Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
The deps-sort npm package is used to sort a stream of module dependencies in a way that ensures each module appears after its dependencies. This is particularly useful in build processes where the order of module loading is crucial.
Sorting Dependencies
This feature allows you to sort a list of module dependencies so that each module appears after its dependencies. The code sample demonstrates how to use deps-sort to sort an array of module objects.
const depsSort = require('deps-sort');
const through = require('through2');
const input = [
{ id: 'a', deps: { b: 'b' } },
{ id: 'b', deps: { c: 'c' } },
{ id: 'c', deps: {} }
];
const output = [];
const sorter = depsSort();
sorter.pipe(through.obj((row, enc, next) => {
output.push(row);
next();
}));
input.forEach(row => sorter.write(row));
sorter.end();
sorter.on('end', () => {
console.log(output);
});
module-deps is a package that provides a way to parse the dependency graph of CommonJS modules. It can be used to find and sort dependencies, similar to deps-sort, but it also includes additional features like transforming the source code of modules.
browserify is a tool that allows you to bundle up all of your JavaScript dependencies for the browser. It includes functionality for sorting dependencies as part of its bundling process, making it a more comprehensive solution compared to deps-sort.
webpack is a module bundler that takes modules with dependencies and generates static assets representing those modules. It includes advanced features for dependency management and sorting, making it a more powerful but complex alternative to deps-sort.
sort module-deps output for deterministic browserify bundles
$ for((i=0;i<5;i++)); do module-deps main.js | deps-sort | browser-pack | md5sum; done
e9e630de2c62953140357db0444c3c3a -
e9e630de2c62953140357db0444c3c3a -
e9e630de2c62953140357db0444c3c3a -
e9e630de2c62953140357db0444c3c3a -
e9e630de2c62953140357db0444c3c3a -
or using browserify --deps
on a voxeljs project:
$ for((i=0;i<5;i++)); do browserify --deps browser.js | deps-sort | browser-pack | md5sum; done
fb418c74b53ba2e4cef7d01808b848e6 -
fb418c74b53ba2e4cef7d01808b848e6 -
fb418c74b53ba2e4cef7d01808b848e6 -
fb418c74b53ba2e4cef7d01808b848e6 -
fb418c74b53ba2e4cef7d01808b848e6 -
To use this module programmatically, write streaming object data and read streaming object data:
var sort = require('../')();
var JSONStream = require('JSONStream');
var parse = JSONStream.parse([ true ]);
var stringify = JSONStream.stringify();
process.stdin.pipe(parse).pipe(sort).pipe(stringify).pipe(process.stdout);
var depsSort = require('deps-sort');
Return a new through stream
that should get written
module-deps objects and will output
sorted objects.
opts
can be:
opts.index
- when true, for each module-deps row, insert row.index
with
the numeric index and row.indexDeps
like row.deps
but mapping require
strings to row indicesWith npm do:
npm install deps-sort
MIT
FAQs
sort module-deps output for deterministic browserify bundles
The npm package deps-sort receives a total of 828,166 weekly downloads. As such, deps-sort popularity was classified as popular.
We found that deps-sort demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 40 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.