The latest articles on DEV Community by CinfiniteDev (@cinfinitedev_engine). https://dev.to/cinfinitedev_engine https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3780619%2Fc3c3d0ea-ec65-43bb-96d5-824ce2e22392.jpg https://dev.to/cinfinitedev_engine en CinfiniteDev Wed, 25 Mar 2026 23:10:11 +0000 https://dev.to/cinfinitedev_engine/from-chaos-to-control-multiple-nodejs-environments-with-multi-env-cli-cai https://dev.to/cinfinitedev_engine/from-chaos-to-control-multiple-nodejs-environments-with-multi-env-cli-cai <h2> ⚡ Multi-Env CLI </h2> <blockquote> <p>Stop juggling <code>.env</code> files for Node.js projects. Run multiple environments side-by-side with hot-reload support.</p> </blockquote> <h2> 💡 Why Multi-Env CLI? </h2> <p>If you’ve ever worked on a Node.js project, you know the pain of juggling multiple environments. </p> <p>For testing a feature across <strong>dev, staging, and prod</strong>, every time we needed to tweak an environment variable, we typically:</p> <ul> <li>🛑 Stop the server </li> <li>📄 Copy <code>.env</code> to <code>.env.staging</code> or <code>.env.prod</code> </li> <li>🔄 Restart the app </li> <li>👀 Double-check which instance was running </li> </ul> <p>By the end of the day, we had three terminals open, three versions of <code>.env</code> floating around — it felt like <strong>manually juggling spinning plates</strong>.</p> <h2> 💡 The Thought </h2> <p>There has to be a better way.</p> <p>That’s how <strong>Multi-Env CLI</strong> came to life — a small CLI tool that:</p> <ul> <li>🚀 Runs multiple Node.js instances at the same time </li> <li>✏️ Lets you edit environment variables live without restarting </li> <li>🔒 Keeps your original <code>.env</code> files untouched </li> <li>🛠️ Makes it easy to list, kill, and manage instances</li> </ul> <h2> 🔥 Pain Points Solved </h2> <p>Before Multi-Env CLI, developers often ran into:</p> <ul> <li>📂 Constantly copying <code>.env</code> files for each environment </li> <li>🔄 Restarting the server every time a variable changes </li> <li>🤯 Losing track of which instance is running which environment </li> </ul> <p>With Multi-Env CLI, all of that is gone:</p> <ul> <li>📝 Temporary env files for each instance </li> <li>⚡ Hot reload — editing the temp env automatically restarts the app </li> <li>📋 Instance management — list, kill, and clean up instances safely </li> </ul> <h2> 🛠️ Typical Workflow </h2> <ul> <li> <strong>Generic Multi-Env CLI Command</strong> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>npx multi-env run --env-file &lt;path-to-env-file&gt; --cmd "&lt;your-command&gt;" </code></pre> </div> <ul> <li> <strong>Run a staging instance</strong> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">npx</span> <span class="nx">multi</span><span class="o">-</span><span class="nx">env</span> <span class="nx">run</span> <span class="o">--</span><span class="nx">env</span><span class="o">-</span><span class="nx">file</span> <span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">staging</span> <span class="o">--</span><span class="nx">cmd</span> <span class="dl">"</span><span class="s2">node server.js</span><span class="dl">"</span> <span class="o">--</span><span class="nx">auto</span><span class="o">-</span><span class="nx">cleanup</span> </code></pre> </div> <ul> <li><strong>Edit Environment Variables Live</strong></li> </ul> <p>Open .multi-env/env.temp.</p> <p>Change variables and save → the app restarts automatically</p> <ul> <li> <strong>Run Production Instance Simultaneously</strong> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">npx</span> <span class="nx">multi</span><span class="o">-</span><span class="nx">env</span> <span class="nx">run</span> <span class="o">--</span><span class="nx">env</span><span class="o">-</span><span class="nx">file</span> <span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">prod</span> <span class="o">--</span><span class="nx">cmd</span> <span class="dl">"</span><span class="s2">node server.js</span><span class="dl">"</span> </code></pre> </div> <ul> <li> <strong>List Running Instances</strong> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">npx</span> <span class="nx">multi</span><span class="o">-</span><span class="nx">env</span> <span class="nx">list</span> </code></pre> </div> <ul> <li> <strong>Kill Any Instance When Done</strong> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">npx</span> <span class="nx">multi</span><span class="o">-</span><span class="nx">env</span> <span class="nx">kill</span> <span class="o">--</span><span class="nx">id</span> <span class="o">&lt;</span><span class="nx">instance</span><span class="o">-</span><span class="nx">id</span><span class="o">&gt;</span> </code></pre> </div> <h2> ✨ Key Features </h2> <ul> <li><p>📝 <strong>Hot-editable env files</strong> — no more manual restarts</p></li> <li><p>🔀 <strong>Run multiple instances side by side</strong> (dev, staging, prod)</p></li> <li><p>📂 <strong>CLI-managed temp files</strong> — original .env stays safe</p></li> <li><p>🛡️ <strong>Crash-safe</strong> — dead instances are cleaned automatically</p></li> <li><p>⚡ <strong>Plug-and-play</strong> — works with any Node.js project</p></li> </ul> <h2> 👥 Who It’s For </h2> <ul> <li><p>💻 <strong>Node.js developers running multiple environments locally</strong></p></li> <li><p>🧪 <strong>Teams testing feature flags or environment-dependent features</strong></p></li> <li><p>🚀 <strong>Anyone doing rapid prototyping, CI/CD testing, or multi-tenant apps</strong></p></li> </ul> <h2> 🚀 Getting Started </h2> <p>Install globally:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">npm</span> <span class="nx">install</span> <span class="o">-</span><span class="nx">g</span> <span class="nx">multi</span><span class="o">-</span><span class="nx">env</span><span class="o">-</span><span class="nx">cli</span> </code></pre> </div> <p>Or use via npx without installing:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">npx</span> <span class="nx">multi</span><span class="o">-</span><span class="nx">env</span> <span class="nx">run</span> </code></pre> </div> <h2> 📂 Temp Env Files </h2> <p>All temp env files are stored in .multi-env/ inside your project</p> <p>Original .env files are never modified</p> <p>Editing temp env files triggers auto-restart for the specific instance</p> <h2> 🏁 Ending Note </h2> <p>Multi-Env CLI was built to make working with multiple Node.js environments <strong>simpler, faster, and safer</strong>. No more juggling <code>.env</code> files, restarting servers manually, or losing track of instances. </p> <p>Whether you’re testing feature flags, running dev/staging/prod side by side, or experimenting with rapid prototyping, this tool helps you stay in control — and keeps your workflow smooth and stress-free. </p> <p>Give it a try, and see how much easier managing Node.js environments can be! 🚀</p> <blockquote> <p>“Temp files are my playground — shuffle, duplicate, or vanish them without breaking a sweat.” — <em>The Env Whisperer</em></p> </blockquote> <p>npm link: <a href="https://www.npmjs.com/package/multi-env-cli" rel="noopener noreferrer">https://www.npmjs.com/package/multi-env-cli</a></p> javascript cli opensource npm CinfiniteDev Wed, 18 Mar 2026 08:41:28 +0000 https://dev.to/cinfinitedev_engine/next-component-analyzer-stop-guessing-if-your-components-should-be-server-or-client-3i34 https://dev.to/cinfinitedev_engine/next-component-analyzer-stop-guessing-if-your-components-should-be-server-or-client-3i34 <p>Ever added <code>"use client"</code> somewhere in your Next.js app just because "it might need state" — and then wondered a week later?</p> <blockquote> <p>"Wait… does this even need to be a client component?"</p> </blockquote> <p>Yeah… we’ve all been there.</p> <p>This is the story of <strong>Next Component Analyzer</strong>: the tool built to <strong>stop guessing</strong> and help you classify components correctly, every time.</p> <h2> 🔍 From Developer Pain to Solution </h2> <p>Working with Next.js, I noticed a pattern: developers often <strong>overuse <code>"use client"</code></strong>. Why?</p> <ul> <li>They’re not sure if a component uses state or browser APIs</li> <li>They’re following a habit: “Better safe than sorry”</li> <li>A missed <code>"use client"</code> can break hooks or event handlers</li> </ul> <p>But overusing <code>"use client"</code> isn’t harmless — it can:</p> <ul> <li>Increase <strong>bundle size</strong> </li> <li>Move server-renderable components to the client unnecessarily</li> <li>Make your project <strong>harder to maintain</strong> , it wont just appear like that , but it can , you never know.</li> </ul> <p>Wanted a way to <strong>audit components automatically</strong> and answer the question:</p> <blockquote> <p>“Does this component really need to be a client component?”</p> </blockquote> <p>That’s how <strong>Next Component Analyzer</strong> was like build me .</p> <h2> 🛠 What Next Component Analyzer Does </h2> <p>Next Component Analyzer is your <strong>CLI sidekick</strong> for Next.js:</p> <ul> <li>Scans your <strong>entire project</strong> </li> <li>Detects <strong>React hooks, browser APIs, and JSX events</strong> </li> <li>Suggests whether a component should be <strong>Server or Client</strong> </li> <li>Highlights <strong>unnecessary <code>"use client"</code> directives</strong> </li> </ul> <p>It’s <strong>AST-based</strong>, so it doesn’t rely on naive string matching — no false positives here.</p> <h3> 📊 Component Classifications </h3> <p>The analyzer classifies components into <strong>four meaningful categories</strong>:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Category</th> <th>What it means</th> </tr> </thead> <tbody> <tr> <td>Client Component (correct)</td> <td>Has client features and <code>"use client"</code> </td> </tr> <tr> <td>Suggested: Client Component</td> <td>Has client features but missing <code>"use client"</code> </td> </tr> <tr> <td>Suggested: Server Component</td> <td>No client features, no <code>"use client"</code> </td> </tr> <tr> <td>Could be Server Component (unnecessary client)</td> <td> <code>"use client"</code> is present, but no client features</td> </tr> </tbody> </table></div> <h3> ⚡ Installation &amp; CLI Usage </h3> <p>Run <strong>without installing</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx next-component-analyzer </code></pre> </div> <p>Or install <strong>globally</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install</span> <span class="nt">-g</span> next-component-analyzer next-component-analyzer </code></pre> </div> <p>The CLI will scan your project and produce a <strong>classification report</strong>.</p> <h3> 💻 Programmatic Usage </h3> <p>Perfect for <strong>CI pipelines, dashboards, or custom scripts</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">analyzeProject</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next-component-analyzer</span><span class="dl">"</span><span class="p">;</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">run</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">results</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">analyzeProject</span><span class="p">();</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">results</span><span class="p">);</span> <span class="p">}</span> <span class="nf">run</span><span class="p">();</span> </code></pre> </div> <p><strong>Example output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"filePath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"app/page.tsx"</span><span class="p">,</span><span class="w"> </span><span class="nl">"classification"</span><span class="p">:</span><span class="w"> </span><span class="s2">"server"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detected"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"fetch"</span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"filePath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"components/button.tsx"</span><span class="p">,</span><span class="w"> </span><span class="nl">"classification"</span><span class="p">:</span><span class="w"> </span><span class="s2">"client"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detected"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"useState"</span><span class="p">,</span><span class="w"> </span><span class="s2">"useEffect"</span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span></code></pre> </div> <p>✅ Integrate results into <strong>CI checks</strong>, dashboards, or editor tools.</p> <h2> 🌟 Why This Matters </h2> <p>Next Component Analyzer helps you:</p> <ul> <li>Keep your <strong>Next.js apps lean</strong> </li> <li>Avoid unnecessary client components</li> <li>Automatically <strong>enforce component architecture rules</strong> </li> <li>Reduce bugs caused by <strong>forgotten <code>"use client"</code> directives</strong> </li> </ul> <p>It turns guesswork into <strong>data-driven decisions</strong>, saving time and improving performance.</p> <h2> 🧠 Philosophy </h2> <p>Every component should answer a simple question:</p> <blockquote> <p>“Do I actually need to be a client component?”</p> </blockquote> <p>Next Component Analyzer gives you the answer. By analyzing hooks, browser APIs, and events, it ensures <strong>intentional <code>"use client"</code> usage</strong> — no more guesswork, no more cluttered client bundles.</p> <h2> 🔗 Try It Yourself </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx next-component-analyzer </code></pre> </div> <p>Scan your Next.js project today and see exactly <strong>which components should be server, which should be client, and which might be overdoing it</strong>.</p> <p>Here's the link to package : <a href="https://www.npmjs.com/package/next-component-analyzer" rel="noopener noreferrer">https://www.npmjs.com/package/next-component-analyzer</a></p> javascript nextjs opensource react CinfiniteDev Mon, 16 Mar 2026 06:49:42 +0000 https://dev.to/cinfinitedev_engine/dependencies-should-not-be-silent-inspect-what-your-npm-packages-actually-do-5gdf https://dev.to/cinfinitedev_engine/dependencies-should-not-be-silent-inspect-what-your-npm-packages-actually-do-5gdf <p>SO , </p> <p>Every time you run:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>some-package </code></pre> </div> <p>you are executing <strong>someone else's code on your machine</strong>.</p> <p>But here’s the uncomfortable truth:</p> <p><strong>Do you really know what that code is doing?</strong></p> <p>Most don’t.</p> <h2> 🚀 From User to Producer: How I Realized the Risk </h2> <p>Before I first started building npm packages, I was just a user like everyone else. Install a package, trust it works, move on.</p> <p>But when you switch from <strong>user → producer</strong>, everything changes: you see <strong>how packages execute</strong>, which scripts run automatically, and the <strong>sheer power even a tiny package can hold</strong>.</p> <p>Then I read about this: npm supply-chain attack happened sometime back.</p> <p>A single compromised package could affect <strong>millions of machines</strong>.</p> <p>💡 That’s when I thought:</p> <blockquote> <p>“Even a small package can impact huge systems. What if we could <strong>see what it does before we install it</strong>?”</p> </blockquote> <p>That thought sparked <strong>npm-telemetry</strong>.</p> <h2> ⚠️ The Problem With Blind Trust </h2> <p>npm packages can:</p> <ul> <li>🌐 Make network requests</li> <li>📁 Access the file system</li> <li>🔐 Read environment variables</li> <li>⚙️ Spawn child processes</li> <li>🧙 Execute dynamic code (<code>eval</code> / <code>new Function</code>)</li> <li>📦 Run postinstall scripts</li> </ul> <p>Most developers only realize this <strong>after something goes wrong</strong>. Supply-chain attacks are becoming increasingly common — and frighteningly easy.</p> <p>npm-telemetry gives <strong>visibility upfront</strong>, letting you make informed decisions before installing.</p> <h2> 🛠 Introducing npm-telemetry </h2> <p>npm-telemetry is a <strong>lightweight CLI and Node.js library</strong> that inspects packages and reports on their capabilities.</p> <p>Think of it as a <strong>nutrition label for npm packages</strong>: you inspect, you understand, you trust consciously.</p> <h3> What It Detects </h3> <ul> <li>🌐 <strong>Network access</strong> </li> <li>📁 <strong>File system read/write</strong> </li> <li>🔐 <strong>Environment variable access</strong> </li> <li>⚙️ <strong>Child processes</strong> </li> <li>🧙 <strong>Dynamic execution (<code>eval</code> / <code>new Function</code>)</strong> </li> <li>📦 <strong>Postinstall scripts</strong> </li> </ul> <p>It also calculates an <strong>analysis coverage score</strong>, so you know how thoroughly the package was inspected.</p> <h2> 🏃‍♂️ Getting Started </h2> <p>No global installation needed. Run:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx npm-telemetry &lt;package_name&gt; </code></pre> </div> <p>Example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx npm-telemetry axios </code></pre> </div> <p>Output:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>🔍 Analysis Report: axios Permissions: 🌐 Network: YES 📁 FS Read: NO 📁 FS Write: NO 🔐 Env Access: NO ⚙️ Child Process: NO ⚠ Dynamic code execution: NO ⚠ Postinstall script: null </code></pre> </div> <p>✅ Instantly know what the package is capable of doing.</p> <h2> 💻 Programmatic Usage </h2> <p>Integrate npm-telemetry into <strong>CI pipelines, dashboards, or custom scripts</strong>.</p> <h3> CommonJS </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">analyzePackage</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">npm-telemetry</span><span class="dl">"</span><span class="p">);</span> <span class="p">(</span><span class="k">async </span><span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">analyzePackage</span><span class="p">(</span><span class="dl">"</span><span class="s2">axios</span><span class="dl">"</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">coverage</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">report</span><span class="p">.</span><span class="nx">network</span><span class="p">);</span> <span class="p">})();</span> </code></pre> </div> <h3> ES Modules </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">import</span> <span class="nx">analyzePackage</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">npm-telemetry</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">analyzePackage</span><span class="p">(</span><span class="dl">"</span><span class="s2">axios</span><span class="dl">"</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">coverage</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">report</span><span class="p">.</span><span class="nx">network</span><span class="p">);</span> </code></pre> </div> <p>Returned object:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"package"</span><span class="p">:</span><span class="w"> </span><span class="s2">"axios"</span><span class="p">,</span><span class="w"> </span><span class="nl">"coverage"</span><span class="p">:</span><span class="w"> </span><span class="mi">92</span><span class="p">,</span><span class="w"> </span><span class="nl">"report"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"fsRead"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"> </span><span class="nl">"fsWrite"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"> </span><span class="nl">"network"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="p">,</span><span class="w"> </span><span class="nl">"env"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"> </span><span class="nl">"childProcess"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"> </span><span class="nl">"usesEval"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"> </span><span class="nl">"dynamicRequire"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"> </span><span class="nl">"postinstall"</span><span class="p">:</span><span class="w"> </span><span class="kc">null</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> 🔬 How npm-telemetry Works </h2> <p>Under the hood:</p> <ol> <li>Scans package code for sensitive APIs</li> <li>Detects dynamic code (<code>eval</code>, <code>new Function</code>)</li> <li>Flags postinstall scripts</li> <li>Generates a <strong>coverage score</strong> </li> </ol> <p>💡 <strong>No execution happens on your machine</strong>, keeping it safe.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>[Package] ↓ [npm-telemetry analysis] ↓ [Permissions report &amp; coverage score] </code></pre> </div> <h2> 🛡 Why This Matters </h2> <p>npm-telemetry:</p> <ul> <li>Makes dependency behavior <strong>visible</strong> </li> <li>Lets developers <strong>audit packages before installing</strong> </li> <li>Helps <strong>enforce security policies</strong> </li> <li>Enables <strong>custom risk scoring</strong> </li> </ul> <p>Not to accuse packages, but to give <strong>developers conscious control</strong>.</p> <h2> 💡 Philosophy </h2> <p>Every dependency should answer one question:</p> <blockquote> <p>“What am I doing on your system?”</p> </blockquote> <p>npm-telemetry provides <strong>visibility, honesty, and peace of mind</strong>.</p> <p>Software shouldn’t be magic — trust should never be blind.</p> <h2> ✅ Try It Yourself </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx npm-telemetry &lt;package_name&gt; </code></pre> </div> <p>Inspect any npm package before installing it — you may be surprised at what you discover.</p> <p>Here's the link to package : <a href="https://www.npmjs.com/package/npm-telemetry" rel="noopener noreferrer">https://www.npmjs.com/package/npm-telemetry</a></p> javascript opensource npm security