
Research
/Security News
Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
find-package-json
Advanced tools
Find package.json files in parent directories, keep finding until you find the right one using iterators.
Easily find package.json files that you're searching for. It spiders parent
directories for package.json
files and correctly reads the results. It follows
an ES6 iterator design so it should be easy to implement.
The module is released in the public npm registry and can be installed by running:
npm install --save find-package-json
We expose a single function as module interface. So in all examples we assume that you've already required the code as illustrated in the example below:
'use strict';
var finder = require('find-package-json');
The function accepts 1 optional argument which is the directory it should start
searching in or a module object with a filename
key. If nothing is provided
it will default to process.cwd()
as entry point.
As we're build upon the iterator interface you can simply call the .next()
function of the returned result to find the first package.json. If you don't
like the result, call .next()
again to find the next file. Please do note that
these methods do synchronous API calls in Node.js so they are blocking.
var f = finder(__dirname);
console.log(f.next().value); // the package.json object
console.log(f.next().filename); // the path to the package.json file
You can also search for the global module
object:
var f = finder(module);
console.log(f.next().value); // the package.json object
console.log(f.next().filename); // the path to the package.json file
If there is no more package.json's to be found, the method will set the returned
done
key as true
;
var f = finder(__dirname);
f.next().done // false
f.next().done // true
MIT
FAQs
Find package.json files in parent directories, keep finding until you find the right one using iterators.
The npm package find-package-json receives a total of 1,286,890 weekly downloads. As such, find-package-json popularity was classified as popular.
We found that find-package-json demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
Security News
Socket now integrates with Bun 1.3’s Security Scanner API to block risky packages at install time and enforce your organization’s policies in local dev and CI.
Research
The Socket Threat Research Team is tracking weekly intrusions into the npm registry that follow a repeatable adversarial playbook used by North Korean state-sponsored actors.