SizePanic is a fast npm package size analyzer.
It helps you understand the real bundle cost of dependencies before shipping by analyzing raw size, gzip size, and estimated download time.
- Analyze a single package (
name,name@version, scoped packages, and subpaths) - Analyze many dependencies from a
package.jsonupload - Generate badges for package size widgets
- Show raw bytes, gzip bytes, and network-time estimates
- Surface package metadata (license, links, dependency counts)
- Track product analytics events on the web app (Databuddy)
This repository uses Bun workspaces + Turborepo.
apps/
web/ # React + Vite frontend
server/ # Elysia API server and analysis runtime
packages/
api/ # tRPC routers and input schemas
env/ # Shared environment validation (zod)
- Runtime: Bun
- Frontend: React, Vite, TanStack Router, TanStack Query
- Backend: Elysia, tRPC, zod
- Monorepo: Turborepo
- Deployment: Docker / Docker Compose
- Bun
>=1.3
Install dependencies:
bun installRun all apps in dev mode:
bun devRun quality checks:
bun check-types
bun checkBuild all workspaces:
bun run buildSet the following values before running locally or in production.
WEB_URL- Allowed web origin for CORS (example:https://sizepanic.com)
VITE_SERVER_URL- Public server base URL used by the frontend (example:https://api.sizepanic.com)
Build containers:
bun run docker:buildRun stack:
bun run docker:upCurrent compose setup includes:
- Server CPU/memory limits
/tmpmounted astmpfswith size cap to reduce disk-abuse risk- Container healthchecks for both web and server
Shields.io badge examples:
Generate your badge now: https://sizepanic.com/badge
- Input validation is enforced via zod in the API layer.
- Server-side analysis uses bounded concurrency and queue timeouts.
- Batch analysis has upper limits to reduce abuse impact.
Licensed under MIT. See LICENSE for details.