone of ms!

As always, you can run the tests using: npm test

High

7.5/10

Summary

Regular Expression Denial of Service in ms

Affected Versions

< 0.7.1

Patched Versions

0.7.1

Moderate

5.3/10

Summary

Vercel ms Inefficient Regular Expression Complexity vulnerability

Affected Versions

< 2.0.0

Patched Versions

2.0.0

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

Security-Policy

Determines if the project has published a security policy.

6

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Maintained

Determines if the project is "actively maintained".

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/vercel/ms/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/vercel/ms/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/vercel/ms/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/quality.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/vercel/ms/quality.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/quality.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/vercel/ms/quality.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/quality.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/vercel/ms/quality.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/quality.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/vercel/ms/quality.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/quality.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/vercel/ms/quality.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/quality.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/vercel/ms/quality.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/quality.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/vercel/ms/quality.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/quality.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/vercel/ms/quality.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/quality.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/vercel/ms/quality.yml/main?enable=pin
Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 4 third-party GitHubAction dependencies pinned

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

4.1

/10

Last Scanned on 2025-06-23

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More