Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
get-package-name
Advanced tools
Readme
Extracts the name of a package from its file path.
const getPackageName = require('get-package-name')
getPackageName('./project/node_modules/@babel/parser/lib/index.js') // @babel/parser
This is a Node.js package available through the npm registry. Before installing, download and install Node.js. Node.js 12 or higher is required.
Installation is done using the npm install command:
$ npm install --save-dev get-package-name
Returns the package name for the given module file path.
An absolute or relative path to a module.
The name of the folder in which packages are installed. Defaults to "node_modules"
.
This package is MIT licensed.
FAQs
Get the name of a dependency from a module file path.
The npm package get-package-name receives a total of 57,463 weekly downloads. As such, get-package-name popularity was classified as popular.
We found that get-package-name demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.