Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
app-module-path
Advanced tools
Simple module to add additional directories to the Node module search for top-level app modules
The app-module-path npm package allows you to add directories to the Node.js module search path, making it easier to require modules without using relative paths.
Add a single directory to the module search path
This feature allows you to add a single directory to the module search path. In this example, the 'lib' directory is added, making it possible to require modules from 'lib' without using relative paths.
const path = require('path');
require('app-module-path').addPath(path.join(__dirname, 'lib'));
Add multiple directories to the module search path
This feature allows you to add multiple directories to the module search path. In this example, both 'lib1' and 'lib2' directories are added, making it possible to require modules from either directory without using relative paths.
const path = require('path');
const appModulePath = require('app-module-path');
appModulePath.addPath(path.join(__dirname, 'lib1'));
appModulePath.addPath(path.join(__dirname, 'lib2'));
Add a directory to the module search path using environment variables
This feature allows you to add a directory to the module search path using environment variables. In this example, the 'lib' directory is added to NODE_PATH, and the module paths are re-initialized to include this directory.
process.env.NODE_PATH = path.join(__dirname, 'lib');
require('module').Module._initPaths();
The module-alias package allows you to create custom module aliases and register directories for module resolution. It provides similar functionality to app-module-path but also includes the ability to create aliases for specific modules.
The require-alias package allows you to define aliases for module paths, making it easier to require modules without using relative paths. It is similar to app-module-path but focuses more on aliasing specific module paths rather than adding directories to the search path.
The rechoir package allows you to register require hooks for different file types, enabling you to require modules with non-standard extensions. While it provides some overlapping functionality with app-module-path, it is more focused on handling different file types rather than modifying the module search path.
This simple module enables you to add additional directories to the Node.js module search path (for top-level app modules only). This allows application-level modules to be required as if they were installed into the node_modules
directory.
npm install app-module-path --save
// ***IMPORTANT**: The following line should be added to the very
// beginning of your main script!
require('app-module-path').addPath(baseDir);
IMPORTANT: The search path should be modified before any modules are loaded!
Example:
In your my-app/index.js
(or my-app/server.js
) file:
// Add the root project directory to the app module search path:
require('app-module-path').addPath(__dirname);
Given the following example directory structure:
The following will work for any modules under the src
directory:
// All of the following lines will work in "src/foo/index.js" and "src/bar/index.js":
var foo = require('src/foo'); // Works
var bar = require('src/bar'); // Works
var baz = require('installed-baz'); // Works
Lastly, by design, installed modules (i.e. modules under the node_modules
directory) will not be able to require application-level modules so the following will not work:
// All of the following lines will *not* work in "node_modules/installed-baz/index.js"!
var foo = require('src/foo'); // Fails
var bar = require('src/bar'); // Fails
app-module-path/register
)This module supports an alternate method of adding a path to the Node.js module search path that requires less code. Requiring or importing the app-module-path/register
module will result in the directory of the calling module being added to the Node.js module search path as shown below:
By default, app-module-path
will not attempt to resolve app modules from a directory that is found to be within a node_modules
directory. This behavior can be changed by explicitly enabling app-module-path
to work for descendent modules of a specific directory. For example:
var packageDir = path.dirname(require.resolve('installed-module-allowed'));
require('../').enableForDir(packageDir);
require('app-module-path/register');
// Is equivalent to:
require('app-module-path').addPath(__dirname);
import "app-module-path/register";
// Is equivalent to:
import { addPath } from 'app-module-path';
addPath(__dirname);
app-module-path/cwd
)Additionally, requiring or importing app-module-path/cwd
will result in the current working directory of the Node.js process being added to the module search path as shown below:
require('app-module-path/cwd');
// Is equivalent to:
require('app-module-path').addPath(process.cwd());
import "app-module-path/cwd";
// Is equivalent to:
import { addPath } from 'app-module-path';
addPath(process.cwd());
Search path order:
node_modules
directory and an application module directory then the module in the node_modules
directory will be loaded since it is found first.
This behavior is new in v2.x. In v1.x, this search order was reversedNode.js compatibility:
node_modules
directory.Recommendations:
my-app/src
or my-app/app_modules
) and then to add the application root to the search path. The require calls would then be something like require('src/foo')
or require('app_modules/foo')
. The common prefix makes it more clear that the module can be found in the application's modules directory and not in the node_modules
directory.Pull requests, bug reports and feature requests welcome.
BSD-2-Clause
FAQs
Simple module to add additional directories to the Node module search for top-level app modules
We found that app-module-path demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.