Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

ingredients

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

ingredients

A JavaScript parser

latest
Source
npmnpm
Version
0.0.0
Version published
Maintainers
1
Created
Source

This is a fork of babylon

ingredients

ingredients is a JavaScript parser used in recipes.

Travis Status Codecov Status

  • The latest ECMAScript version enabled by default (ES2017).
  • Comment attachment.
  • Support for JSX and Flow.
  • Support for experimental language proposals.

Credits

Heavily based on acorn and acorn-jsx, thanks to the awesome work of @RReverser and @marijnh.

Significant diversions are expected to occur in the future such as streaming, EBNF definitions, sweet.js integration, interspacial parsing and more.

API

ingredients.parse(code, [options])

Options

  • allowImportExportEverywhere: By default, import and export declarations can only appear at a program's top level. Setting this option to true allows them anywhere where a statement is allowed.

  • allowReturnOutsideFunction: By default, a return statement at the top level raises an error. Set this to true to accept such code.

  • allowSuperOutsideMethod TODO

  • sourceType: Indicate the mode the code should be parsed in. Can be either "script" or "module".

  • sourceFilename: Correlate output AST nodes with their source filename. Useful when generating code and source maps from the ASTs of multiple input files.

  • plugins: Array containing the plugins that you want to enable.

Output

ingredients generates AST according to Babel AST format. It is based on ESTree spec with the following deviations:

AST for JSX code is based on Facebook JSX AST with the addition of one node type:

  • JSXText

Example

require("ingredients").parse("code", {
  // parse in strict mode and allow module declarations
  sourceType: "module",

  plugins: [
    // enable jsx and flow syntax
    "jsx",
    "flow"
  ]
});

Plugins

  • jsx
  • flow
  • doExpressions
  • objectRestSpread
  • decorators
  • classProperties
  • exportExtensions
  • asyncGenerators
  • functionBind
  • functionSent

FAQs

Package last updated on 14 Sep 2016

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains

Research

SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains

An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

By Socket Research Team  -  Feb 20, 2026
Socket Joins the OpenJS Foundation

Company News

Socket Joins the OpenJS Foundation

Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

By Sarah Gooding  -  Feb 19, 2026