npm Package Name Validator

How to use

1. 1Type a candidate package name into the input. Try a scoped form like @acme/utils or an unscoped form like react-confetti.
2. 2Read the status banner at the top of the results: green is publishable, amber is publishable with warnings, red means npm would reject the name.
3. 3Scan the rules list to see exactly which rule fired (errors first, then warnings, then OK confirmations).
4. 4Use the canonical safe rewrite in the Outputs panel as a starting point if the input fails the strict rules, or copy the install command and npmjs.com URL when the name is valid.
5. 5Click any sample chip to load a representative case (valid scoped, uppercase, leading dot, Node builtin, too long, Windows reserved) and watch the checks update.

About this tool

npm Package Name Validator checks whether a string is a publishable package name on the npm registry, using the same rules as the official validate-npm-package-name library. Every check runs as you type so the answer is immediate. The validator enforces the hard rules npm rejects at publish time: total length between 1 and 214 characters including the scope and slash, lowercase ASCII only (no uppercase letters), no leading dot or underscore, no whitespace anywhere, and none of the URL-unsafe characters tilde, single quote, exclamation mark, parentheses, or asterisk. Scoped names are parsed into their @scope and name segments, with each segment checked against the same allowed character set (lowercase letters, digits, hyphens, dots, underscores). Names that match a Node.js built-in module (assert, buffer, crypto, fs, path, stream, and so on through the full standard library, including newer additions like async_hooks and worker_threads) are blocked because they shadow the built-in module that ships with Node. The fixed npm blacklist (node_modules, favicon.ico) is enforced too. On top of the hard rules, the tool surfaces practical warnings that npm allows but that cause real problems in the wild: names longer than 40 characters (npm's recommended ceiling for new packages), Windows reserved device names like con, prn, aux, nul, com1 through com9, and lpt1 through lpt9 (these break git checkouts on Windows file systems), names that start with a digit, and names made entirely of digits. For any input the tool also produces a canonical safe rewrite (lowercased, trimmed, special characters replaced with hyphens, leading and trailing symbols stripped, length capped) so a name that fails the strict rules can become a name that passes with a single copy. When the name is valid, the tool also prints the install command and the npmjs.com URL so a quick paste confirms whether the name is already taken on the public registry. Useful when picking a name for a new package, when scaffolding a new internal scope, when porting a package to npm from another registry, when migrating a private name to public, or when reviewing a pull request that introduces a workspace package. The validation runs entirely in your browser; the name you type, the canonical rewrite, and the parsed segments are never sent to a server.

Free to use. Works in your browser. No signup, no login.