Research
Security News
The Growing Risk of Malicious Browser Extensions
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.
By Kush Pandya - Jun 13, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
look-up 
Faster drop-in replacement for find-up and findup-sync.
Install
Install with npm
$ npm i look-up --save
See the benchmarks or unit tests.
Usage
var lookup = require('look-up');
lookup('package.json');
//=> '/Users/jonschlinkert/dev/look-up/package.json'
look-up will recurse up from the cwd until it finds the given file.
lookup('package.json', { cwd: 'foo/bar' });
//=> '/Users/jonschlinkert/dev/look-up/package.json'
Glob patterns are also supported (string or array):
lookup(['*.json', '*.foo'], { cwd: 'foo/bar' });
//=> '/Users/jonschlinkert/dev/look-up/package.json'
Running benchmarks
Benchmarks were run on mac and windows. look-up is 5x-20x faster than findup-sync and 3x faster than find-up
Note that find-up does not support glob patterns, so these benchmarks only include arguments that are supported by all three libs.
As of November 20, 2015:
#1: deep-close
findup-sync x 5,797 ops/sec ±1.66% (90 runs sampled)
findup x 22,972 ops/sec ±0.82% (92 runs sampled)
lookup x 64,389 ops/sec ±0.75% (92 runs sampled)
#2: deep-far
findup-sync x 2,165 ops/sec ±1.01% (92 runs sampled)
findup x 8,250 ops/sec ±0.78% (96 runs sampled)
lookup x 12,730 ops/sec ±0.93% (92 runs sampled)
#3: nested
findup-sync x 21,603 ops/sec ±0.76% (93 runs sampled)
findup x 103,427 ops/sec ±0.93% (95 runs sampled)
lookup x 381,425 ops/sec ±0.91% (91 runs sampled)
#4: shallow
findup-sync x 6,565 ops/sec ±0.66% (92 runs sampled)
findup x 23,674 ops/sec ±0.89% (95 runs sampled)
lookup x 57,029 ops/sec ±0.83% (93 runs sampled)
To run the benchmarks, install dev dependencies:
npm i -d && npm run benchmark
Related
- is-glob: Returns
trueif the given string looks like a glob pattern or an extglob pattern.… more | homepage - look-up-cli: Find a file matching a pattern by walking up parent directories | homepage
- micromatch: Glob matching for javascript/node.js. A drop-in replacement and faster alternative to minimatch and multimatch. Just… more | homepage
Running tests
Install dev dependencies:
$ npm i -d && npm test
Coverage
As of November 20, 2015:
Statements : 100% (57/57)
Branches : 100% (26/26)
Functions : 100% (5/5)
Lines : 100% (55/55)
Contributing
Pull requests and stars are always welcome. For bugs and feature requests, please create an issue.
Author
Jon Schlinkert
License
Copyright © 2015 Jon Schlinkert Released under the MIT license.
This file was generated by verb-cli on November 20, 2015.
FAQs
Faster drop-in replacement for find-up and findup-sync.
The npm package look-up receives a total of 687 weekly downloads. As such, look-up popularity was classified as not popular.
We found that look-up demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 04 Feb 2016
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
2025 Blockchain and Cryptocurrency Threat Report: Malware in the Open Source Supply Chain
An in-depth analysis of credential stealers, crypto drainers, cryptojackers, and clipboard hijackers abusing open source package registries to compromise Web3 development environments.
By Kirill Boychenko - Jun 12, 2025
Security News
pnpm 10.12 Introduces Global Virtual Store and Expanded Version Catalogs
pnpm 10.12.1 introduces a global virtual store for faster installs and new options for managing dependencies with version catalogs.
By Sarah Gooding - Jun 11, 2025