Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
invalidate-module
Advanced tools
Readme
Removes a module and all of its dependents from the require cache, so that subsequent requires of that module or any of its dependents will return new copies.
Useful for implementing a hot-reloading environment for Node.js programs in watch mode.
e.g. iterating on a static site generator that uses server side rendered React components for templating.
npm install invalidate-module
Start the module dependencies tracking by requiring invalidate-module
.
const invalidate = require('invalidate-module');
Call invalidate()
with the absolute path of a module to remove it and its
dependents from require.cache
.
invalidate(require.resolve('./my-module'));
Note that you must provide the absolute path of the module, so use something
like require.resolve()
or path.resolve()
.
Example when used with a watcher like chokidar:
index.js
const chokidar = require('chokidar');
const path = require('path');
const invalidate = require('invalidate-module');
const watcher = chokidar.watch('.', { ignoreInitial: true });
require('./a');
watcher.on('all', (event, filename) => {
invalidate(path.resolve(filename));
require('./a');
});
a.js
require('./b');
console.log('this is module a');
b.js
console.log('this is module b');
Running index.js
will call require('./a')
which prints:
this is module b
this is module a
If you make this change to a.js
and save:
require('./b');
console.log('this is module a v2');
The watcher callback will fire and invalidate a.js
so that require('./a')
loads the new version and this gets logged:
this is module a v2
Because b.js
is still in require.cache
, the require('./b')
does nothing.
If you make this change to b.js
and save:
console.log('this is module b v2');
b.js
and its dependent a.js
will be invalidated and it will log:
this is module b v2
this is module a v2
At the time of requiring this module, node's require()
is monkey-patched so
that subsequent calls will add the caller module and the required module to a
graph. When you call invalidate()
on a module, it deletes the module from
require.cache
and then it uses the graph to get the module's dependents and
deletes them from require.cache
as well.
Running with env vars DEBUG=invalidate-module
will log the modules that are
deleted from require.cache
.
FAQs
Removes a module and all of its dependents from the require cache
The npm package invalidate-module receives a total of 745 weekly downloads. As such, invalidate-module popularity was classified as not popular.
We found that invalidate-module demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.