How do I look up a package?

Type the exact npm package name (for example, react or lodash) and the tool fetches its metadata from the public npm registry, including the latest version, license, and last-published date.

Where does the data come from?

All data is read live from registry.npmjs.org, the official public npm registry. No login or API key is required, and the request is made directly from your browser.

Why can’t I find a package?

Check the exact spelling — package names are case-sensitive and may include a scope (like @angular/core). Unpublished, removed, or private packages will not return a result.

Does this work with scoped packages?

Yes. Enter the full scoped name including the slash, for example @types/node or @angular/core, and the registry lookup handles it correctly.

Is any login or API key needed?

No. The npm registry is public, so the inspector reads package metadata directly from your browser with no authentication.

Why is the last-published date important?

It is the clearest signal of whether a package is still maintained. A package not updated in years may have unpatched bugs or security issues.

npm Package Inspector

Type an npm package name to instantly see its latest version, description, license, homepage and repository links, last-published date, and keywords — straight from the npm registry.

Updated June 2026

Data provided by npm Registry

How to use npm Package Inspector

The npm Package Inspector looks up any package on the public npm registry and shows the details that matter most before you add a dependency: the latest published version, a description, the license, the homepage and source repository, the date it was last published, and its keywords. Developers use it to vet a library at a glance — confirming it is actively maintained, checking the license is compatible with their project, and finding the real source repo — without leaving the browser or running install commands. All data is read live from registry.npmjs.org, the same source the npm CLI uses, with no login or API key required.

Type the exact npm package name into the input box (for example, react or @types/node).
Press Inspect (or hit Enter) to query the public npm registry.
Read the latest version, description, and license at the top of the result.
Check the last-published date to judge how actively the package is maintained.
Follow the npm, homepage, or repository links to dig deeper, and scan the keywords for related context.

Your query is sent to npm Registryto fetch results. We don't store it.

How to read npm package metadata

Every package on the npm registry carries a metadata document describing its published versions and other details. The "latest" dist-tag points to the version most users will install by default, while the full versions list shows how many releases exist — a high count often signals an active, long-lived project. The "time.modified" timestamp tells you when the package was last published, which is the single most useful signal of whether a library is still maintained. The license field declares the legal terms for using the code, and the repository field links to the source so you can inspect issues, stars, and recent commits. Reading these fields together gives you a quick, reliable health check before you commit to a dependency.

Key npm metadata fields
Field	What it tells you	Why it matters
Latest version	The default version installed	Shows the current release line
Last published	When it was last updated	Signals active maintenance
License	Legal usage terms	Must fit your project’s policy
Repository	Link to source code	Lets you audit issues and activity
Keywords	Author-tagged topics	Helps gauge scope and find alternatives

Semantic versioning and dependency hygiene

npm packages follow semantic versioning (SemVer), where a version like 4.17.21 reads as MAJOR.MINOR.PATCH. A bump in the patch number means backwards-compatible bug fixes, a minor bump adds backwards-compatible features, and a major bump signals breaking changes you must handle when upgrading. Knowing the latest version helps you decide whether your project is behind and how risky catching up will be. Beyond the version number, good dependency hygiene means checking that the license is permissive enough for your use, that the package has been published recently, and that its repository is public and reasonably active. This inspector surfaces all of those signals in one place so you can make that call quickly — though for security-sensitive projects you should still run an audit and review the source before trusting any third-party code.

Worked examples

Inspecting react

Inputs: react

Result: Latest version, MIT license, repository link and last-published date

Inspecting a scoped package

Inputs: @angular/core

Result: Resolves scoped package metadata: version, license and keywords

Glossary

npm registry: The public database at registry.npmjs.org that stores published JavaScript packages and their metadata.
dist-tag: A named pointer to a specific version; "latest" is the default version installed when no version is specified.
Semantic versioning (SemVer): A versioning scheme of MAJOR.MINOR.PATCH that communicates the scope of changes between releases.
Scoped package: A package namespaced under an owner, written as @scope/name, such as @angular/core.
License: The legal terms (e.g. MIT, Apache-2.0) that govern how a package’s code may be used and distributed.

Frequently Asked Questions

Free · No spam

Get weekly tool tips & updates

New tools, power-user tips, and productivity hacks — delivered free every Friday.

No spam, ever. Unsubscribe with one click.

Why use npm Package Inspector?

See the latest version, license, and last-published date together so you can vet a dependency fast
Jump straight to the package’s npm page, homepage, and source repository with clean links
Works for scoped packages like @angular/core as well as plain names like lodash
No npm CLI or sign-up needed — everything is fetched directly from the public registry in your browser

Common use cases

Check whether a library was published recently before adding it to a project
Confirm a package’s license (MIT, Apache-2.0, etc.) is compatible with your app
Find the real GitHub repository for a package whose npm name differs from its repo
Compare two similar packages by version, keyword coverage, and maintenance recency
Look up a dependency’s metadata while reviewing a pull request or audit

Related Developer Tools

JSON Formatter & Validator

Format, validate, and minify JSON instantly. Includes syntax highlighting, error detection, and a collapsible tree view — free, private, in-browser.

JSON to TypeScript Types

Convert JSON to TypeScript interfaces online. Infers types, nested objects, and arrays automatically. Free, private JSON-to-TS generator in your browser.

Slug Generator

Convert any text or title into a clean URL slug. Lowercases, removes accents and special characters, and joins words with hyphens. Free slugify tool.

Regex Tester

Test and debug regular expressions online. See live matches, capture groups, and replace output. Free, private, instant.

Base64 Encoder & Decoder

Encode text or files to Base64, or decode Base64 strings back to text. Fast, free, and runs entirely in your browser.

URL Encoder / Decoder

Encode and decode URLs and URL components online. Convert special characters to percent-encoding and back instantly — free, private, and fast.

Explore all Developer Tools.