@peggyjs/from-mem
Advanced tools
Load a string as if it was an esm or commonjs module with a given filename.
Execute some text in memory as if it was a file with a given name, so that all of the imports/require's happen out of that directory's associated node_modules directory or relative to where the file would have been.
This is NOT intended to be a security boundary. In particular, all files will be required or imported through the node module cache.
This code was originally a part of peggy, but was refactored out when it was needed in a related project. Several ideas in this code came from the module-from-string and eval modules -- thanks to those authors.
npm install @peggyjs/from-mem
import fromMem from "@peggyjs/from-mem"; // or require("@peggyjs/from-mem")
const mod = await fromMem(`
import foo from "../foo.js" // Loads ./test/foo.js
export function bar() {
return foo() + 2;
}
`, {
filename: path.join(__dirname, "test", "fixtures", "test.js"),
format: "es",
});
mod.bar();
"filename" is the only required option.
fromMem(code: string, options: FromMemOptions): Promise<unknown>
export type FromMemOptions = {
/**
* What format does the code have? "guess" means to read the closest
* package.json file looking for the "type" key.
* Default: "commonjs".
*/
format?: "bare" | "commonjs" | "es" | "globals" | "guess";
/**
* What is the fully-qualified synthetic filename for the code? Most
* important is the directory, which is used to find modules that the
* code import's or require's.
*/
filename: string;
/**
* Variables to make availble in the global scope while code is being evaluated.
*/
context?: object;
/**
* Include the typical global properties that node gives to all modules.
* (e.g. Buffer, process). Default: true
*/
includeGlobals?: boolean;
/**
* For type "globals", what name is exported from the module?
*/
globalExport?: string;
/**
* Specifies the line number offset that is displayed in stack traces
* produced by this script.
*/
lineOffset?: number | undefined;
/**
* Specifies the first-line column number ffset that is displayed in stack
* traces produced by this script.
*/
columnOffset?: number | undefined;
};
--experimental-vm-modules flag
for node for the moment. Hopefully, we will track changes to the API as
they happen.
FAQs
Load a string as if it was an esm or commonjs module with a given filename.
The npm package @peggyjs/from-mem receives a total of 43,524 weekly downloads. As such, @peggyjs/from-mem popularity was classified as popular.
We found that @peggyjs/from-mem demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.