@chialab/estransform - npm Package Compare versions

Comparing version 0.18.1 to 0.19.0-beta.0

package.json

 {
   "name": "@chialab/estransform",
   "type": "module",
-  "version": "0.18.1",
+  "version": "0.19.0-beta.0",
   "description": "Execute multiple transformations on JavaScript sources with full sourcemaps support.",
-  "main": "dist/index.js",
+  "main": "lib/index.js",
   "typings": "./types/index.d.ts",
@@ -21,7 +21,4 @@ "author": "Chialab <dev@chialab.io> (https://www.chialab.it)",
   ],
-  "scripts": {
-    "build": "rimraf dist && node build.js"
-  },
   "files": [
-    "dist",
+    "lib",
     "types",
@@ -36,12 +33,12 @@ "package.json",
   "dependencies": {
-    "@parcel/source-map": "^2.0.0"
+    "@napi-rs/magic-string": "^0.3.4",
+    "@parcel/source-map": "^2.0.0",
+    "cjs-module-lexer": "^1.2.2",
+    "es-module-lexer": "^1.0.0",
+    "oxc-parser": "^0.8.0"
   },
   "devDependencies": {
-    "cjs-module-lexer": "^1.2.2",
-    "es-module-lexer": "^1.0.0",
-    "magic-string": "^0.30.3",
     "rimraf": "^5.0.1",
-    "sucrase": "^3.0.0",
     "typescript": "^5.0.0"
   }
 }

types/helpers.d.ts

@@ -10,12 +10,2 @@ /**
 /**
- * Detect first level identifier for esbuild file loader imports.
- * File could be previously bundled using esbuild, so the first argument of a new URL(something, import.meta.url)
- * is not a literal anymore but an identifier.
- * Here, we are looking for its computed value.
- * @param {import('./parser.js').TokenProcessor} processor The program processor.
- * @param {import('./types.js').Token} id The name of the identifier.
- * @returns {string|undefined} The init token.
- */
-export function getIdentifierValue(processor: import("sucrase/dist/types/TokenProcessor.js").default, id: import('./types.js').Token): string | undefined;
-/**
  * Get token location.
@@ -30,63 +20,1 @@ * @param {string} code Source code.
 };
-/**
- * Get a block of tokens.
- * @param {import('./parser.js').TokenProcessor} processor
- * @param {TokenType} [openingToken]
- * @param {TokenType} [closingToken]
- * @returns {import('./types.js').Token[]}
- */
-export function getBlock(processor: import("sucrase/dist/types/TokenProcessor.js").default, openingToken?: any, closingToken?: any): import('./types.js').Token[];
-/**
- * @param {import('./parser.js').TokenProcessor} processor
- */
-export function getStatement(processor: import("sucrase/dist/types/TokenProcessor.js").default): import("sucrase/dist/types/parser/tokenizer/index.js").Token[];
-/**
- * Split tokens into function arguments.
- * @param {import('./types.js').Token[]} tokens
- * @returns {import('./types.js').Token[][]}
- */
-export function splitArgs(tokens: import('./types.js').Token[]): import('./types.js').Token[][];
-/**
- * Extract argument tokens for a function declaration.
- * @param {import('./parser.js').TokenProcessor} processor
- */
-export function extractFunctionArguments(processor: import("sucrase/dist/types/TokenProcessor.js").default): {
-    index: number;
-    type?: import("sucrase/dist/types/parser/tokenizer/types.js").TokenType | undefined;
-    contextualKeyword?: import("sucrase/dist/types/parser/tokenizer/keywords.js").ContextualKeyword | undefined;
-    start?: number | undefined;
-    end?: number | undefined;
-    scopeDepth?: number | undefined;
-    isType?: boolean | undefined;
-    identifierRole?: import("sucrase/dist/types/parser/tokenizer/index.js").IdentifierRole | null | undefined;
-    jsxRole?: import("sucrase/dist/types/parser/tokenizer/index.js").JSXRole | null | undefined;
-    shadowsGlobal?: boolean | undefined;
-    isAsyncOperation?: boolean | undefined;
-    contextId?: number | null | undefined;
-    rhsEndIndex?: number | null | undefined;
-    isExpression?: boolean | undefined;
-    numNullishCoalesceStarts?: number | undefined;
-    numNullishCoalesceEnds?: number | undefined;
-    isOptionalChainStart?: boolean | undefined;
-    isOptionalChainEnd?: boolean | undefined;
-    subscriptStartIndex?: number | null | undefined;
-    nullishStartIndex?: number | null | undefined;
-}[][];
-/**
- * Move forward in tokens list and return the current token.
- * @param {import('./parser.js').TokenProcessor} processor
- * @returns {import('./types.js').Token|null}
- */
-export function getNextToken(processor: import("sucrase/dist/types/TokenProcessor.js").default): import('./types.js').Token | null;
-/**
- * Move forward until `)` closes the block.
- * @param {import('./parser.js').TokenProcessor} processor
- */
-export function nextBlock(processor: import("sucrase/dist/types/TokenProcessor.js").default): void;
-/**
- * Extract comments for a code range delmited by node span.
- * @param {string} code The original code.
- * @param {number} start The start index.
- * @param {number} end The end index.
- */
-export function getNodeComments(code: string, start: number, end: number): string[];

types/index.d.ts

@@ -1,2 +0,1 @@
-export * from "./types.js";
 export * from "./parser.js";
@@ -3,0 +2,0 @@ export * from "./modules.js";

types/parser.d.ts

 /**
- * Walk through tokens and wait async visitors.
- *
- * @param {InstanceType<TokenProcessor>} processor
- * @param {(token: import('./types.js').Token, index: number, processor: InstanceType<TokenProcessor>) => void|false|Promise<void|false>} callback
+ * Walk an ast node.
+ * @param {Node} root
+ * @param {Record<string, (node: Node) => void | Promise<void>>} visitors
+ * @returns {Promise<void>}
  */
-export function walk(processor: InstanceType<typeof import("sucrase/dist/types/TokenProcessor").default>, callback: (token: import('./types.js').Token, index: number, processor: InstanceType<typeof import("sucrase/dist/types/TokenProcessor").default>) => void | false | Promise<void | false>): Promise<void>;
+export function walk(root: Node, visitors: Record<string, (node: Node) => void | Promise<void>>): Promise<void>;
 /**
@@ -12,9 +12,13 @@ * @param {string} inputCode The code to parse.
  */
-export function parse(inputCode: string, filePath?: string | undefined): {
-    program: any;
-    nameManager: any;
-    helperManager: any;
-    processor: import("sucrase/dist/types/TokenProcessor").default;
+export function parse(inputCode: string, filePath?: string | undefined): Promise<{
+    ast: any;
+    comments: import("oxc-parser").Comment[];
     helpers: {
         /**
+         * @param {number} start
+         * @param {number} end
+         * @returns {string}
+         */
+        substring(start: number, end: number): string;
+        /**
          * @param {string} code
@@ -47,4 +51,8 @@ * @param {number} [index]
     };
+}>;
+export type Node = {
+    [key: string]: any;
+    type: string;
+    start: number;
+    end: number;
 };
-export const NameManager: any;
-export const TokenProcessor: typeof import("sucrase/dist/types/TokenProcessor").default;

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Dev dependency count

2

decreased by-66.67%

Number of package files

13

increased by18.18%

Number of low supply chain risk alerts

2

decreased by-50%

Number of medium supply chain risk alerts

1

decreased by-50%

Worsened metrics

Total package byte prevSize

16071

decreased by-98.72%

Dependency count

5

increased by400%

Lines of code

437

decreased by-97.62%

Dependency changes

• + Added@napi-rs/magic-string@^0.3.4

• + Addedcjs-module-lexer@^1.2.2

• + Addedes-module-lexer@^1.0.0

• + Addedoxc-parser@^0.8.0

• + Added@napi-rs/magic-string@0.3.4(transitive)

• + Added@napi-rs/magic-string-android-arm-eabi@0.3.4(transitive)

• + Added@napi-rs/magic-string-android-arm64@0.3.4(transitive)

• + Added@napi-rs/magic-string-darwin-arm64@0.3.4(transitive)

• + Added@napi-rs/magic-string-darwin-x64@0.3.4(transitive)

• + Added@napi-rs/magic-string-freebsd-x64@0.3.4(transitive)

• + Added@napi-rs/magic-string-linux-arm-gnueabihf@0.3.4(transitive)

• + Added@napi-rs/magic-string-linux-arm64-gnu@0.3.4(transitive)

• + Added@napi-rs/magic-string-linux-arm64-musl@0.3.4(transitive)

• + Added@napi-rs/magic-string-linux-x64-gnu@0.3.4(transitive)

• + Added@napi-rs/magic-string-linux-x64-musl@0.3.4(transitive)

• + Added@napi-rs/magic-string-win32-arm64-msvc@0.3.4(transitive)

• + Added@napi-rs/magic-string-win32-ia32-msvc@0.3.4(transitive)

• + Added@napi-rs/magic-string-win32-x64-msvc@0.3.4(transitive)

• + Added@oxc-parser/binding-darwin-arm64@0.8.0(transitive)

• + Added@oxc-parser/binding-darwin-x64@0.8.0(transitive)

• + Added@oxc-parser/binding-linux-arm64-gnu@0.8.0(transitive)

• + Added@oxc-parser/binding-linux-arm64-musl@0.8.0(transitive)

• + Added@oxc-parser/binding-linux-x64-gnu@0.8.0(transitive)

• + Added@oxc-parser/binding-linux-x64-musl@0.8.0(transitive)

• + Added@oxc-parser/binding-win32-arm64-msvc@0.8.0(transitive)

• + Added@oxc-parser/binding-win32-x64-msvc@0.8.0(transitive)

• + Addedcjs-module-lexer@1.4.1(transitive)

• + Addedes-module-lexer@1.5.4(transitive)

• + Addedoxc-parser@0.8.0(transitive)