What format must the name field be in?

The name must be lowercase, URL-safe, and at most 214 characters. It may contain hyphens and may be scoped like @scope/name, but no spaces, uppercase letters, or leading dots or underscores. This builder normalizes obvious issues for you.

What is the difference between dependencies and devDependencies?

dependencies are packages your code needs at runtime and are installed for anyone using your package. devDependencies are only needed during development — test runners, bundlers, linters — and are skipped when your package is installed as a dependency of another project.

Should I set type to module or commonjs?

Set type to module if your project uses ES module import/export syntax in .js files, or commonjs (the default) if you use require. Choosing module changes how Node interprets every .js file in the package.

What goes in the engines field?

engines declares the Node.js and npm versions your project supports, for example node >=18. It is advisory by default but tools like npm can warn or refuse to install on mismatched versions when engine-strict is enabled.

What does the private field do?

Setting private to true prevents the package from being accidentally published to the npm registry. Use it for applications and internal projects that should never be public packages.

package.json Builder

Build a valid package.json without guessing field names

Every Node.js project is anchored by a package.json — the manifest that declares its name, version, dependencies, and the scripts you run with npm run. A typo in a field name or an invalid version range silently breaks tooling. This builder collects the standard fields, validates the ones with strict rules (name casing, semver versions), and emits clean, indented JSON ready to drop into your project root.

How it works

The builder assembles a single JSON object from your inputs, only including fields you actually fill in so the output stays minimal. A few fields have rules the tool enforces:

name is lowercased and stripped of illegal characters; scoped names like @acme/widget are preserved.
version follows semantic versioning, MAJOR.MINOR.PATCH, defaulting to 1.0.0.
scripts, dependencies, and devDependencies become nested objects, for example:

{
  "scripts": { "build": "tsc", "test": "jest" },
  "dependencies": { "express": "^4.19.0" }
}

Dependency versions use npm range syntax: ^1.2.3 allows compatible minor and patch updates, ~1.2.3 allows only patch updates, and an exact 1.2.3 pins the version. The output is serialized with two-space indentation, the convention npm itself writes.

Tips and notes

Set private: true on applications so a stray npm publish cannot leak them to the public registry.
Keep your entry point (main) accurate; bundlers and require() resolution rely on it for packages consumed by others.
Use engines to document the Node version your CI runs, so contributors get a warning instead of cryptic runtime errors.
After saving, run npm install to generate the lockfile that pins the exact resolved versions of every dependency.

package.json Builder

Email me this result

Build a valid package.json without guessing field names

How it works

Tips and notes