Security News
JSR Working Group Kicks Off with Ambitious Roadmap and Plans for Open Governance
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
detective-typescript
Advanced tools
The detective-typescript npm package is designed to analyze TypeScript files to extract dependencies, such as import and require statements. It can be used to understand the structure of a TypeScript project, identify unused dependencies, or automate tasks that involve analyzing the dependency graph of a project.
Extract import statements
This feature allows you to extract all the import statements from a given TypeScript file content. The code sample demonstrates how to use detective-typescript to parse a string containing TypeScript code and return an array of the imported modules.
const detective = require('detective-typescript');
const content = `import { join } from 'path';
import * as fs from 'fs';`;
const dependencies = detective(content);
Extract require statements
In addition to import statements, detective-typescript can also extract require statements from TypeScript files. This is useful for projects that use a mix of ES6 and CommonJS modules. The code sample shows how to extract dependencies from a string of TypeScript code that uses require.
const detective = require('detective-typescript');
const content = `const express = require('express');
const app = express();`;
const dependencies = detective(content);
Precinct is a more general-purpose dependency detection tool that supports multiple file types, including JavaScript, TypeScript, and CSS. While detective-typescript focuses specifically on TypeScript, Precinct provides a broader range of functionality but might be less specialized for TypeScript-specific nuances.
Madge is a tool for generating a visual graph of module dependencies, and it can analyze TypeScript files among others. Unlike detective-typescript, which is focused on extracting dependencies from file content, Madge provides a higher-level overview of the project structure and can be used for visualizing and analyzing the dependency graph.
Get the dependencies of TypeScript module
npm install detective-typescript
const fs = require('fs');
const detective = require('detective-typescript');
const mySourceCode = fs.readFileSync('myfile.ts', 'utf8');
// Pass in a file's content or an AST
const dependencies = detective(mySourceCode);
skipTypeImports
(default: false
) Skips imports that only imports typesmixedImports
: (default: false
) Include CJS imports in dependency listskipAsyncImports
: (default: false
) Whether or not to omit async imports (import('foo'))jsx
: (default: false
) Enable parsing of JSXonFile
: A callback that will be called before the file is processed. Intended for use with dependency-tree
. Passed an object argument with properties options
(echoing any options passed in, e.g., by precinct
), src
(source code for file as string), ast
(parsed AST object for the file source), and walker
(a Walker
instance from node-source-walk
configured for TypeScript to which you can pass the ast
or src
).onAfterFile
: Similar to onFile
, but the callback is also passed an object property dependencies
, a string array with the extracted dependencies.MIT
FAQs
Get the dependencies of a TypeScript module
The npm package detective-typescript receives a total of 860,374 weekly downloads. As such, detective-typescript popularity was classified as popular.
We found that detective-typescript demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.