Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
cache-directory
Advanced tools
Changelog
2.0.0 - 2018-03-01
os.homedir()
is used directly instead of a ponyfillReadme
cache-directory
Find the proper cache directory based on operating system
npm install cache-directory
cache-directory
takes one argument, the app name.
var cacheDir = require('cache-directory');
console.log(cacheDir('myApp'));
When run on OS X, cache-directory
assumes it isn't run in a sandboxed process environment. If it is, it will probably break. Additionally, the app name is used instead of the conventional bundle identifier (for simplicity and because many cache-directory
consumers won't necessarily have a bundle identifier).
If a suitable cache directory can't be found, cache-directory
will return null
. You need to handle this case. A reasonable course of action would be to use a temp directory, for which you can use the cache-or-tmp-directory
module.
LGPL 3.0+
Alex Jordan alex@strugee.net
FAQs
Find the proper cache directory based on operating system
The npm package cache-directory receives a total of 24,289 weekly downloads. As such, cache-directory popularity was classified as popular.
We found that cache-directory demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.