Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
The del npm package is a powerful tool for deleting files and directories in a Node.js environment. It uses globs to select files and is built on top of the rimraf package, providing a promise-based API that supports multiple files and globbing patterns.
Delete files and directories
This feature allows you to delete files and directories using glob patterns. The example shows how to delete all JavaScript files in the 'temp' directory except 'temp/unicorn.js'.
const del = require('del');
del(['temp/*.js', '!temp/unicorn.js']).then(paths => {
console.log('Deleted files and folders:\n', paths.join('\n'));
});
Dry run
This feature performs a dry run without actually deleting the files. It's useful for testing which files would be deleted.
const del = require('del');
del(['temp/*.js'], {dryRun: true}).then(paths => {
console.log('Files and folders that would be deleted:\n', paths.join('\n'));
});
Force deletion
This feature allows you to delete files outside of the current working directory. Use with caution as it can potentially cause data loss.
const del = require('del');
del(['../temp/*.js'], {force: true}).then(paths => {
console.log('Deleted files and folders:\n', paths.join('\n'));
});
rimraf is a Node.js package that provides a UNIX command rm -rf like functionality. It is the underlying library that del uses to delete files and directories. Unlike del, rimraf does not return promises natively and does not support globbing patterns without additional modules.
fs-extra is a package that extends the built-in Node.js fs module. It includes methods like remove and emptyDir which can be used to delete files and directories. fs-extra supports promises and can be a more comprehensive file system solution, but it does not have built-in globbing support.
globby is a globbing library for Node.js that can be used in conjunction with other file system packages to delete files using patterns. It is not a direct alternative to del, but it can be used to achieve similar results when combined with fs or fs-extra.
Delete files/folders using globs
Pretty much rimraf with a Promise API and support for multiple files and globbing. It also protects you against deleting the current working directory and above.
$ npm install --save del
var del = require('del');
del(['tmp/*.js', '!tmp/unicorn.js']).then(function (paths) {
console.log('Deleted files/folders:\n', paths.join('\n'));
});
The glob pattern **
matches all children and the parent.
So this won't work:
del.sync(['public/assets/**', '!public/assets/goat.png']);
You have to explicitly ignore the parent directories too:
del.sync(['public/assets/**', '!public/assets', '!public/assets/goat.png']);
Suggestions on how to improve this welcome!
Returns a promise that resolves to an array of deleted paths.
Returns an array of deleted paths.
Type: string
, array
See supported minimatch patterns.
Type: object
See the node-glob
options.
Type: boolean
Default: false
Allow deleting the current working directory and files/folders outside it.
See trash.
MIT © Sindre Sorhus
FAQs
Delete files and directories
The npm package del receives a total of 13,355,062 weekly downloads. As such, del popularity was classified as popular.
We found that del demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.