Security News
Highlights from the 2024 Rails Community Survey
A record 2,709 developers participated in the 2024 Ruby on Rails Community Survey, revealing key tools, practices, and trends shaping the Rails ecosystem.
@contrast/require-hook
Advanced tools
Intercept calls to require
in order to modify or replace exports.
RequireHook
const RequireHook = require('./lib');
const requireHook = new RequireHook();
.resolve(descriptor, ...handlers)
Options:
descriptor
: This can be a string or an object describing the module you want to intercept.
If a string is used, or if the version field of the descriptor isn't set, all versions of the
described module will be matched. Descriptors can have a name
, version
, and file
property.
handlers
: The remaning arguments are the handlers which will be invoked when the described
module is require
'd. Each handler is passed the exported module and metadata including the
module's root directory and its name and version as seen in its package.json
file. If a
handler returns a truthy value, then that value will replace the return value of require
.
Note: Registered handlers run once per unique instance of an export matching a descriptor.
.install()
This will monkey-patch Module.prototype.require
so that exports can be intercepted. The
monkey-patching will only happen once regardless of how many times this is invoked.
.uninstall()
This will reset Module.prototype.require
to its value before being monkey-patched by the instance.
Use case: For express
versions greater than or equal to 4, intercept the export of the
package's lib/view.js
file (relative to the package's base directory) and apply a tag to the
exported function.
const RequireHook = require('./lib');
const requireHook = new RequireHook();
requireHook.resolve({
name: 'express',
version: '>=4',
file: 'lib/view.js'
},
(xport, metadata) => {
// Read from the package.json:
// - metadata.name
// - metadata.version
// Absolute path to file:
// - metadata.packageDir
// xport === function View() { /*...*/ }
xport['I was intercepted'] = true;
}
);
Use case: Intercept all versions of body-parser
and replace the exported functions.
const RequireHook = require('./lib');
const requireHook = new RequireHook();
requireHook.resolve({ name: 'body-parser' }, (xport, metadata) => {
// Read from the package.json:
// - metadata.name
// - metadata.version
// Absolute path to file:
// - metadata.packageDir
// xport === function bodyParser() { /*...*/ }
return function bodyParserReplacement() {
/*...*/
}
}
);
FAQs
Post hooks for Module.prototype.require
The npm package @contrast/require-hook receives a total of 7,572 weekly downloads. As such, @contrast/require-hook popularity was classified as popular.
We found that @contrast/require-hook demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A record 2,709 developers participated in the 2024 Ruby on Rails Community Survey, revealing key tools, practices, and trends shaping the Rails ecosystem.
Security News
In 2023, data breaches surged 78% from zero-day and supply chain attacks, but developers are still buried under alerts that are unable to prevent these threats.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.