Package Exports
- @kitiumai/npm-package-tester
- @kitiumai/npm-package-tester/ai
- @kitiumai/npm-package-tester/ai/library-scenario-generator
- @kitiumai/npm-package-tester/ai/provider
- @kitiumai/npm-package-tester/ai/scenario-generator
- @kitiumai/npm-package-tester/analyzer
- @kitiumai/npm-package-tester/docker
- @kitiumai/npm-package-tester/domain
- @kitiumai/npm-package-tester/formatter
- @kitiumai/npm-package-tester/package.json
- @kitiumai/npm-package-tester/runner
- @kitiumai/npm-package-tester/utils
Readme
npm-package-tester
๐งช Automatically test npm packages (CLI and libraries) by discovering their commands and exports, running them in isolated Docker environments
๐ค AI-Powered: Generate realistic test scenarios using Claude, GPT-4, Gemini, or Groq ๐ Private Packages: Full support for private npm packages and custom registries โก Fast & Reliable: Run tests in parallel across multiple Node versions ๐ Library Testing: Validate exported functions, classes, and utilities with automatic API testing
Table of Contents
- The Problem
- The Solution
- Features
- Quick Start
- Example Output
- AI-Powered Testing
- Testing Private Packages
- CLI Options
- How It Works
- Use Cases
- Configuration
- API Usage
- Architecture
- Requirements
- Contributing
- License
The Problem
When you publish an npm package, you need to verify:
For CLI packages:
- โ Does it install correctly?
- โ Do all CLI commands work?
- โ Does it work across different Node versions?
- โ Does the --help flag work?
- โ Does the --version flag work?
- โ Does it run without crashing?
For library packages:
- โ Can the package be imported correctly?
- โ Do exported functions/classes work as expected?
- โ Do all main APIs function properly?
- โ Are exports correctly exposed?
- โ Does it work across different Node versions?
Manual testing is tedious and error-prone. Testing scope expands exponentially with multiple Node versions.
The Solution
npm-package-tester automatically:
For CLI packages:
- ๐ฆ Analyzes your package.json to detect CLI commands (from
binfield) - ๐ณ Creates fresh Docker containers with specified Node versions
- ๐ฅ Installs your package
- ๐งช Runs each CLI command with common flags (--help, --version, etc.)
- โ Reports which commands work and which don't
For library packages:
- ๐ฆ Analyzes your package.json to detect exports (main, exports, module fields)
- ๐ณ Creates fresh Docker containers with specified Node versions
- ๐ฅ Installs your package
- ๐งช Tests package imports and API calls (with AI-powered scenario generation)
- โ Reports which exports work and validates their functionality
Features
CLI Testing:
- ๐ Auto-Discovery: Automatically detects all CLI commands from
package.jsonbinfield - ๐ฏ Smart Testing: Automatically tries --help, --version, and no-args
- ๐ค AI-Powered Scenarios: Generate realistic test scenarios using Claude, GPT-4, Gemini, or Groq
- ๐ Custom Tests: Define your own test cases with setup and validation
Library Testing:
- ๐ Export Detection: Automatically detects and analyzes all exported functions, classes, and constants
- ๐ Import Testing: Validates that exports can be imported and used correctly
- ๐ค AI-Powered Library Tests: Generate realistic usage scenarios for library APIs
- โจ Type Support: Detects TypeScript type definitions and validates type compatibility
General Features:
- ๐ณ Docker Isolation: Tests run in isolated, clean environments
- ๐ Multi-Version: Test across Node 16, 18, 20, etc. simultaneously
- โก Parallel Testing: Run tests concurrently for speed
- ๐ Detailed Reports: Clear pass/fail results with complete test breakdown
- ๐ Private Packages: Full support for private npm packages with authentication
- ๐ฆ Custom Registries: Works with private npm registries (npm, GitHub, GitLab, etc.)
- ๐ก๏ธ Enterprise Governance: Policy gates for registries/base images and compliance add-ons (SBOM, audit, license checks)
- ๐จ Lightweight: Minimal dependencies, fast execution
Quick Start
# Install globally
npm install -g npm-package-tester
# Test a package from npm
npt test eslint
# Test your local package
npt test ./my-package
# Test across multiple Node versions
npt test prettier --node 16,18,20
# AI-powered intelligent testing (generates realistic scenarios)
npt test env-type-generator --ai-provider anthropic --ai-token YOUR_API_KEY
# Use OpenAI instead
npt test my-package --ai-provider openai --ai-token YOUR_OPENAI_KEY
# Test private packages
npt test @your-org/private-package --npm-token YOUR_NPM_TOKEN
# Test from custom registry
npt test @company/package --npm-registry https://npm.company.com --npm-token YOUR_TOKEN
# Keep containers for debugging
npt test --keep-containersExample Output
Default Testing
๐ฆ Package: eslint
Version: 8.50.0
๐ณ Node 20
โ eslint --help (125ms)
โ eslint --version (98ms)
โ eslint [no args] (102ms)
๐ Summary
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Total: 3 tests
Passed: 3
Failed: 0
Duration: 325ms
๐ Test Details
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
๐ฏ Default Tests
โ eslint --help (125ms)
โ eslint --version (98ms)
โ eslint (no args) (102ms)
โ
All tests passed!AI-Powered Testing
๐ฆ Package: env-type-generator
Version: 1.0.0
Auto-generate TypeScript types from .env files with zero config
๐ณ Node 20
โ env-type-gen (1512ms)
โ env-type-gen (4871ms)
โ env-type-gen (1307ms)
๐ Summary
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Total: 3 tests
Passed: 3
Failed: 0
Duration: 7690ms
๐ Test Details
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
๐ค AI-Generated Tests
โ basic-type-generation (1512ms)
โ multiple-env-files-with-parsing -e .env .env.local -p (4871ms)
โ strict-mode-all-required -e .env.example -o ./types/env.d.ts (1307ms)
โ
All tests passed!Library Testing (Default)
When testing a library package without AI:
๐ฆ Package: lodash
Version: 4.17.21
JavaScript utility library
๐ณ Node 20
โ import-default (102ms)
โ import-named (98ms)
๐ Summary
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Total: 2 tests
Passed: 2
Failed: 0
Duration: 200ms
๐ Test Details
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
๐ Library Tests
๐ฏ Default Tests
โ import-default (102ms)
โ import-named (98ms)
โ
All tests passed!Library Testing (AI-Powered)
When testing a library package with AI:
๐ฆ Package: axios
Version: 1.4.0
Promise based HTTP client for the browser and node.js
๐ณ Node 20
โ basic-get-request (245ms)
โ post-with-data (312ms)
โ error-handling (198ms)
๐ Summary
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Total: 3 tests
Passed: 3
Failed: 0
Duration: 755ms
๐ Test Details
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
๐ Library Tests
๐ค AI-Generated Tests
โ basic-get-request (245ms)
โ post-with-data (312ms)
โ error-handling (198ms)
โ
All tests passed!How It Works
1. Command Detection
// Reads package.json
{
"name": "my-cli-tool",
"bin": {
"mycli": "./dist/cli.js", // Primary command
"my": "./dist/cli.js" // Alias
}
}
// Detects: mycli, my2. Docker Environment
# Spins up for each Node version
FROM node:20-alpine
RUN npm install -g my-cli-tool
RUN mycli --help
RUN mycli --version3. Smart Testing
For each command, automatically tests:
command --help(should show help)command --version(should show version)command(no args - should not crash)- Custom scenarios you define
Use Cases
1. Pre-Publish Validation
# Before publishing
npm run build
npt test .
npm publish2. CI/CD Integration
# .github/workflows/test.yml
- name: Test CLI
run: |
npm install -g npm-package-tester
npt test . --node 16,18,203. Testing Published Packages
# Verify your package works after publishing
npt test your-package-name@latest4. Debugging Installation Issues
# Keep containers to inspect
npt test . --keep-containers
docker exec -it <container-id> shConfiguration
Create .npmtestrc.json:
{
"nodeVersions": ["16", "18", "20"],
"parallel": true,
"timeout": 30000,
"baseImage": "node:20-alpine3.19",
"policy": {
"allowedRegistries": ["https://registry.npmjs.org"],
"allowedNodeVersions": ["18", "20"]
},
"compliance": {
"enabled": true,
"sbom": true,
"audit": true,
"licenseCheck": true,
"artifactDir": "/artifacts/security"
},
"customTests": [
{
"name": "Generate help",
"command": "mycli generate --help",
"expect": {
"exitCode": 0,
"stdout": "Usage:"
}
}
]
}API Usage
import { testPackage } from 'npm-package-tester';
const results = await testPackage('eslint', {
nodeVersions: ['20'],
baseImage: 'node:20-bookworm',
policy: { allowedRegistries: ['https://registry.npmjs.org'] },
compliance: { audit: true, sbom: true },
parallel: false,
});
console.log(`Passed: ${results.passed}/${results.total}`);Tree-Shaking and Subpath Exports
The package is fully tree-shakable with granular subpath exports. Import only what you need:
// Import only specific modules - reduces bundle size
import { PackageAnalyzer } from '@kitiumai/npm-package-tester/analyzer';
import { TestRunner } from '@kitiumai/npm-package-tester/runner';
import { DockerManager } from '@kitiumai/npm-package-tester/docker';
import { ResultFormatter } from '@kitiumai/npm-package-tester/formatter';
// AI utilities (optional)
import { AIProvider } from '@kitiumai/npm-package-tester/ai/provider';
import { ScenarioGenerator } from '@kitiumai/npm-package-tester/ai/scenario-generator';
// Types only (zero runtime cost)
import type { PackageInfo, TestConfig } from '@kitiumai/npm-package-tester/domain';
// Full API (includes everything)
import { testPackage, analyzePackage } from '@kitiumai/npm-package-tester';Available Subpath Exports:
@kitiumai/npm-package-tester- Main API with convenience functions@kitiumai/npm-package-tester/domain- TypeScript types and interfaces@kitiumai/npm-package-tester/analyzer- Package analysis utilities@kitiumai/npm-package-tester/runner- Test execution engine@kitiumai/npm-package-tester/docker- Docker container management@kitiumai/npm-package-tester/formatter- Result formatting utilities@kitiumai/npm-package-tester/ai- All AI utilities (barrel export)@kitiumai/npm-package-tester/ai/provider- AI provider interface@kitiumai/npm-package-tester/ai/scenario-generator- Scenario generation@kitiumai/npm-package-tester/utils- Error utilities
Benefits:
- โ Smaller bundles - Only import what you use
- โ Faster builds - Modern bundlers can eliminate unused code
- โ Better IDE autocomplete - Clearer import paths
- โ
Zero side effects - Safe for tree-shaking (
"sideEffects": false)
CLI Options
Usage: npt test [options] <package>
Options:
-n, --node <versions> Node versions (comma-separated)
-p, --parallel Run tests in parallel
-k, --keep-containers Keep containers after test
-t, --timeout <ms> Timeout per test (default: 30000)
--npm-token <token> npm authentication token for private packages
--npm-registry <url> Custom npm registry URL
--ai-provider <provider> AI provider (anthropic, openai, google, groq)
--ai-token <token> AI API token/key
--ai-model <model> AI model name (optional, auto-detects best)
--base-image <image> Custom Docker base image (e.g., node:20-bookworm)
--allowed-registry <url> Enforce a single allowed registry (policy gate)
--compliance-artifacts <dir> Directory to persist audit/SBOM artifacts
--no-audit Disable vulnerability scanning
--no-sbom Disable SBOM generation
--no-license-check Disable license checks
--no-help Skip --help tests
--no-version Skip --version tests
-v, --verbose Verbose outputEnterprise Compliance & Governance
- Policy gates: Deny unapproved registries, enforce allowed Node versions/base images for deterministic builds.
- SBOM generation: Lightweight dependency inventory via
npm list --json(persist with--compliance-artifacts). - Security auditing:
npm audit --jsonruns inside the isolated container so tokens never leave the sandbox. - License capture: Fetches the published license for the tested package for audit trails.
Example: locked-down registry and artifacts
npt test @your-scope/package \
--allowed-registry https://registry.npmjs.org \
--base-image node:20-bookworm \
--compliance-artifacts /auditThe compliance report is written to /audit/compliance-report.json inside the container, alongside SBOM and audit findings.
AI-Powered Testing
Instead of just testing --help and --version, use AI to generate realistic test scenarios:
npt test env-type-generator --ai-provider anthropic --ai-token YOUR_TOKENThe AI will:
- ๐ Analyze the package README and CLI help
- ๐ง Understand what the package does
- ๐ฏ Generate realistic test scenarios with:
- Appropriate input files
- Realistic command arguments
- Expected output validation
- โ Validate file creation, content, and exit codes
Example AI-Generated Scenarios:
๐ค Generating test scenarios with AI...
โจ Generated 4 AI test scenarios
๐ณ Node 20
โ basic-env-file-generation (1400ms)
โ env-with-comments (1706ms)
โ nested-env-variables (5040ms)
โ strict-mode-with-custom-output (1517ms)
๐ 4/4 tests passed โ
Supported AI Providers
| Provider | Model | Setup |
|---|---|---|
| Anthropic | Claude Sonnet 4.5 | Get key from console.anthropic.com |
| OpenAI | GPT-4o | Get key from platform.openai.com |
| Gemini 2.0 Flash | Get key from ai.google.dev | |
| Groq | Llama 3.3 70B | Get key from console.groq.com |
The best model for each provider is automatically selected.
Testing Private Packages
npm-package-tester fully supports private npm packages with authentication:
Using npm Token
# Test private package from npm registry
npt test @your-org/private-package --npm-token YOUR_NPM_TOKEN
# Get your npm token from ~/.npmrc or create one with:
# npm token create --read-onlyUsing Custom Registry
# Test from private registry (like Verdaccio, Artifactory, GitHub Packages)
npt test @company/package \
--npm-registry https://npm.company.com \
--npm-token YOUR_REGISTRY_TOKENHow it Works
- The tool creates a
.npmrcfile in the Docker container - Configures authentication with your token
- Installs the package securely
- Runs all tests normally
Security Note: Tokens are only used within isolated Docker containers and are not stored or logged.
Supported Registries
- โ npm (private packages)
- โ GitHub Packages
- โ GitLab Package Registry
- โ Verdaccio
- โ JFrog Artifactory
- โ Azure Artifacts
- โ Any npm-compatible registry
Architecture
npm-package-tester
โโโ PackageAnalyzer # Reads package.json, detects commands
โโโ CommandDetector # Identifies CLI binaries
โโโ DockerManager # Creates/manages containers
โโโ TestRunner # Executes commands in containers
โโโ ScenarioRunner # Runs AI-generated test scenarios
โโโ ScenarioGenerator # Generates scenarios using AI
โโโ AIProvider # Multi-provider AI abstraction (Claude, GPT-4, Gemini, Groq)
โโโ ResultFormatter # Pretty output
โโโ CLI # User interfaceClean Architecture
- Domain: Types, interfaces (no dependencies)
- Application: Business logic (PackageAnalyzer, TestRunner, ScenarioRunner)
- AI: AI providers and scenario generation
- Infrastructure: Docker, file system (external concerns)
- CLI: User interface (commander, chalk)
Requirements
- Docker installed and running
- Node.js >= 16
- npm or yarn
- (Optional) AI provider API key for intelligent test generation
Limitations
- Docker Required: Requires Docker (no Windows native support yet, WSL2 works)
- No Interactive Testing: Can't test interactive prompts automatically
- Network-Dependent: Pulls Docker images on demand
- AI Costs: AI features require API credits (optional, but recommended for best results)
- Static Analysis: Export detection uses regex-based parsing, not full AST analysis
Roadmap
Completed โ
- AI-powered test scenario generation
- Multi-provider AI support (Anthropic, OpenAI, Google, Groq)
- Library/Module Export Testing - Automatically detect and test npm package exports
- Export API Analysis - Analyze exported functions, classes, and constants
- AI Library Scenarios - Generate realistic library usage test patterns
- CLI export detection and analysis
High Priority (Next)
- Type Validation - Validate TypeScript type definitions and JSDoc comments
- Enhanced Export Detection - Use AST parsing for more accurate export analysis
- Custom Library Tests - Allow users to define custom library test scenarios
- Performance Benchmarking - Test and report library function performance
Future Enhancements
- Support testing interactive CLIs
- Cloud runners (no local Docker needed)
- Screenshot/visual testing for TUI apps
- Windows native support (WSL2 improvements)
- Custom Docker images
- CI/CD badges and GitHub Actions integration
- Historical test tracking and trend analysis
- Podman support (Docker alternative)
- Local execution mode (without Docker)
- Snapshot testing for library output
Contributing
We welcome contributions! Here's how you can help:
Ways to Contribute
- ๐ Report Bugs: Create a bug report
- ๐ก Suggest Features: Request a feature
- ๐ Improve Documentation: Fix typos, add examples, clarify instructions
- ๐งช Add Tests: Increase test coverage
- ๐ง Fix Issues: Check out good first issues
Development Setup
# Clone the repository
git clone https://github.com/kitium-ai/npm-package-tester.git
cd npm-package-tester
# Install dependencies
npm install
# Build the project
npm run build
# Run tests
npm test
# Run linting
npm run lintGuidelines
- Follow the existing code style
- Write tests for new features
- Update documentation as needed
- Ensure all tests pass before submitting PR
- Keep PRs focused on a single feature or bug fix
Code of Conduct
Be respectful, inclusive, and constructive. We're all here to learn and build great tools together!
License
MIT ยฉ Ashish Yadav
Related Projects
- testcontainers - Integration testing with Docker
- verdaccio - Private npm registry
- np - Better npm publish
Support
- ๐ Documentation
- ๐ฌ GitHub Discussions
- ๐ Issue Tracker
- ๐ง Email
Made with โค๏ธ for npm package authors
โญ Star us on GitHub if you find this useful!