Product
Introducing Repository Access Permissions and Custom Roles
Socket now supports Custom Roles and Repository Access Permissions so organizations can control who can access specific repositories and actions.
By Joe Werle - Jun 19, 2026
🚀 Socket Launch Week Day 5:Introducing Repository Access Permissions and Custom Roles.Learn more →
@pnpm/dependency-path
Advanced tools
@pnpm/dependency-path
Utilities for working with symlinked node_modules
Like path but for packages in a symlinked node_modules. Symlinked node_modules is a unique dependencies layout that
pnpm creates.
Installation
pnpm add @pnpm/dependency-path
Usage
const dependencyPath = require('@pnpm/dependency-path')
const registry = 'https://registry.npmjs.org/'
console.log(dependencyPath.isAbsolute('/foo/1.0.0'))
//> false
// it is confusing currently because relative starts with /.
// It will be changed in the future to vice versa
console.log(dependencyPath.resolve(registry, '/foo/1.0.0'))
//> registry.npmjs.org/foo/1.0.0
console.log(dependencyPath.relative(registry, 'registry.npmjs.org/foo/1.0.0'))
//> /foo/1.0.0
console.log(dependencyPath.refToAbsolute('1.0.1', 'foo', registry))
//> registry.npmjs.org/foo/1.0.1
console.log(dependencyPath.refToAbsolute('github.com/foo/bar/twe0jger043t0ew', 'foo', registry))
//> github.com/foo/bar/twe0jger043t0ew
console.log(dependencyPath.refToRelative('1.0.1', 'foo', registry))
//> /foo/1.0.1
console.log(dependencyPath.parse('/foo/2.0.0'))
//> { isAbsolute: false, name: 'foo', version: '2.0.0' }
License
MIT
Other packages similar to @pnpm/dependency-path
resolve
The 'resolve' package is used to resolve module paths in Node.js. It provides similar functionality in terms of resolving paths but is more focused on module resolution rather than dependency path manipulation.
dependency-tree
The 'dependency-tree' package generates a dependency tree for a given module. While it provides insights into dependencies, it is more focused on visualizing and analyzing dependency trees rather than manipulating dependency paths.
read-pkg-up
The 'read-pkg-up' package reads the closest package.json file. It is useful for retrieving package information but does not offer the same level of path manipulation capabilities as @pnpm/dependency-path.
Keywords
FAQs
Utilities for working with symlinked node_modules
The npm package @pnpm/dependency-path receives a total of 2,507,967 weekly downloads. As such, @pnpm/dependency-path popularity was classified as popular.
We found that @pnpm/dependency-path demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 10 Jun 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket MCP Adds Org Alerts, Threat Feed Review, and Package Inspection
Socket MCP now lets AI assistants review org alerts, investigate threats using the Socket threat feed, and inspect package files in addition to dependency scoring.
By John Tuckner - Jun 18, 2026
Product
Socket Firewall Now Blocks Malicious VS Code and Open VSX Extensions
Socket Firewall blocks malicious VS Code and Open VSX extensions before install, protecting developers from compromised editor marketplaces.
By John Tuckner - Jun 17, 2026