Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
convert-source-map
Advanced tools
Converts a source-map from/to different formats and allows adding/changing properties.
The convert-source-map npm package is used for dealing with inline and external source maps. It provides functionalities to convert source maps between different formats, such as from a JSON object to a base64-encoded string or from a base64-encoded string to a JSON object. It can also add and remove source map comments from files or code strings.
Convert source map from JSON to base64
This feature allows you to convert a source map from a JSON object to a base64-encoded string, which can be appended to a file as an inline source map.
const convert = require('convert-source-map');
const sourceMap = { version: 3, file: 'out.js', sources: ['foo.js', 'bar.js'], names: [], mappings: 'AAgBC' };
const base64Map = convert.fromObject(sourceMap).toBase64();
Convert source map from base64 to JSON
This feature allows you to convert a base64-encoded source map string back into a JSON object for further manipulation or analysis.
const convert = require('convert-source-map');
const base64Map = 'eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3V0LmpzIiwic291cmNlcyI6WyJmb28uanMiLCJiYXIuanMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBZ0JDIn0=';
const sourceMap = convert.fromBase64(base64Map).toObject();
Add source map comment to code
This feature enables you to append a source map comment to a string of code, which can be useful when generating code dynamically.
const convert = require('convert-source-map');
const code = 'function foo() {}';
const sourceMap = convert.fromObject({ version: 3, sources: ['foo.js'], names: [], mappings: 'AAAA' });
const codeWithSourceMap = code + '\n' + sourceMap.toComment();
Remove source map comment from code
This feature allows you to remove source map comments from a string of code, which can be useful when you need to process the code further without the source map.
const convert = require('convert-source-map');
const codeWithSourceMap = 'function foo() {}\n//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbImZvby5qcyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSJ9';
const codeWithoutSourceMap = convert.removeComments(codeWithSourceMap);
The 'source-map' package provides functionalities to generate and consume source maps. It allows for more complex manipulation of source maps compared to 'convert-source-map', such as applying mappings from one source map to another.
The 'source-map-support' package adds source map support to stack traces in node.js. It is more focused on using source maps to improve debugging rather than converting or manipulating source maps.
The 'sourcemap-codec' package is a library for encoding and decoding the mappings field of source maps. It is more specialized and lower-level compared to 'convert-source-map', focusing solely on the mappings aspect of source maps.
Converts a source-map from/to different formats and allows adding/changing properties.
var convert = require('convert-source-map');
var json = convert
.fromComment('//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYnVpbGQvZm9vLm1pbi5qcyIsInNvdXJjZXMiOlsic3JjL2Zvby5qcyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSIsInNvdXJjZVJvb3QiOiIvIn0=')
.toJSON();
var modified = convert
.fromComment('//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYnVpbGQvZm9vLm1pbi5qcyIsInNvdXJjZXMiOlsic3JjL2Zvby5qcyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSIsInNvdXJjZVJvb3QiOiIvIn0=')
.setProperty('sources', [ 'SRC/FOO.JS' ])
.toJSON();
console.log(json);
console.log(modified);
{"version":3,"file":"build/foo.min.js","sources":["src/foo.js"],"names":[],"mappings":"AAAA","sourceRoot":"/"}
{"version":3,"file":"build/foo.min.js","sources":["SRC/FOO.JS"],"names":[],"mappings":"AAAA","sourceRoot":"/"}
Prior to v2.0.0, the fromMapFileComment
and fromMapFileSource
functions took a String directory path and used that to resolve & read the source map file from the filesystem. However, this made the library limited to nodejs environments and broke on sources with querystrings.
In v2.0.0, you now need to pass a function that does the file reading. It will receive the source filename as a String that you can resolve to a filesystem path, URL, or anything else.
If you are using convert-source-map
in nodejs and want the previous behavior, you'll use a function like such:
+ var fs = require('fs'); // Import the fs module to read a file
+ var path = require('path'); // Import the path module to resolve a path against your directory
- var conv = convert.fromMapFileSource(css, '../my-dir');
+ var conv = convert.fromMapFileSource(css, function (filename) {
+ return fs.readFileSync(path.resolve('../my-dir', filename), 'utf-8');
+ });
Returns source map converter from given object.
Returns source map converter from given json string.
Returns source map converter from given uri encoded json string.
Returns source map converter from given base64 encoded json string.
Returns source map converter from given base64 or uri encoded json string prefixed with //# sourceMappingURL=...
.
Returns source map converter from given filename
by parsing //# sourceMappingURL=filename
.
readMap
must be a function which receives the source map filename and returns either a String or Buffer of the source map (if read synchronously), or a Promise
containing a String or Buffer of the source map (if read asynchronously).
If readMap
doesn't return a Promise
, fromMapFileComment
will return a source map converter synchronously.
If readMap
returns a Promise
, fromMapFileComment
will also return Promise
. The Promise
will be either resolved with the source map converter or rejected with an error.
Synchronous read in Node.js:
var convert = require('convert-source-map');
var fs = require('fs');
function readMap(filename) {
return fs.readFileSync(filename, 'utf8');
}
var json = convert
.fromMapFileComment('//# sourceMappingURL=map-file-comment.css.map', readMap)
.toJSON();
console.log(json);
Asynchronous read in Node.js:
var convert = require('convert-source-map');
var { promises: fs } = require('fs'); // Notice the `promises` import
function readMap(filename) {
return fs.readFile(filename, 'utf8');
}
var converter = await convert.fromMapFileComment('//# sourceMappingURL=map-file-comment.css.map', readMap)
var json = converter.toJSON();
console.log(json);
Asynchronous read in the browser:
var convert = require('convert-source-map');
async function readMap(url) {
const res = await fetch(url);
return res.text();
}
const converter = await convert.fromMapFileComment('//# sourceMappingURL=map-file-comment.css.map', readMap)
var json = converter.toJSON();
console.log(json);
Finds last sourcemap comment in file and returns source map converter or returns null
if no source map comment was found.
Finds last sourcemap comment in file and returns source map converter or returns null
if no source map comment was found.
readMap
must be a function which receives the source map filename and returns either a String or Buffer of the source map (if read synchronously), or a Promise
containing a String or Buffer of the source map (if read asynchronously).
If readMap
doesn't return a Promise
, fromMapFileSource
will return a source map converter synchronously.
If readMap
returns a Promise
, fromMapFileSource
will also return Promise
. The Promise
will be either resolved with the source map converter or rejected with an error.
Returns a copy of the underlying source map.
Converts source map to json string. If space
is given (optional), this will be passed to
JSON.stringify when the
JSON string is generated.
Converts source map to uri encoded json string.
Converts source map to base64 encoded json string.
Converts source map to an inline comment that can be appended to the source-file.
By default, the comment is formatted like: //# sourceMappingURL=...
, which you would
normally see in a JS source file.
When options.encoding == 'uri'
, the data will be uri encoded, otherwise they will be base64 encoded.
When options.multiline == true
, the comment is formatted like: /*# sourceMappingURL=... */
, which you would find in a CSS source file.
Adds given property to the source map. Throws an error if property already exists.
Sets given property to the source map. If property doesn't exist it is added, otherwise its value is updated.
Gets given property of the source map.
Returns src
with all source map comments removed
Returns src
with all source map comments pointing to map files removed.
Provides a fresh RegExp each time it is accessed. Can be used to find source map comments.
Breaks down a source map comment into groups: Groups: 1: media type, 2: MIME type, 3: charset, 4: encoding, 5: data.
Provides a fresh RegExp each time it is accessed. Can be used to find source map comments pointing to map files.
Returns a comment that links to an external source map via file
.
By default, the comment is formatted like: //# sourceMappingURL=...
, which you would normally see in a JS source file.
When options.multiline == true
, the comment is formatted like: /*# sourceMappingURL=... */
, which you would find in a CSS source file.
FAQs
Converts a source-map from/to different formats and allows adding/changing properties.
The npm package convert-source-map receives a total of 57,013,532 weekly downloads. As such, convert-source-map popularity was classified as popular.
We found that convert-source-map demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.