Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@jsenv/importmap
Advanced tools
Helpers to implement importmaps.
@jsenv/importmap
can be used to implement the behaviour of importmap as described in the WICG specification. It is written using ES modules and compatible with browsers and Node.js. Amongst other things, this repository is used to provide importmap in ESLint.
npm install @jsenv/importmap
composeTwoImportMaps
takes two importMap
and return a single importMap
being the composition of the two.
import { composeTwoImportMaps } from "@jsenv/importmap"
const importMap = composeTwoImportMaps(
{
imports: {
foo: "bar",
},
},
{
imports: {
foo: "whatever",
},
},
)
console.log(JSON.stringify(importMap, null, " "))
{
"imports": {
"foo": "whatever"
}
}
— source code at src/composeTwoImportMaps.js.
normalizeImportMap
returns an importMap
resolved against an url
and sorted.
import { normalizeImportMap } from "@jsenv/importmap"
const importMap = normalizeImportMap(
{
imports: {
foo: "./bar",
"./ding.js": "./dong.js"
},
},
"http://your-domain.com",
)
console.log(JSON.stringify(importMap, null, ' ')
{
"imports": {
"foo": "http://your-domain.com/bar",
"http://your-domain.com/ding.js": "http://your-domain.com/dong.js"
}
}
— source code at src/normalizeImportMap.js.
resolveImport
returns an import url
applying an importMap
to specifier
and importer
. The provided importMap
must be resolved and sorted to work as expected. You can use normalizeImportMap to do that.
import { resolveImport } from "@jsenv/importmap"
const importUrl = resolveImport({
specifier: "../index.js",
importer: "http://domain.com/folder/file.js",
importMap: {
imports: {
"http://domain.com/index.js": "http://domain.com/main.js",
},
},
})
console.log(importUrl)
http://domain.com/main.js
— source code at src/resolveImport.js.
moveImportMap
receives importMap
, fromUrl
, toUrl
and return an importmap where all relative urls and specifiers becomes relative to toUrl
instead of fromUrl
.
This function exists in case you need to move an importmap file somewhere else in the filesystem. This is not a common use case but might happen.
import { moveImportMap } from "@jsenv/importmap"
const importMapMoved = moveImportMap(
{
imports: {
foo: "./foo.js",
},
},
"file:///project/project.importmap",
"file:///project/dir/project.importmap",
)
console.log(JSON.stringify(importMap, null, ' ')
{
"imports": {
"foo": "../foo.js",
}
}
— source code at src/moveImportMap.js.
FAQs
Helpers to implement importmaps
We found that @jsenv/importmap demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.