import-local
Advanced tools
Let a globally installed package use a locally installed version of itself if available
The import-local npm package is designed to allow a globally installed package to defer to a locally installed version of itself when it is being run within a project that has that package as a dependency. This is useful for testing local changes to a package without having to publish the package or modify the global version.
Deferring to local version
This code checks if a local version of the package is available. If it is, it will use the local version and log a message to the console. Otherwise, it will proceed with the global package's code.
if (importLocal(__filename)) {
console.log('Using local version of this package');
} else {
// Code for the global package goes here
}The resolve-from package allows you to resolve a module path from a given root directory. It's similar to import-local in that it helps with module resolution, but it doesn't automatically defer to a local version of a package.
Require-local is another package that allows for requiring modules from a local context. It's similar to import-local but does not provide the automatic deferring mechanism to local versions when a global version is run.
Linklocal can link local dependencies for development purposes. It's similar to import-local in that it helps with using local versions of packages, but it works by creating symlinks rather than deferring when a global version is executed.
Let a globally installed package use a locally installed version of itself if available
Useful for CLI tools that want to defer to the user's locally installed version when available, but still work if it's not installed locally. For example, AVA and XO uses this method.
$ npm install import-local
const importLocal = require('import-local');
if (importLocal(__filename)) {
console.log('Using local version of this package');
} else {
// Code for both global and local version here…
}
FAQs
Let a globally installed package use a locally installed version of itself if available
We found that import-local demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket is tracking a new trend where malicious actors are now exploiting the popularity of LLM research to spread malware through seemingly useful open source packages.
Security News
Research
Noxia, a new dark web bulletproof host, offers dirt cheap servers for Python, Node.js, Go, and Rust, enabling cybercriminals to distribute malware and execute supply chain attacks.
Company News
Socket safeguards companies from software supply chain attacks by detecting and preventing threats in open source code and empowering developers to secure their applications and critical services against malware and other security risks.