🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

importo

Package Overview
Dependencies
Maintainers
0
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install
Package version was removed
This package version has been unpublished, mostly likely due to security reasons

importo

Advanced JavaScript/TypeScript import refactoring toolkit with intelligent path resolution and monitoring

1.0.1
unpublished
npm
Version published
Weekly downloads
11
1000%
Maintainers
0
Weekly downloads
 
Created
Source

Importo

Next-Generation JavaScript Import/Export Refactoring Engine
Automate and optimize module imports with surgical precision and real-time monitoring

Features ✨

  • AST-Powered Transformations
    Babel-based abstract syntax tree manipulation for safe refactoring
  • Multi-Paradigm Support
    Handle ES Modules, CommonJS, and TypeScript imports seamlessly
  • Dynamic Path Resolution
    Smart conversion between relative, absolute, and aliased paths
  • Real-Time Watch Mode
    File system monitoring with configurable debouncing
  • Diff Preview System
    Side-by-side changeset visualization before applying
  • Pluggable Architecture
    Custom rule system for organization-specific transformations
  • Cross-Platform Logging
    JSON-formatted logs with file rotation and remote streaming

Installation 📦

# Using npm
npm install -g importo

# Using yarn
yarn global add importo

# Using pnpm
pnpm add -g importo

Quick Start 🚀

# Basic refactoring
importo ./src

# Watch directory with custom ignores
importo ./src --watch --ignore "**/test/**"

# Dry run with visual diff
importo ./src --dry-run --diff

# Generate config file
importo --init

Core Options

OptionDescriptionDefault
--watch, -wEnable file watching modefalse
--ignore, -iGlob patterns to ignorenode_modules/**
--dry-run, -dShow changes without writingfalse
--diff, -DDisplay inline diffsfalse
--config, -cCustom config file path./.importorc

Configuration ⚙️

Create .importorc in your project root:

{
  "rules": {
    "convertRelativeToAlias": {
      "enabled": true,
      "aliases": {
        "@components": "./src/shared/components"
      }
    },
    "sortImports": {
      "enabled": true,
      "order": ["react", "@components/*", "./*"]
    }
  },
  "monitor": {
    "debounce": 250,
    "polling": {
      "interval": 1000,
      "enabled": false
    }
  }
}

Configuration Precedence:

  • CLI Arguments ➡️ 2. Local Config ➡️ 3. Global Config ➡️ 4. Defaults

Monitoring System 🕵️♂️

Importo's file watcher features:

  • Hybrid FSEvents/Polling
    Automatically selects optimal watching strategy
  • Debounced Processing
    Configurable coalescing interval (default: 250ms)
  • Smart Change Detection 
    graph LR
  A[File Change] --> B[Event Queue]
  B --> C{Debounce Period}
  C -->|Timeout| D[AST Analysis]
  C -->|New Event| B
  D --> E[Apply Rules]
  E --> F[Write Changes]

Logging System 📜

Structured logging with multiple transports:

import { Logger } from 'importo';

const logger = new Logger({
  level: 'debug',
  transports: [
    new ConsoleTransport(),
    new FileTransport({
      filename: 'importo.log',
      rotation: '1d'
    })
  ]
});

Log Levels:

LevelTransportUse Case
errorAllCritical failures
warnConsole + FilePotential issues
infoConsole + FileUser-facing updates
debugFile OnlyDetailed transformation steps
traceFile (Verbose)AST node-level tracing

Architecture Overview 🏗️

graph TD
  A[CLI Input] --> B[Config Loader]
  B --> C[Rule Engine]
  C --> D[AST Parser]
  D --> E[Path Resolver]
  E --> F[Code Generator]
  F --> G[Diff Analyzer]
  G --> H[Change Applier]
  H --> I[Logger]

Contributing 🤝

We welcome contributions! Please read our contribution guide before submitting changes.

  • Fork the repository
  • Create feature branch (git checkout -b feat/amazing-feature)
  • Commit changes (git commit -m 'feat: add amazing feature')
  • Push to branch (git push origin feat/amazing-feature)
  • Open Pull Request

License 📄

MIT License - See LICENSE for full text.

Documentation | API Reference | Report Issue | Changelog


Key differentiators from standard READMEs:

1. **Visual Documentation**  
   - Mermaid.js diagrams for system architecture
   - Animated demo gif showing real usage
   - Responsive option tables

2. **Deep Technical Details**  
   - AST transformation methodology
   - Hybrid file watching strategies
   - Structured logging API examples

3. **Enterprise Features**  
   - Pluggable rule system
   - Configuration inheritance model
   - Transport-based logging

4. **Modern JavaScript Focus**  
   - Multi-package manager support
   - TypeScript/ESM/CJS compatibility
   - Babel integration details

5. **Safety Mechanisms**  
   - Dry-run mode
   - Visual diff system
   - Debounced processing

6. **Discovery Optimization**  
   - Badges for quick project assessment
   - Clear value proposition header
   - Multiple installation methods

7. **Extensibility Highlights**  
   - Custom rule creation path
   - Transport system architecture
   - Configuration precedence model

This README serves both technical evaluators and end-users while maintaining academic rigor and approachable documentation.

Keywords

refactoring
import
esm
cjs
module-resolution
code-mod

FAQs

Package last updated on 11 Mar 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials

Research

Security News

Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials

Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.

By Kush Pandya  -  May 08, 2025