Package Health Score

73 / 100

security
No known security issues
popularity
Key ecosystem project
maintenance
Inactive
community
Sustainable

Explore Similar Packages

Security

No known security issues

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

Version				Vulnerabilities	License Risk
10.1.0	\|	03/2024		0 C 0 H 0 M 0 L	0 H 0 M 0 L
10.0.4	\|	02/2024		0 C 0 H 0 M 0 L	0 H 0 M 0 L
9.1.0	\|	03/2023		0 C 0 H 0 M 0 L	0 H 0 M 0 L
8.4.2	\|	02/2023	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
8.3.0	\|	10/2021		0 C 0 H 0 M 0 L	0 H 0 M 0 L

License

MIT

Security Policy

Yes

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Key ecosystem project

Weekly Downloads (45,147,495)

GitHub Stars: 3.26K
Forks: 248
Contributors: -

Direct Usage Popularity

The npm package open receives a total of 45,147,495 downloads a week. As such, we scored open popularity level to be Key ecosystem project.

Based on project statistics from the GitHub repository for the npm package open, we found that it has been starred 3,259 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Sustainable

Readme.md: Yes
Contributing.md: No
Code of Conduct: Yes
Contributors: 0
Funding: Yes

This project has seen only 10 or less contributors.

Embed Package Health Score Badge

Maintenance

Inactive

Commit Frequency

No Recent Commits

Open Issues: 55
Open PR: 2
Last Release: 1 year ago
Last Commit: 1 year ago

Further analysis of the maintenance status of open based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Inactive.

An important project maintenance signal to consider for open is that it hasn't seen any new versions released to npm in the past 12 months, and could be considered as a discontinued project, or that which receives low attention from its maintainers.

In the past month we didn't find any pull request activity or change in issues status has been detected for the GitHub repository.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: >=18

Age: 13 years
Dependencies: 4 Direct
Versions: 49
Install Size: 55.2 kB
Dist-tags: 1
# of Files: 6
Maintainers: 1
TS Typings: No

open has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Not sure how to use open?

To help you get started, we've collected the most common ways that open is being used within popular public projects.

colinking / n1-unsubscribe / lib / thread-unsubscribe-store.es6 View on Github

_unsubscribeViaBrowser(url, callback) {
    if ((!this.isForwarded && !this.settings.confirmForBrowser) ||
      userConfirm(this.confirmText, `A browser will be opened at: ${shortenURL(url)}`)) {
      logIfDebug(`Opening a browser window to:\n${url}`);
      if (this.settings.defaultBrowser === "native" || electronCantOpen(url)) {
        open(url);
        callback(null, /* unsubscribed=*/true);
      } else {
        const browserWindow = new remote.BrowserWindow({
          'web-preferences': { 'web-security': false, 'nodeIntegration': false },
          'width': 1000,
          'height': 800,
          'center': true,
          "alwaysOnTop": true,
        });
        browserWindow.on('closed', () => {
          callback(null, /* unsubscribed=*/true);
        });
        browserWindow.webContents.on('did-fail-load', (event, errorCode, errorDescription) => {
          // Unable to load this URL in a browser window. Redirect to a native browser.
          logIfDebug(`Failed to open URL in browser window: ${errorCode} ${errorDescription}`);
          browserWindow.destroy();

View more ways to use open

open

> Open stuff like URLs, files, executables. Cross-platform.

This is meant to be used in command-line tools and scripts, not in the browser.

If you need this for Electron, use shell.openPath() instead.

This package does not make any security guarantees. If you pass in untrusted input, it's up to you to properly sanitize it.

Why?

Actively maintained.
Supports app arguments.
Safer as it uses spawn instead of exec.
Fixes most of the original node-open issues.
Includes the latest xdg-open script for Linux.
Supports WSL paths to Windows apps.

Install

npm install open

Warning: This package is native ESM and no longer provides a CommonJS export. If your project uses CommonJS, you will have to convert to ESM or use the dynamic import() function. Please don't open issues for questions regarding CommonJS / ESM.

Usage

import open, {openApp, apps} from 'open';

// Opens the image in the default image viewer and waits for the opened app to quit.
await open('unicorn.png', {wait: true});
console.log('The image viewer app quit');

// Opens the URL in the default browser.
await open('https://sindresorhus.com');

// Opens the URL in a specified browser.
await open('https://sindresorhus.com', {app: {name: 'firefox'}});

// Specify app arguments.
await open('https://sindresorhus.com', {app: {name: 'google chrome', arguments: ['--incognito']}});

// Opens the URL in the default browser in incognito mode.
await open('https://sindresorhus.com', {app: {name: apps.browserPrivate}});

// Open an app.
await openApp('xcode');

// Open an app with arguments.
await openApp(apps.chrome, {arguments: ['--incognito']});

API

It uses the command open on macOS, start on Windows and xdg-open on other platforms.

open(target, options?)

Returns a promise for the spawned child process. You would normally not need to use this for anything, but it can be useful if you'd like to attach custom event listeners or perform other operations directly on the spawned process.

target

Type: string

The thing you want to open. Can be a URL, file, or executable.

Opens in the default app for the file type. For example, URLs opens in your default browser.

options

Type: object

wait

Type: boolean
Default: false

Wait for the opened app to exit before fulfilling the promise. If false it's fulfilled immediately when opening the app.

Note that it waits for the app to exit, not just for the window to close.

On Windows, you have to explicitly specify an app for it to be able to wait.

background ^{(macOS only)}

Type: boolean
Default: false

Do not bring the app to the foreground.

newInstance ^{(macOS only)}

Type: boolean
Default: false

Open a new instance of the app even it's already running.

A new instance is always opened on other platforms.

app

Type: {name: string | string[], arguments?: string[]} | Array<{name: string | string[], arguments: string[]}>

Specify the name of the app to open the target with, and optionally, app arguments. app can be an array of apps to try to open and name can be an array of app names to try. If each app fails, the last error will be thrown.

The app name is platform dependent. Don't hard code it in reusable modules. For example, Chrome is google chrome on macOS, google-chrome on Linux and chrome on Windows. If possible, use apps which auto-detects the correct binary to use.

You may also pass in the app's full path. For example on WSL, this can be /mnt/c/Program Files (x86)/Google/Chrome/Application/chrome.exe for the Windows installation of Chrome.

The app arguments are app dependent. Check the app's documentation for what arguments it accepts.

allowNonzeroExitCode

Type: boolean
Default: false

Allow the opened app to exit with nonzero exit code when the wait option is true.

We do not recommend setting this option. The convention for success is exit code zero.

openApp(name, options?)

Open an app.

name

Type: string

You may also pass in the app's full path. For example on WSL, this can be /mnt/c/Program Files (x86)/Google/Chrome/Application/chrome.exe for the Windows installation of Chrome.

options

Type: object

Same options as open except app and with the following additions:

arguments

Type: string[]
Default: []

Arguments passed to the app.

These arguments are app dependent. Check the app's documentation for what arguments it accepts.

apps

An object containing auto-detected binary names for common apps. Useful to work around cross-platform differences.

import open, {apps} from 'open';

await open('https://google.com', {
	app: {
		name: apps.chrome
	}
});

browser and browserPrivate can also be used to access the user's default browser through default-browser.

Supported apps

chrome - Web browser
firefox - Web browser
edge - Web browser
browser - Default web browser
browserPrivate - Default web browser in incognito mode

browser and browserPrivate only supports chrome, firefox, and edge.

open-cli - CLI for this module
open-editor - Open files in your editor at a specific line and column

open dependencies

default-browser define-lazy-prop is-inside-container is-wsl

open development dependencies

@types/node ava tsd xo

FAQs

What is open?

Open stuff like URLs, files, executables. Cross-platform. Visit Snyk Advisor to see a full health score report for open, including popularity, security, maintenance & community analysis.

Is open popular?

The npm package open receives a total of 45,147,495 weekly downloads. As such, open popularity was classified as a key ecosystem project. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is open well maintained?

We found indications that open is an Inactive project. See the full package health analysis to learn more about the package maintenance status.

Is open safe to use?

The npm package open was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 30 March-2025, at 01:35 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP

Package Health Score

Explore Similar Packages

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Weekly Downloads (45,147,495)

Direct Usage Popularity

Embed Package Health Score Badge

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Not sure how to use open?

open

Why?

Install

Usage

API

open(target, options?)

target

options

wait

background (macOS only)

newInstance (macOS only)

app

allowNonzeroExitCode

openApp(name, options?)

name

options

arguments

apps

Supported apps

Related

open dependencies

open development dependencies

FAQs

What is open?

Is open popular?

Is open well maintained?

Is open safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Source Code

Open Source

Container

Config

Fix identified vulnerabilities

Monitor for new issues

background ^{(macOS only)}

newInstance ^{(macOS only)}