
Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
global-modules-path
Advanced tools
Returns path to globally installed package.
In order to use this package you need:
npm --version
from your default terminal).The module has a single public method called getPath
. It requires at least one argument - the name of the globally installed package that you need.
In case the package is not installed, getPath
will return null.
getPath
will throw error in case the OS is NOT supported. Supported OS are:
process.platform
returns win32
)process.platform
returns darwin
)process.platform
returns linux
)Example:
let pathToPackage = require("global-modules-path").getPath("packageName");
The method returns the path to globally installed package or null. The code constructs the path based on the result of npm config get prefix
and checks if the package exists.
Example:
let pathToPackage = require("global-modules-path").getPath("packageName", "executableName");
The method returns the path to globally installed package or null. The code constructs the path based on the result of npm config get prefix
and checks if the package exists. In case the package cannot be found in this way, the executableName
is used to determine if the package is globally installed.
where executableName
command and parses the result.ls -l executableName
and which executableName
and parses the results.NOTE: In some cases the executable name is not the same as the package name.
FAQs
Returns path to globally installed package
We found that global-modules-path demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.