Latest Threat ResearchGlassWorm Loader Hits Open VSX via Developer Account Compromise.Details
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

installed-package

Package Overview
Dependencies
Maintainers
1
Versions
3
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

installed-package

Run your tests against an installed version of your package

latest
Source
npmnpm
Version
1.0.2
Version published
Maintainers
1
Created
Source

installed-package

Note: For the installs to actually work, you'll need a version of node that supports execFileSync (node >=4). The module will gracefully degrade for earlier node versions.

A helper library that lets you run your tests against an installed version of your package. This helps catch publish-related problems like:

  • Files that aren't included in the npm package.
  • Imports of devDependencies in the files shipped to npm.

During normal test runs it will just require the files from the project directory. Only when you run the tests with CI=true will it do a fresh install of the package to a temporary directory and redirect imports there.

Usage

Install

npm install --save-dev installed-package

Test Setup

If this is how your tests are currently importing your package:

var mainExport = require('..');
var secondaryEntryPoint = require('../secondary');

// Test code that uses `mainExport`/`secondaryEntryPoint`...

Replace it with the following:

var installed = require('installed-package')();

var mainExport = installed();
var secondaryEntryPoint = installed('secondary');

// Test code that uses `mainExport`/`secondaryEntryPoint`...

API

The default export of this module is installPackage.

installPackage(packageRoot = process.cwd(), doInstall = process.env.CI)

Installs the npm package located at packageRoot into a temporary directory. Returns a function that will require a module relative to the installed package. If the function is called without an argument, the main entry point of the package will be required.

FAQs

Package last updated on 05 Jan 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

The Next Open Source Security Race: Triage at Machine Speed

Security News

The Next Open Source Security Race: Triage at Machine Speed

Claude Opus 4.6 has uncovered more than 500 open source vulnerabilities, raising new considerations for disclosure, triage, and patching at scale.

By Sarah Gooding  -  Feb 06, 2026
Malicious dYdX Packages Published to npm and PyPI After Maintainer Compromise

Research

/

Security News

Malicious dYdX Packages Published to npm and PyPI After Maintainer Compromise

Malicious dYdX client packages were published to npm and PyPI after a maintainer compromise, enabling wallet credential theft and remote code execution.

By Kush Pandya  -  Feb 06, 2026