Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
The globby npm package is a JavaScript library that provides a convenient interface for file system pattern matching using glob patterns. It is built on top of node-glob and fast-glob, offering a powerful and flexible way to match file paths against specified patterns. It supports multiple patterns, negated patterns, and can handle file system operations asynchronously or synchronously.
Asynchronous file pattern matching
This feature allows you to match files using glob patterns asynchronously. The example code shows how to match all files in a directory and its subdirectories, excluding the 'node_modules' directory.
const globby = require('globby');
globby(['**/*', '!node_modules']).then(paths => {
console.log(paths);
});
Synchronous file pattern matching
This feature allows you to match files using glob patterns synchronously. The example code demonstrates how to perform the same operation as the asynchronous example, but in a synchronous manner.
const globby = require('globby');
const paths = globby.sync(['**/*', '!node_modules']);
console.log(paths);
Expand directories
This feature automatically expands directory patterns to match files with specified extensions. The example code matches all JavaScript and TypeScript files within the 'src' directory.
const globby = require('globby');
globby(['src/**'], { expandDirectories: ['js', 'ts'] }).then(paths => {
console.log(paths);
});
Stream interface
This feature provides a stream interface for handling large sets of matched files. The example code creates a stream that emits paths for all files in a directory and its subdirectories.
const globby = require('globby');
const stream = globby.stream('**/*');
stream.on('data', path => {
console.log(path);
});
fast-glob is a fast and efficient library for pattern matching. It is one of the underlying libraries used by globby. Compared to globby, fast-glob provides lower-level control but lacks some convenience features like negated patterns and directory expansion.
node-glob is the original glob implementation for Node.js. It is also used by globby under the hood. While it is feature-rich, globby provides a more modern and simpler API, as well as additional features like promise support and multiple pattern matching.
micromatch is a minimal matching utility that provides glob matching functionality. It is designed to be faster and more efficient than node-glob. However, globby offers a more user-friendly API and additional features like asynchronous matching and directory expansion.
Extends glob with support for multiple patterns
$ npm install --save globby
├── unicorn
├── cake
└── rainbow
var globby = require('globby');
globby(['*', '!cake'], function (err, paths) {
console.log(paths);
//=> ['unicorn', 'rainbows']
});
Required
Type: string
, array
See supported minimatch patterns.
Type: object
See the node-glob options.
Just a quick overview.
*
matches any number of characters, but not /
?
matches a single character, but not /
**
matches any number of characters, including /
, as long as it's the only thing in a path part{}
allows for a comma-separated list of "or" expressions!
at the beginning of a pattern will negate the matchVarious patterns and expected matches.
MIT © Sindre Sorhus
FAQs
User-friendly glob matching
The npm package globby receives a total of 37,918,397 weekly downloads. As such, globby popularity was classified as popular.
We found that globby demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.