Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
esquery
Advanced tools
Package description
The esquery npm package is a tool for querying the abstract syntax tree (AST) of ECMAScript (JavaScript) code. It allows developers to find specific nodes within the AST using a CSS-like query syntax, making it easier to analyze and manipulate code structure programmatically.
Selecting nodes by type
This feature allows you to select all nodes of a specific type, such as all function declarations in the AST. The code sample demonstrates how to select all function declaration nodes.
esquery(ast, 'FunctionDeclaration');
Selecting nodes by attribute
You can select nodes based on their attributes, such as selecting all nodes where the name attribute is 'myFunction'. The code sample shows how to select nodes with a specific name.
esquery(ast, '[name="myFunction"]');
Pseudo-classes for node selection
Esquery supports pseudo-classes for more complex queries, such as selecting the second child node of every matched set. The code sample demonstrates selecting the second child node.
esquery(ast, ':nth-child(2)');
jscodeshift is a toolkit for running codemods over multiple JavaScript or TypeScript files. It uses a different approach than esquery by providing a more extensive API for transforming the AST but also supports querying the AST in a way similar to esquery.
acorn is a fast, small JavaScript parser that generates an abstract syntax tree (AST). While it doesn't offer querying capabilities like esquery, it's often used in conjunction with other tools to analyze and manipulate JavaScript code.
estraverse is a simple but powerful library for traversing and optionally modifying the AST of ECMAScript code. It doesn't use a query language like esquery but provides a programmatic way to navigate and manipulate nodes in the AST.
Readme
ESQuery is a library for querying the AST output by Esprima for patterns of syntax using a CSS style selector system. Check out the demo:
The following selectors are supported:
ForStatement
*
[attr]
[attr="foo"]
or [attr=123]
[attr=/foo.*/]
[attr!="foo"]
, [attr>2]
, [attr<3]
, [attr>=2]
, or [attr<=3]
[attr.level2="foo"]
FunctionDeclaration > Identifier.id
:first-child
or :last-child
:nth-child(2)
:nth-last-child(1)
ancestor descendant
parent > child
node ~ sibling
node + adjacent
:not(ForStatement)
:matches([attr] > :first-child, :last-child)
!IfStatement > [name="foo"]
:statement
, :expression
, :declaration
, :function
, or :pattern
FAQs
A query library for ECMAScript AST using a CSS selector like query language.
The npm package esquery receives a total of 25,853,587 weekly downloads. As such, esquery popularity was classified as popular.
We found that esquery demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.