Product
Introducing Socket Optimize
We're excited to introduce Socket Optimize, a powerful CLI command to secure open source dependencies with tested, optimized package overrides.
@contrast/require-hook
Advanced tools
Intercept calls to require
in order to modify or replace exports.
RequireHook
const RequireHook = require('./lib');
const requireHook = new RequireHook();
.resolve(descriptor, ...handlers)
Options:
descriptor
: This can be a string or an object describing the module you want to intercept.
If a string is used, or if the version field of the descriptor isn't set, all versions of the
described module will be matched. Descriptors can have a name
, version
, and file
property.
handlers
: The remaning arguments are the handlers which will be invoked when the described
module is require
'd. Each handler is passed the exported module and metadata including the
module's root directory and its name and version as seen in its package.json
file. If a
handler returns a truthy value, then that value will replace the return value of require
.
Note: Registered handlers run once per unique instance of an export matching a descriptor.
.install()
This will monkey-patch Module.prototype.require
so that exports can be intercepted. The
monkey-patching will only happen once regardless of how many times this is invoked.
.uninstall()
This will reset Module.prototype.require
to its value before being monkey-patched by the instance.
Use case: For express
versions greater than or equal to 4, intercept the export of the
package's lib/view.js
file (relative to the package's base directory) and apply a tag to the
exported function.
const RequireHook = require('./lib');
const requireHook = new RequireHook();
requireHook.resolve({
name: 'express',
version: '>=4',
file: 'lib/view.js'
},
(xport, metadata) => {
// Read from the package.json:
// - metadata.name
// - metadata.version
// Absolute path to file:
// - metadata.packageDir
// xport === function View() { /*...*/ }
xport['I was intercepted'] = true;
}
);
Use case: Intercept all versions of body-parser
and replace the exported functions.
const RequireHook = require('./lib');
const requireHook = new RequireHook();
requireHook.resolve({ name: 'body-parser' }, (xport, metadata) => {
// Read from the package.json:
// - metadata.name
// - metadata.version
// Absolute path to file:
// - metadata.packageDir
// xport === function bodyParser() { /*...*/ }
return function bodyParserReplacement() {
/*...*/
}
}
);
FAQs
Post hooks for Module.prototype.require
We found that @contrast/require-hook demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
We're excited to introduce Socket Optimize, a powerful CLI command to secure open source dependencies with tested, optimized package overrides.
Product
We're excited to announce that Socket now supports the Java programming language.
Security News
Socket detected a malicious Python package impersonating a popular browser cookie library to steal passwords, screenshots, webcam images, and Discord tokens.