Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
glob-parent
Advanced tools
The glob-parent npm package is used to extract the non-magic parent path from a glob string, which is useful for determining the directory that a glob is intended to match against, for ensuring consistent behavior in file watching and globbing.
Extracting non-magic parent path from a glob string
This feature allows you to get the directory path without any glob patterns, which is useful for file operations that require a base directory.
const globParent = require('glob-parent');
console.log(globParent('path/to/*.js')); // Output: 'path/to'
Minimatch is a minimal matching utility that can convert glob expressions into JavaScript RegExp objects. It is similar to glob-parent in that it deals with glob patterns, but it focuses more on matching patterns rather than extracting the parent path.
Glob is a package that provides a way to match file paths against specified glob patterns. It is more feature-rich than glob-parent, offering the ability to find all matching files based on a glob pattern, whereas glob-parent simply extracts the base path from a glob string.
Extract the non-magic parent path from a glob string.
var globParent = require('glob-parent');
globParent('path/to/*.js'); // 'path/to'
globParent('/root/path/to/*.js'); // '/root/path/to'
globParent('/*.js'); // '/'
globParent('*.js'); // '.'
globParent('**/*.js'); // '.'
globParent('path/{to,from}'); // 'path'
globParent('path/!(to|from)'); // 'path'
globParent('path/?(to|from)'); // 'path'
globParent('path/+(to|from)'); // 'path'
globParent('path/*(to|from)'); // 'path'
globParent('path/@(to|from)'); // 'path'
globParent('path/**/*'); // 'path'
// if provided a non-glob path, returns the nearest dir
globParent('path/foo/bar.js'); // 'path/foo'
globParent('path/foo/'); // 'path/foo'
globParent('path/foo'); // 'path' (see issue #3 for details)
globParent(maybeGlobString, [options])
Takes a string and returns the part of the path before the glob begins. Be aware of Escaping rules and Limitations below.
{
// Disables the automatic conversion of slashes for Windows
flipBackslashes: true;
}
The following characters have special significance in glob patterns and must be escaped if you want them to be treated as regular path characters:
?
(question mark) unless used as a path segment alone*
(asterisk)|
(pipe)(
(opening parenthesis))
(closing parenthesis){
(opening curly brace)}
(closing curly brace)[
(opening bracket)]
(closing bracket)Example
globParent('foo/[bar]/'); // 'foo'
globParent('foo/\\[bar]/'); // 'foo/[bar]'
This library attempts a quick and imperfect method of determining which path parts have glob magic without fully parsing/lexing the pattern. There are some advanced use cases that can trip it up, such as nested braces where the outer pair is escaped and the inner one contains a path separator. If you find yourself in the unlikely circumstance of being affected by this or need to ensure higher-fidelity glob handling in your library, it is recommended that you pre-process your input with expand-braces and/or expand-brackets.
Backslashes are not valid path separators for globs. If a path with backslashes is provided anyway, for simple cases, glob-parent will replace the path separator for you and return the non-glob parent path (now with forward-slashes, which are still valid as Windows path separators).
This cannot be used in conjunction with escape characters.
// BAD
globParent('C:\\Program Files \\(x86\\)\\*.ext'); // 'C:/Program Files /(x86/)'
// GOOD
globParent('C:/Program Files\\(x86\\)/*.ext'); // 'C:/Program Files (x86)'
If you are using escape characters for a pattern without path parts (i.e.
relative to cwd
), prefix with ./
to avoid confusing glob-parent.
// BAD
globParent('foo \\[bar]'); // 'foo '
globParent('foo \\[bar]*'); // 'foo '
// GOOD
globParent('./foo \\[bar]'); // 'foo [bar]'
globParent('./foo \\[bar]*'); // '.'
ISC
FAQs
Extract the non-magic parent path from a glob string.
We found that glob-parent demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.