Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
What is fined?
The 'fined' npm package is a utility that helps in finding files or directories based on a specified pattern or path. It is particularly useful for locating configuration files within projects or modules by providing a flexible way to specify search criteria and paths.
What are fined's main functionalities?
File Searching
This feature allows users to search for files with specific names and extensions within a given directory. The code sample demonstrates how to search for 'config.json' or 'config.js' in the current directory.
const fined = require('fined');
const result = fined({path: '.', extensions: ['.json', '.js']}, {name: 'config'});
console.log(result);Custom Path and Extension Resolution
This feature enables the customization of search paths and file extensions, including the ability to search parent directories ('findUp' option). The example searches for 'app.config' or 'app.cfg' in the 'configs' directory or upwards.
const fined = require('fined');
const pathSpec = {path: 'configs', extensions: ['.config', '.cfg'], findUp: true};
const result = fined(pathSpec, {name: 'app'});
console.log(result);Other packages similar to fined
find-up
Similar to 'fined', 'find-up' allows users to find files by walking up parent directories. It is simpler in usage compared to 'fined' which offers more detailed configuration options like multiple extensions and specific directory paths.
glob
While 'glob' is primarily used for pattern matching on filenames, it shares the file searching capability with 'fined'. Unlike 'fined', 'glob' supports complex patterns but does not have built-in support for prioritizing specific file extensions or names.
fined
Find a file given a declaration of locations.
Usage
var fined = require('fined');
fined({ path: 'path/to/file', extensions: ['.js', '.json'] });
// => { path: '/absolute/path/to/file.js', extension: '.js' } (if file exists)
// => null (if file does not exist)
var opts = {
name: '.app',
cwd: '.',
extensions: {
rc: 'default-rc-loader',
'.yml': 'default-yml-loader',
},
};
fined({ path: '.' }, opts);
// => { path: '/absolute/of/cwd/.app.yml', extension: { '.yml': 'default-yml-loader' } }
fined({ path: '~', extensions: { rc: 'some-special-rc-loader' } }, opts);
// => { path: '/User/home/.apprc', extension: { 'rc': 'some-special-rc-loader' } }
API
fined(pathObj, opts) => object | null
Arguments:
-
pathObj [string | object] : a path setting for finding a file.
-
opts [object] : a plain object supplements
pathObj.pathObjandoptscan have same properties:- path [string] : a path string.
- name [string] : a basename.
- extensions: [string | array | object] : extensions.
- cwd: a base directory of
pathand for finding up. - findUp: [boolean] : a flag to find up.
Return:
This function returns a plain object which consists of following properties if a file exists otherwise null.
- path : an absolute path
- extension : a string or a plain object of extension.
License
MIT
FAQs
Find a file given a declaration of locations.
The npm package fined receives a total of 2,790,461 weekly downloads. As such, fined popularity was classified as popular.
We found that fined demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 31 Oct 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024