Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

detect-import-require

Package Overview
Dependencies
Maintainers
1
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

detect-import-require - npm Package Compare versions

Comparing version 1.1.0 to 2.0.0

65

index.js
var acorn = require('acorn')
var walk = require('acorn/dist/walk')
var escodegen = require('escodegen')
var defined = require('defined')
var isBuffer = require('is-buffer')
var types = require('ast-types')

@@ -18,4 +19,12 @@ var regexRequire = /\brequire\b/

opts = opts || {}
src = (src || '').toString()
// allow Node Buffer
if (isBuffer(src)) {
src = src.toString()
}
if (typeof src !== 'string' && !src) {
throw new Error('src option must be a string, Buffer or AST')
}
var imports = defined(opts.imports, true)

@@ -30,21 +39,30 @@ var requires = defined(opts.requires, true)

// quick regex test before we parse entire AST
var regex = regexBoth
if (imports && !requires) regex = regexImport
else if (requires && !imports) regex = regexRequire
if (!regex.test(src)) {
return results
var ast
if (typeof src === 'string') {
// quick regex test before we parse entire AST
src = (src || '')
var regex = regexBoth
if (imports && !requires) regex = regexImport
else if (requires && !imports) regex = regexRequire
if (!regex.test(src)) {
return results
}
// now parse
ast = acorn.parse(src, {
ecmaVersion: 6,
sourceType: 'module',
allowReserved: true,
allowReturnOutsideFunction: true,
allowHashBang: true
})
} else {
// assume ast is given
ast = src
}
var ast = acorn.parse(src, {
ecmaVersion: 6,
sourceType: 'module',
allowReserved: true,
allowReturnOutsideFunction: true,
allowHashBang: true
})
var importDeclaration, callExpression
if (imports) {
importDeclaration = function (node) {
importDeclaration = function (path) {
var node = path.node
if (node.source.type === 'Literal') {

@@ -54,2 +72,3 @@ results.strings.push(node.source.value)

results.nodes.push(node)
this.traverse(path)
}

@@ -59,4 +78,5 @@ }

if (requires) {
callExpression = function (node) {
if (!isRequire(node)) return
callExpression = function (path) {
var node = path.node
if (!isRequire(node)) return false
if (node.arguments.length) {

@@ -70,8 +90,9 @@ if (node.arguments[0].type === 'Literal') {

results.nodes.push(node)
this.traverse(path)
}
}
walk.simple(ast, {
ImportDeclaration: importDeclaration,
CallExpression: callExpression
types.visit(ast, {
visitImportDeclaration: importDeclaration,
visitCallExpression: callExpression
})

@@ -78,0 +99,0 @@

9

package.json
{
"name": "detect-import-require",
"version": "1.1.0",
"version": "2.0.0",
"description": "list require and import paths from a JavaScript source",

@@ -18,7 +18,10 @@ "main": "index.js",

"dependencies": {
"acorn": "^2.6.4",
"acorn": "^3.2.0",
"ast-types": "^0.8.16",
"defined": "^1.0.0",
"escodegen": "^1.7.0"
"escodegen": "^1.7.0",
"is-buffer": "^1.1.3"
},
"devDependencies": {
"acorn-jsx": "^3.0.1",
"faucet": "0.0.1",

@@ -25,0 +28,0 @@ "standard": "^5.4.1",

README.md
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc