Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

analyze-es6-modules

Package Overview
Dependencies
Maintainers
2
Versions
5
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

analyze-es6-modules

Performs static analysis of ES6 modules in your codebase.

  • 0.6.2
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
0
Maintainers
2
Weekly downloads
 
Created
Source

analyze-es6-modules Build Status

analyze-es6-modules is a program that reads and statically analyzes ES6 module statements in your Javascript project. It builds a list of all modules in your project, including their imports and exports, then determines if those imports and exports align. It can warn about mistakes such as bad module references or bad imports, and even warn about unused exports. The task is highly configurable so that it can adapt to a wide range of projects.

Usage

This module exports only a single function that returns an A+ promise, so it can be used like so:

var analyzeModules = require('analyze-es6-modules');

analyzeModules(configuration).then(resolvedHandler, rejectedHandler);

Configuration

The exported function takes an object of configuration options that are described below.

  • cwd: The main root of your project. All of your sources should lie somewhere in this directory tree. If left out, process.cwd() will be used instead.
  • sources: An array of globbing patterns that point to your source files. You can prefix any globbing pattern with a ! to specifically exclude those files (this goes against what the node-glob documentation says). Your patterns should only point to files that contain Javascript source code, do not include any other type of file as it will cause errors.
  • fileReader: A function that takes an absolute file path and returns a promise that resolves to the contents of the file. If left out a function that reads from the file system will be used. But you can override this function if you have a more efficient way of getting file contents (such as a cache or stream).
  • aliases: An object that contains module aliases used in your sources. There are two types of aliases: module aliases and path aliases. Module aliases are direct 1-to-1 mappings from one module to another. Path aliases are path prefixes used to create shortcuts and redirects. The format is better seen in the example below:
const aliases = {
   module: {
       // When you import from `config`, it'll actually import from `source/config/all`
       // Note that module aliases can NOT be relative paths.
       'config': 'source/config/all'
   },
   path: {
       // This makes all `app/*` references point to the root of your project
       // Note that the prefix must end with a slash
       // The destination is relative to your project root, must begin with a dot, and cannot end with a slash
       'app/': '.',
       // This will route something like `util/time` to `source/misc/util/time`
       'util/': './source/misc/util'
   }
}
  • babel: These are options that may be passed to Babel when parsing. At this time only plugins are supported. By using plugins you can expand the available syntax to include non-standard synatx (like JSX or Flow).
{
    "plugins": [require('babel-plugin-syntax-jsx'), require('babel-plugin-syntax-flow')]
}
  • predefined: This is an object containing modules that can be used but do not exist within your project directly. This is where you can include module descriptions for things like third-party libraries.
{
    // Using `true` will allow you to import anything from the `d3` module
    "d3": true,
    // This will only allow you to import a default import from the `jQuery` module
    "jQuery": {
        'default': true
    },
    // This will only allow you to import the `forEach` and `filter` named exports from `lodash`
    "lodash": {
        'default': false,
        named: ['forEach', 'filter']
    }
}
  • ignoreUnused: This is an object containing rules for ignoring unused warnings for modules and exports.
{
    // Using `true` will ignore any unused warnings from that module
    "index": true,
    // This will ignore unused default export warnings
    "class": {
        'default': true
    },
    // This will ignore unused named export warnings for 'pi' and 'e'
    "math": {
        'default': false,
        named: ['pi', 'e']
    }
}
  • resolveModulePath: A function that can replace any module path with an arbitrary user-defined module. The function receives a single object argument with three properties:
  • cwd: The analyzer's current working directory
  • path: The path that can be resolved to a different path
  • importingModulePath: The resolved path of the module importing the path above The function can either return a string which is the new path that will be used, or undefined to signal that the path should be resolved in the default manner.

Note that this function is called before any other kind of resolution is done, including aliases. Here's a usage example:

resolveModulePath: function(options) {
    if (options.path.indexOf('/old_directory/') >= 0) {
        return options.path.replace('/old_directory/', '/new_directory/');
    }
    
    if (options.path === 'config') {
        return 'app/configuration/main';
    }
}

Output

The output format is still somewhat in flux, but should remain mostly backwards compatible. You can find a description of it using Typescript interfaces here. For more real-world examples, check out the test scenarios here. The output format was designed to be flexible enough to report the issues in a project-specific manner.

Plugins

A Grunt plugin can be found here.

Development

TODO

Keywords

FAQs

Package last updated on 07 Jun 2017

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc