Skip to content
GET AI agent ready /v1/npm/{package}

npm Package API - GET /npm/{package} Metadata Lookup

REST-convention read endpoint. Pass the package name in the URL path (scoped packages like "@types/node" must be URL-encoded to "%40types%2Fnode"). Returns the latest version, description, license, homepage, repository URL, author, maintainers, keywords, engine requirements, production dependency count, created/modified timestamps, and total published versions.

Parameters

stringrequired

npm package name. URL-encode scoped names (@scope/name -> %40scope%2Fname).

Code examples

curl -X POST https://api.botoi.com/v1/npm/{package} \
  -H "Content-Type: application/json" \
  -d '{"package":"express"}'

When to use this API

Inline package cards in dev-tool UIs

When a reviewer hovers over a package name in your code-review tool, call GET /npm/{package} and render a card with version, license, and repo link. The GET shape caches well at the CDN layer.

License gating in import-approval workflows

Before accepting a pull request that adds a new dependency, fetch the package metadata and fail the check when license is missing, deprecated, or outside your allowed list (MIT, Apache-2.0, BSD-*).

Dependency staleness reports

For each direct dependency in package.json, call this endpoint and compare modified against today. Packages untouched for more than 18 months get flagged in a weekly report to your platform team.

Frequently asked questions

How do I query a scoped package?
URL-encode the @ and the forward slash. For "@types/node" call GET /v1/npm/%40types%2Fnode. The endpoint decodes the path param back to @types/node before hitting the registry.
What version does this return?
The version tagged as "latest" in dist-tags. Pre-release tags like beta or next are ignored unless they are the only published version.
Does dependencies_count include devDependencies?
No. It counts production dependencies from the latest version's package.json only. Transitive (nested) dependencies are not included either.
What happens when the package does not exist?
The endpoint returns 404 with code NOT_FOUND. Double-check spelling and the scope prefix before retrying.

Get your API key

Free tier includes 5 requests per minute with no credit card required. Upgrade for higher limits.

Sign up free View full docs