Security News
CVE Volume Surges Past 48,000 in 2025 as WordPress Plugin Ecosystem Drives Growth
CVE disclosures hit a record 48,185 in 2025, driven largely by vulnerabilities in third-party WordPress plugins.
By Sarah Gooding - Jan 09, 2026
flow-parser
Advanced tools
The flow-parser package
This package contains the Flow parser in its compiled-to-JavaScript form.
What is Flow
See flow.org. The code for the Flow parser lives on GitHub.
What is the Flow Parser
The Flow Parser is a JavaScript parser written in OCaml. It produces an AST that conforms to the ESTree spec and that mostly matches what esprima produces. The Flow Parser can be compiled to native code or can be compiled to JavaScript using js_of_ocaml. This npm package contains the Flow parser compiled to JavaScript.
Usage
You can use the Flow parser in your browser or in node. To use in node you can just do
require('flow-parser').parse('1+1', {});
To use in the browser, you can add
<script src="flow_parser.js"></script>
which will make the flow object available to use like so:
flow.parse('1+1', {});
Options
The second argument to flow.parse is the options object. Currently supported options:
Basic options
types(boolean, defaulttrue) - enable parsing of Flow typesuse_strict(boolean, defaultfalse) - treat the file as strict, without needing a "use strict" directivecomments(boolean, defaulttrue) - attach comments to AST nodes (leadingCommentsandtrailingComments)all_comments(boolean, defaulttrue) - include a list of all comments from the whole programtokens(boolean, defaultfalse) - include a list of all parsed tokens in a top-leveltokensproperty
Language features
enums(boolean, defaultfalse) - enable parsing of enumsmatch(boolean, defaultfalse) - enable parsing of match expressions and match statementscomponents(boolean, defaultfalse) - enable parsing of component syntaxassert_operator(boolean, defaultfalse) - enable parsing of the assert operatoresproposal_decorators(boolean, defaultfalse) - enable parsing of decorators
Other packages similar to flow-parser
acorn
Acorn is a small, fast, JavaScript-based JavaScript parser that produces an AST. It is used by various tools within the JavaScript ecosystem. Acorn is highly extensible through plugins and can handle modern JavaScript syntax. While flow-parser is specific to Flow type annotations, Acorn is more general-purpose and does not have built-in support for Flow types.
typescript-eslint-parser
typescript-eslint-parser is a parser that allows ESLint to lint TypeScript code. It converts TypeScript into an ESTree-compatible form so it can be used in the existing ESLint ecosystem. Unlike flow-parser, which is specific to Flow, typescript-eslint-parser is designed to work with TypeScript and can be used to enforce TypeScript-specific linting rules.
FAQs
JavaScript parser written in OCaml. Produces ESTree AST
The npm package flow-parser receives a total of 4,375,622 weekly downloads. As such, flow-parser popularity was classified as popular.
We found that flow-parser demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Package last updated on 13 Oct 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Insecure Agents Podcast: Certified Patches, Supply Chain Security, and AI Agents
Socket CEO Feross Aboukhadijeh joins Insecure Agents to discuss CVE remediation and why supply chain attacks require a different security approach.
By Sarah Gooding - Jan 08, 2026
Security News
Tailwind CSS Announces 75% Layoffs as LLMs Reshape OSS Business Models
Tailwind Labs laid off 75% of its engineering team after revenue dropped 80%, as LLMs redirect traffic away from documentation where developers discover paid products.
By Sarah Gooding - Jan 08, 2026