Security News
Opengrep Emerges as Open Source Alternative Amid Semgrep Licensing Controversy
Opengrep forks Semgrep to preserve open source SAST in response to controversial licensing changes.
By Sarah Gooding - Jan 28, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
grunt-es-dependency-graph
Advanced tools
grunt-es-dependency-graph
Grunt task for obtaining the dependency graph from ES6 modules
grunt-es-dependency-graph
Grunt task to generate a JSON file with the dependency tree in ES6 module files.
Getting Started
This plugin requires Grunt ~0.4.0
If you haven't used Grunt before, be sure to check out the Getting Started guide, as it explains how to create a Gruntfile as well as install and use Grunt plugins. Once you're familiar with that process, you may install this plugin with this command:
npm install grunt-es-dependency-graph --save-dev
Once the plugin has been installed, it may be enabled inside your Gruntfile with this line of JavaScript:
grunt.loadNpmTasks('grunt-es-dependency-graph');
The depGraph task
Run this task with the grunt depGraph command. This will generate a JSON
file with all the dependencies of each module specified as a task src.
Task targets, files and options may be specified according to the grunt Configuring tasks guide.
Usage example
Recommended
grunt.initConfig({
depGraph: {
production: {
src: ['src/*.js'],
dest: 'dist/dependencies.json'
}
}
});
Running this task will generate a file that looks like this:
{
"module1.js": ["module2"]
}
Including named imports/exports
Alternatively you can get more information from all you source files by using
the includeBindings option:
grunt.initConfig({
depGraph: {
production: {
options: {
includeBindings: true
},
src: ['src/*.js'],
dest: 'dist/dependencies.json'
}
}
});
Chosing this option will generate an output file similar to:
{
"module1.js": {
"imports": {
"module2": ["someImport", "anotherImport"]
},
"exports": ["somethingExported"]
}
}
Normalizing module names
By default module names are left as they were in the source code and top level keys are the paths to each module file. However, this is not desirable for many tools that depend on this information. The moduleName option allows you to normalize those names to whatever pattern works in your project. It receives two parameters: the current path and the path to the parent module in the case of an import. Example:
grunt.initConfig({
depGraph: {
production: {
options: {
includeBindings: true,
moduleName: function (importPath, modulePath) {
return path.join(path.dirname(modulePath), importPath);
}
},
src: ['src/*.js'],
dest: 'dist/dependencies.json'
}
}
});
License
This software is free to use under the Yahoo Inc. BSD license. See the LICENSE file for license text and copyright information.
Contribute
See the CONTRIBUTING file for info.
FAQs
Grunt task for obtaining the dependency graph from ES6 modules
We found that grunt-es-dependency-graph demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 23 Jun 2014
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
By Sarah Gooding - Jan 24, 2025
Security News
cURL Project and Go Security Teams Reject CVSS as Broken
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
By Sarah Gooding - Jan 24, 2025