Gathering detailed insights and metrics for nodeinstall
Gathering detailed insights and metrics for nodeinstall
Installations
npm install nodeinstallDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>=14.17.0
Node Version
18.20.4
NPM Version
10.7.0
Releases
3
Languages
1
JavaScript
JavaScript (100%)
Developer
cnpm
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
83 Stars
31 Commits
15 Forks
18 Watchers
6 Branches
14 Contributors
Updated on Nov 12, 2024
Maintainers
3
Package Meta Information
Latest Version
1.2.0
Package Id
nodeinstall@1.2.0
Unpacked Size
25.48 kB
Size
7.92 kB
File Count
13
NPM Version
10.7.0
Node Version
18.20.4
Published on
Nov 12, 2024
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Nodeinstall
Another node installer that bundle node with application.
Why
Nodeinstall is not a node version switcher, it will install node locally(in node_modules). Then you can deploy application everywhere without Node installed.
You can start application with npm start easily, npm will find node from $PWD/node_modules/.bin/node
Nodeinstall let application use the same node version in every environment(local development for production).
Installation
1$ npm install nodeinstall -g
Feature
- ✔︎ Install Node to Local
- ✔︎ Support Alinode and NSolid
- ✔︎ Support RC and nighly
- ✔︎ Package Define
- ✔︎ Ignore Unsafe Versions
Usage
Install node to node_modules
1$ nodeinstall 6.0.0 2$ ./node_modules/.bin/node -v
You can use semver range to match the real version
1$ nodeinstall ^6.0.0 2$ ./node_modules/.bin/node -v
You can also use nodeinstall to install Alinode or NSolid
1$ nodeinstall --install-alinode 1.6.0 2$ ./node_modules/.bin/node -p 'process.versions.alinode' 3$ nodeinstall --install-nsolid 1.6.0 4$ ./node_modules/.bin/node -p 'process.versions.nsolid'
You can define version in package.json
1{ 2 "engines": { 3 "install-node": "^18.0.0" 4 } 5}
Also support
If you are in China, you can use --china flag to speed up.
API
1const install = require('nodeinstall').install; 2await install({ 3 version: '^18.0.0', 4});
Options
cwd
The current directory, default is process.cwd.
version
The version that you want to install, it also can be semver range that get the right version automatically.
Version matching is based on distUrl.
distUrl
The url where to donwload the tarball, You can find all distUrl in config.js.
china
Use the mirror distUrl in china for speed.
cache
unsafeVersions
The Map contains the unsafe version and the safe version.
For example, if you install 4.0.0 that is defined in unsafeVersions as an unsafe version, it will install 4.5.0 instead.
const unsafeVersions = {
'>= 1.0.0 < 4.4.4': '4.5.0',
};
installNode
Install Node, it's a default options. Ignore when package define matched..
installNoderc
Install Node RC, ignore when package define matched.
installAlinode
Install Alinode, ignore when package define matched.
installNsolid
Install NSolid, ignore when package define matched.
installNightly
Install Node nightly, always be the latest version, ignore when package define matched.
Questions & Suggestions
Please open an issue here.
Lisence
MIT
Contributors
 popomore |  fengmk2 |  gemwuu |  richardo2016 |  brucewar |  lceric |
|---|
This project follows the git-contributor spec, auto updated at Sat Dec 10 2022 01:18:52 GMT+0800.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 0 commits out of 14 are checked with a SAST tool
Reason
Found 10/30 approved changesets -- score normalized to 3
Reason
dependency not pinned by hash detected -- score normalized to 2
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/cnpm/nodeinstall/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/cnpm/nodeinstall/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/cnpm/nodeinstall/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/cnpm/nodeinstall/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/cnpm/nodeinstall/nodejs.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/cnpm/nodeinstall/nodejs.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/cnpm/nodeinstall/nodejs.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/cnpm/nodeinstall/release.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/nodejs.yml:39
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 1 out of 2 npmCommand dependencies pinned
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:28
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:29
- Warn: no topLevel permission defined: .github/workflows/codeql.yml:1
- Warn: no topLevel permission defined: .github/workflows/nodejs.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Score
4.4
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More