Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
commonjs-walker
Advanced tools
Analyzes and walks down the dependencies from a commonjs entry and creates a walking tree.
var walker = require('commonjs-walker');
NOTICE that it will not walk down node_modules
and any foreign packages.
require()
a directory..js
, .json
, and then .node
, according to File Moduleswalker('/path/to/entry.js', options, function(err, nodes){
// ...
});
Returns an EventEmitter.
Walks down from a entry point, such as package.main
of commonjs or any JavaScript file based on CommonJS, and tries to create a walker.Module
instance of the top level.
Path
the absolute path of the entry point.Object
the hashmap of <path>: <walker.Module>
If the file structure of your project is (actually it is a very extreme scenario):
/path/to
|-- index.js
|-- a.png
|-- a
|-- index.json
index.js:
require('./a');
require('b');
var image = require.resolve('./a.png')
a/index.json
{}
Code:
walker('/path/to/index.js', function(err, nodes){
console.log(nodes);
});
Then, the nodes
object will be something like:
{
'/path/to/index.js': {
entry: true,
require: {
'./a': '/path/to/a/index.json',
'b': 'b'
},
resolve: {
'./a.png': '/path/to/a.png'
}
},
'/path/to/a.png': {
require: {}
}
'/path/to/a/index.json': {
require: {}
},
'b': {
foreign: true
}
}
All options are optional. By default, walker
works in a very strict mode.
Option | Type | Default | Description |
---|---|---|---|
allow_cyclic | Boolean | true | whether should check cyclic dependencies |
check_require_length | Boolean | false | whether should check the arguments.length of method require() |
allow_non_literal_require | Boolean | true | whether should check the usage of method require() . If false, the argument of require() must be an literal string. |
comment_require | Boolean | true | whether should parse @require() , @require.resolve and @require.async in comments. |
require_resolve | Boolean | true | whether should analysis the usage of require.resolve() . |
require_async | Boolean | true | whether should record the usage of require.async() . |
allow_absolute_path | Boolean | true | whether should allow to require an absolute path. |
extensions | Array | ['.js', '.json', '.node'] | see options.extensions section |
as | Object | {} | An object map that define the alias of the parameter of require |
type Array
When we require()
a path
, if path
is not found, nodejs will attempt to load the required filename with the added extension of .js
, .json
, and then .node
. Reference via
But for browser-side environment, most usually, we do not support extension .node
which is what options.extensions
is for.
Especially, only tree values below are allowed:
['.js']
['.js', '.json']
,['.js', '.json', '.node']
{
allow_cyclic: false,
strict_require: true,
allow_absolute_path: false,
extensions: ['.js', '.json']
}
warn
String
Emits if there is a warning. Warnings are potential problems that might break your code, including:
Actually, there is no walker.Module
exists. We only use it to declare and describe the structure of the module.
Property | Type | Description |
---|---|---|
entry | Boolean | whether the current module is the entry point |
foreign | Boolean | whether the current module is from a foreign package. |
require | Object | The <id>: <path> map. id is the module identifier user require() d in the module file. |
resolve | Object | |
async | Object |
String
the enum type of the errorString
error messagesString
the origin error.stackObject
the object of the major information of the error, this is useful for i18n.FAQs
Analyzer and tree walker for commonjs.
The npm package commonjs-walker receives a total of 8 weekly downloads. As such, commonjs-walker popularity was classified as not popular.
We found that commonjs-walker demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.