Usually you do not want that. Every byte counts, especially if your client-side module wants to be as tight as possible. Also to prevent attacks, you do not want to expose the versions of your dependencies, which happen to be stored in the package.json. Sometimes the package.json contains dependencies of both the client-side and server-side, and thus you might expose your server’s security weaknesses through your client app.
To import only a version string and nothing more, I created an easy to use command tool called genversion. It is aimed to be placed in your build process. It reads the version string and generates a minimalistic version module file. The version module file contains only the version. By importing that new version module into your app, you have the version string and now without the extra.