Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

esgraph

Package Overview
Dependencies
Maintainers
2
Versions
8
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

esgraph

creates a control flow graph from an esprima abstract syntax tree

  • 0.3.0
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
33
decreased by-45%
Maintainers
2
Weekly downloads
 
Created
Source

esgraph

creates a control flow graph from an esprima abstract syntax tree

Build Status Coverage Status Dependency Status

Installation

$ npm install esgraph

Usage

esgraph

The esgraph binary reads from stdin and outputs dot-format usable by graphviz. To create a png file showing the CFG of a js file:

$ cat $file | esgraph | dot -Tpng > output.png

example graph

library

const esgraph = require("esgraph");

const cfg = esgraph(esprima.parse(source, { range: true }));
// cfg[0] is the start node
// cfg[1] is the end node
// cfg[2] is an array of all nodes for easier iteration

// each node has:
node.astNode; // this is the original esprima AST node, either a statement or an expression
node.prev; // an array of predecessor nodes
node.next; // an array of all successor nodes

// the successor nodes are also awailable by type:
node.normal; // the next statement reached via normal flow
node.true; // the next statement reached when `node.astNode` evaluates to true
node.false; // the next statement reached when `node.astNode` evaluates to false
node.exception; // the next statement reached when `node.astNode` throws

const dot = esgraph.dot(cfg, { counter: startCount, source: source });
// returns the cfg printed in graphviz dot format.
node.label; // can be used to use a custom label for that node
// otherwise `esgraph.dot` will print the nodes source when the ast is created
// with {range: true} and {source: source} option is set

License

LGPLv3

Keywords

FAQs

Package last updated on 13 Nov 2017

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc