@npmcli/promise-spawn
Advanced tools
The @npmcli/promise-spawn package is designed to execute shell commands or scripts with a promise-based interface. It simplifies working with child processes in Node.js by providing a straightforward way to spawn processes and handle their output, errors, and exit codes asynchronously. This package is particularly useful for building Node.js applications that need to interact with the system's shell or execute external commands as part of their operation.
Executing a simple command
This feature allows you to execute a simple command (in this case, 'echo') and print its output, error output, and exit code. The 'stdioString' option is used to treat the output and error as strings.
const promiseSpawn = require('@npmcli/promise-spawn');
async function runCommand() {
const { stdout, stderr, code } = await promiseSpawn('echo', ['Hello, world!'], { stdioString: true });
console.log(`Output: ${stdout}`);
console.error(`Error: ${stderr}`);
console.log(`Exit code: ${code}`);
}
runCommand();Executing a command with error handling
This feature demonstrates executing a command that is expected to fail (attempting to list a nonexistent directory) and handling the error gracefully. The catch block captures the error, allowing the application to respond appropriately.
const promiseSpawn = require('@npmcli/promise-spawn');
async function runCommandWithErrorHandling() {
try {
const { stdout } = await promiseSpawn('ls', ['-l', '/nonexistent'], { stdioString: true });
console.log(`Output: ${stdout}`);
} catch (err) {
console.error(`Error: ${err.message}`);
}
}
runCommandWithErrorHandling();Execa is a popular alternative to @npmcli/promise-spawn for executing shell commands. It offers a richer API, including support for synchronous execution, better Windows support, and more detailed control over the child process. Compared to @npmcli/promise-spawn, execa might be preferred for more complex use cases requiring these additional features.
Child-process-promise provides promise-based wrappers for the Node.js child_process module functions. Similar to @npmcli/promise-spawn, it simplifies working with child processes by returning promises. However, it sticks closer to the original Node.js API, making it a good choice for those who prefer a minimal abstraction layer.
Spawn processes the way the npm cli likes to do. Give it some options, it'll give you a Promise that resolves or rejects based on the results of the execution.
const promiseSpawn = require('@npmcli/promise-spawn')
promiseSpawn('ls', [ '-laF', 'some/dir/*.js' ], {
cwd: '/tmp/some/path', // defaults to process.cwd()
stdioString: true, // stdout/stderr as strings rather than buffers
stdio: 'pipe', // any node spawn stdio arg is valid here
// any other arguments to node child_process.spawn can go here as well,
}, {
extra: 'things',
to: 'decorate',
the: 'result',
}).then(result => {
// {code === 0, signal === null, stdout, stderr, and all the extras}
console.log('ok!', result)
}).catch(er => {
// er has all the same properties as the result, set appropriately
console.error('failed!', er)
})
promiseSpawn(cmd, args, opts, extra) -> PromiseRun the command, return a Promise that resolves/rejects based on the process result.
Result or error will be decorated with the properties in the extra
object. You can use this to attach some helpful info about why the
command is being run, if it makes sense for your use case.
If stdio is set to anything other than 'inherit', then the result/error
will be decorated with stdout and stderr values. If stdioString is
set to true, these will be strings. Otherwise they will be Buffer
objects.
Returned promise is decorated with the stdin stream if the process is set
to pipe from stdin. Writing to this stream writes to the stdin of the
spawned process.
stdioString Boolean, default true. Return stdout/stderr output as
strings rather than buffers.cwd String, default process.cwd(). Current working directory for
running the script. Also the argument to infer-owner to determine
effective uid/gid when run as root on Unix systems.shell Boolean or String. If false, no shell is used during spawn. If true,
the system default shell is used. If a String, that specific shell is used.
When a shell is used, the given command runs from within that shell by
concatenating the command and its escaped arguments and running the result.
This option is not passed through to child_process.spawn.child_process.spawn can be passed as well.promiseSpawn.open(arg, opts, extra) -> PromiseUse the operating system to open arg with a default program. This is useful
for things like opening the user's default browser to a specific URL.
Depending on the platform in use this will use start (win32), open (darwin)
or xdg-open (everything else). In the case of Windows Subsystem for Linux we
use the default win32 behavior as it is much more predictable to open the arg
using the host operating system.
Options are identical to promiseSpawn except for the following:
command String, the command to use to open the file in question. Default is
one of start, open or xdg-open depending on platform in use.7.0.1 (2023-12-21)
d3ba687 #97 postinstall for dependabot template-oss PR (@lukekarrys)cf18492 #97 bump @npmcli/template-oss from 4.21.1 to 4.21.3 (@dependabot[bot])c72524e #95 postinstall for dependabot template-oss PR (@lukekarrys)8102197 #95 bump @npmcli/template-oss from 4.19.0 to 4.21.1 (@dependabot[bot])3d54f38 #76 postinstall for dependabot template-oss PR (@lukekarrys)ca63a18 #76 bump @npmcli/template-oss from 4.18.1 to 4.19.0 (@dependabot[bot])e3e359f #74 postinstall for dependabot template-oss PR (@lukekarrys)cc8e9c9 #74 bump @npmcli/template-oss from 4.18.0 to 4.18.1 (@dependabot[bot])FAQs
spawn processes the way the npm cli likes to do
The npm package @npmcli/promise-spawn receives a total of 6,441,772 weekly downloads. As such, @npmcli/promise-spawn popularity was classified as popular.
We found that @npmcli/promise-spawn demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.