Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
contains-path
Advanced tools
What is contains-path?
The contains-path npm package is used to determine if a given path is inside another path. It is a simple utility that can be used to check if a file or directory is contained within another directory, which can be useful for ensuring proper file structure, security checks, and more.
What are contains-path's main functionalities?
Check if a path contains another path
This feature allows you to check if one path is contained within another. It returns true if the first path is inside the second path, otherwise false.
const containsPath = require('contains-path');
console.log(containsPath('/a/b/c', '/a/b')); // true
console.log(containsPath('/a/b/c', '/x/y')); // falseOther packages similar to contains-path
path-is-inside
This package provides similar functionality to contains-path. It allows you to check if one path is inside another path. The API might differ slightly, but the core functionality is the same.
is-path-inside
Another package that checks if a path is inside another path. It compares to contains-path in terms of functionality but may have different implementation details or additional features.
contains-path 
Return true if a file path contains the given path.
Install
Install with npm:
$ npm install --save contains-path
Install with yarn:
$ yarn add contains-path
HEADS UP!
As of v1.0.0, this library no longer uses regex for matching. Please do not hesitate to report any issues or regressiosn.
Usage
var containsPath = require('contains-path');
containsPath('foo/bar', 'foo'); //=> true
containsPath('foo/bar', 'bar'); //=> true
containsPath('foo/bar', 'qux'); //=> false
// returns false for partial matches
containsPath('foobar', 'foo'); //=> false
containsPath('foo.bar', 'foo'); //=> false
containsPath('foo.bar', 'bar'); //=> false
// prefix with "./" to match from beginning of filepath
containsPath('bar/foo', 'foo'); //=> true
containsPath('bar/foo', './foo'); //=> false
Negation
Prefix with ! to invert matching behavior:
containsPath('foo/bar', '!foo'); //=> false
containsPath('foo/bar', '!qux'); //=> true
Options
options.nocase
Type: boolean
Default: false
Disable case sensitivity.
containsPath('foo/bar', 'FOO'); //=> false
containsPath('foo/bar', 'FOO', {nocase: true}); //=> true
options.partialMatch
Type: boolean
Default: false
Allow "partial" matches:
containsPath('foobar', 'foo'); //=> false
containsPath('foobar', 'foo', {partialMatch: true}); //=> true
containsPath('foo.bar', 'foo'); //=> false
containsPath('foo.bar', 'foo', {partialMatch: true}); //=> true
About
Related projects
- ends-with: Returns
trueif the givenstringorarrayends withsuffixusing strict equality for… more | homepage - normalize-path: Normalize file path slashes to be unix-like forward slashes. Also condenses repeat slashes to a… more | homepage
- path-ends-with: Return
trueif a file path ends with the given string/suffix. | homepage - unixify: Convert Windows file paths to unix paths. | homepage
Contributing
Pull requests and stars are always welcome. For bugs and feature requests, please create an issue.
Contributors
| Commits | Contributor |
|---|---|
| 2 | jonschlinkert |
| 1 | germtb |
Building docs
(This project's readme.md is generated by verb, please don't edit the readme directly. Any changes to the readme must be made in the .verb.md readme template.)
To generate the readme, run the following command:
$ npm install -g verbose/verb#dev verb-generate-readme && verb
Running tests
Running and reviewing unit tests is a great way to get familiarized with a library and its API. You can install dependencies and run tests with the following command:
$ npm install && npm test
Author
Jon Schlinkert
License
Copyright © 2017, Jon Schlinkert. Released under the MIT License.
This file was generated by verb-generate-readme, v0.5.0, on April 17, 2017.
FAQs
Return true if a file path contains the given path.
The npm package contains-path receives a total of 2,288,633 weekly downloads. As such, contains-path popularity was classified as popular.
We found that contains-path demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 17 Apr 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025