New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket

@embroider/reverse-exports

Package Overview
Dependencies
Maintainers
0
Versions
182
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@embroider/reverse-exports - npm Package Compare versions

Comparing version 0.1.1-unstable.93b39c4 to 0.1.1-unstable.947c6d2

LICENSE

10

package.json
{
"name": "@embroider/reverse-exports",
"version": "0.1.1-unstable.93b39c4",
"version": "0.1.1-unstable.947c6d2",
"description": "",
"main": "src/index.js",
"scripts": {
"test": "jest"
},
"keywords": [],

@@ -14,3 +11,6 @@ "author": "",

"resolve.exports": "^2.0.2"
},
"scripts": {
"test": "jest"
}
}
}
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports._prepareStringForRegex = exports._findPathRecursively = void 0;
exports._findPathRecursively = _findPathRecursively;
exports.externalName = externalName;
exports._prepareStringForRegex = _prepareStringForRegex;
const path_1 = require("path");

@@ -63,8 +65,15 @@ const resolve_exports_1 = require("resolve.exports");

}
exports._findPathRecursively = _findPathRecursively;
function reversePackageExports({ exports: exportsObj, name }, relativePath) {
if (!exportsObj) {
return path_1.posix.join(name, relativePath);
/*
Takes a relativePath that is relative to the package root and produces its
externally-addressable name.
Returns undefined for a relativePath that is forbidden to be accessed from the
outside.
*/
function externalName(pkg, relativePath) {
let { exports } = pkg;
if (!exports) {
return path_1.posix.join(pkg.name, relativePath);
}
const maybeKeyValuePair = _findPathRecursively(exportsObj, candidate => {
const maybeKeyValuePair = _findPathRecursively(exports, candidate => {
const regex = new RegExp(_prepareStringForRegex(candidate));

@@ -74,3 +83,3 @@ return regex.test(relativePath);

if (!maybeKeyValuePair) {
throw new Error(`You tried to reverse exports for the file \`${relativePath}\` in package \`${name}\` but it does not match any of the exports rules defined in package.json. This means it should not be possible to access directly.`);
return undefined;
}

@@ -81,3 +90,3 @@ const { key, value } = maybeKeyValuePair;

}
const maybeResolvedPaths = (0, resolve_exports_1.exports)({ name, exports: { [value]: key } }, relativePath);
const maybeResolvedPaths = (0, resolve_exports_1.exports)({ name: pkg.name, exports: { [value]: key } }, relativePath);
if (!maybeResolvedPaths) {

@@ -87,5 +96,4 @@ throw new Error(`Bug Discovered! \`_findPathRecursively()\` must always return a string value but instead it found a ${typeof value}. Please report this as an issue to https://github.com/embroider-build/embroider/issues/new`);

const [resolvedPath] = maybeResolvedPaths;
return resolvedPath.replace(/^./, name);
return path_1.posix.join(pkg.name, resolvedPath);
}
exports.default = reversePackageExports;
function _prepareStringForRegex(input) {

@@ -101,3 +109,2 @@ let result = input

}
exports._prepareStringForRegex = _prepareStringForRegex;
//# sourceMappingURL=index.js.map
import { posix } from 'path';
import { exports as resolveExports } from 'resolve.exports';
type PkgJSON = { name: string; exports?: Exports };
type Exports = string | string[] | { [key: string]: Exports };

@@ -75,11 +76,16 @@

export default function reversePackageExports(
{ exports: exportsObj, name }: { exports?: Exports; name: string },
relativePath: string
): string {
if (!exportsObj) {
return posix.join(name, relativePath);
/*
Takes a relativePath that is relative to the package root and produces its
externally-addressable name.
Returns undefined for a relativePath that is forbidden to be accessed from the
outside.
*/
export function externalName(pkg: PkgJSON, relativePath: string): string | undefined {
let { exports } = pkg;
if (!exports) {
return posix.join(pkg.name, relativePath);
}
const maybeKeyValuePair = _findPathRecursively(exportsObj, candidate => {
const maybeKeyValuePair = _findPathRecursively(exports, candidate => {
const regex = new RegExp(_prepareStringForRegex(candidate));

@@ -91,5 +97,3 @@

if (!maybeKeyValuePair) {
throw new Error(
`You tried to reverse exports for the file \`${relativePath}\` in package \`${name}\` but it does not match any of the exports rules defined in package.json. This means it should not be possible to access directly.`
);
return undefined;
}

@@ -103,3 +107,3 @@

const maybeResolvedPaths = resolveExports({ name, exports: { [value]: key } }, relativePath);
const maybeResolvedPaths = resolveExports({ name: pkg.name, exports: { [value]: key } }, relativePath);

@@ -114,3 +118,3 @@ if (!maybeResolvedPaths) {

return resolvedPath.replace(/^./, name);
return posix.join(pkg.name, resolvedPath);
}

@@ -117,0 +121,0 @@

@@ -1,6 +0,6 @@

import reversePackageExports, { _findPathRecursively, _prepareStringForRegex } from '../src';
import { externalName, _findPathRecursively, _prepareStringForRegex } from '../src';
describe('reverse exports', function () {
it('exports is missing', function () {
expect(reversePackageExports({ name: 'best-addon' }, './dist/_app_/components/face.js')).toBe(
expect(externalName({ name: 'best-addon' }, './dist/_app_/components/face.js')).toBe(
'best-addon/dist/_app_/components/face.js'

@@ -11,3 +11,3 @@ );

it('exports is a string', function () {
const actual = reversePackageExports(
const actual = externalName(
{

@@ -23,3 +23,3 @@ name: 'my-addon',

it('exports is an object with one entry', function () {
const actual = reversePackageExports(
const actual = externalName(
{

@@ -48,8 +48,8 @@ name: 'my-addon',

};
expect(reversePackageExports(packageJson, './main.js')).toBe('my-addon');
expect(reversePackageExports(packageJson, './secondary.js')).toBe('my-addon/sub/path');
expect(reversePackageExports(packageJson, './directory/some/file.js')).toBe('my-addon/prefix/some/file.js');
expect(reversePackageExports(packageJson, './other-directory/file.js')).toBe('my-addon/prefix/deep/file.js');
expect(reversePackageExports(packageJson, './yet-another/deep/file.js')).toBe('my-addon/other-prefix/deep/file');
expect(reversePackageExports(packageJson, './grod/very/deep/file.js')).toBe('my-addon/glob/very/deep/file');
expect(externalName(packageJson, './main.js')).toBe('my-addon');
expect(externalName(packageJson, './secondary.js')).toBe('my-addon/sub/path');
expect(externalName(packageJson, './directory/some/file.js')).toBe('my-addon/prefix/some/file.js');
expect(externalName(packageJson, './other-directory/file.js')).toBe('my-addon/prefix/deep/file.js');
expect(externalName(packageJson, './yet-another/deep/file.js')).toBe('my-addon/other-prefix/deep/file');
expect(externalName(packageJson, './grod/very/deep/file.js')).toBe('my-addon/glob/very/deep/file');
});

@@ -64,4 +64,4 @@

};
expect(reversePackageExports(packageJson, './good-things/apple.js')).toBe('my-addon/things/apple.js');
expect(reversePackageExports(packageJson, './bad-things/apple.js')).toBe('my-addon/things/apple.js');
expect(externalName(packageJson, './good-things/apple.js')).toBe('my-addon/things/apple.js');
expect(externalName(packageJson, './bad-things/apple.js')).toBe('my-addon/things/apple.js');
});

@@ -78,5 +78,5 @@

};
expect(reversePackageExports(packageJson, './index-module.js')).toBe('my-addon');
expect(reversePackageExports(packageJson, './index-require.cjs')).toBe('my-addon');
expect(reversePackageExports(packageJson, './index.js')).toBe('my-addon');
expect(externalName(packageJson, './index-module.js')).toBe('my-addon');
expect(externalName(packageJson, './index-require.cjs')).toBe('my-addon');
expect(externalName(packageJson, './index.js')).toBe('my-addon');
});

@@ -95,5 +95,5 @@

};
expect(reversePackageExports(packageJson, './index-module.js')).toBe('my-addon');
expect(reversePackageExports(packageJson, './index-require.cjs')).toBe('my-addon');
expect(reversePackageExports(packageJson, './index.js')).toBe('my-addon');
expect(externalName(packageJson, './index-module.js')).toBe('my-addon');
expect(externalName(packageJson, './index-require.cjs')).toBe('my-addon');
expect(externalName(packageJson, './index.js')).toBe('my-addon');
});

@@ -112,5 +112,5 @@

};
expect(reversePackageExports(packageJson, './index.js')).toBe('my-addon');
expect(reversePackageExports(packageJson, './feature-node.cjs')).toBe('my-addon/feature.js');
expect(reversePackageExports(packageJson, './feature.js')).toBe('my-addon/feature.js');
expect(externalName(packageJson, './index.js')).toBe('my-addon');
expect(externalName(packageJson, './feature-node.cjs')).toBe('my-addon/feature.js');
expect(externalName(packageJson, './feature.js')).toBe('my-addon/feature.js');
});

@@ -129,8 +129,8 @@

};
expect(reversePackageExports(packageJson, './feature-node.mjs')).toBe('my-addon');
expect(reversePackageExports(packageJson, './feature-node.cjs')).toBe('my-addon');
expect(reversePackageExports(packageJson, './feature.mjs')).toBe('my-addon');
expect(externalName(packageJson, './feature-node.mjs')).toBe('my-addon');
expect(externalName(packageJson, './feature-node.cjs')).toBe('my-addon');
expect(externalName(packageJson, './feature.mjs')).toBe('my-addon');
});
it('should throw when no exports entry is matching', function () {
it('should return undefined when no exports entry is matching', function () {
const packageJson = {

@@ -147,5 +147,3 @@ name: 'my-addon',

expect(() => reversePackageExports(packageJson, './foo.bar')).toThrow(
'You tried to reverse exports for the file `./foo.bar` in package `my-addon` but it does not match any of the exports rules defined in package.json. This means it should not be possible to access directly.'
);
expect(externalName(packageJson, './foo.bar')).toBe(undefined);
});

@@ -166,3 +164,3 @@

expect(reversePackageExports(packageJson, './dist/_app_/components/welcome-page.js')).toBe(
expect(externalName(packageJson, './dist/_app_/components/welcome-page.js')).toBe(
'my-v2-addon/_app_/components/welcome-page'

@@ -169,0 +167,0 @@ );

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc