New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

luna-scanner

Package Overview
Dependencies
Maintainers
1
Versions
9
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

luna-scanner

LUNA: Library Usage in Node.js Analyzer

  • 1.11.0
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
0
decreased by-100%
Maintainers
1
Weekly downloads
 
Created
Source

NPM version NPM downloads GitHub issues GitHub stars

☾ LUNA - Library Usage in Node.js Analyzer

luna

Description

LUNA is a software development tool for node.js (and other javascript) projects, with a focus on libraries. The goal of LUNA is to aid developers in better understanding how libraries are being utilized in their projects.

Requirements

  • Node.js
  • Your node.js project

Usage

Inside any node.js project, run:

npx luna-scanner

After analyzing the source code, it will generate a LUNA report, which includes a visualization about the interaction between source code and libraries.

LUNA Report Manual
  • Drag (click and hold) the mouse to pan around or move nodes around
  • Use the mouse wheel to zoom in or out
  • Hovering over a node will display information on the bottom left and highlight connected nodes
  • Using Shift + Click on a node will lock it, so that focus remains on this node (Shift + Click node again to unlock)
  • Double Click nodes or groups in the graph or menu to collapse/expand them
  • Use the menu on the left to manipulate the graph:
    1. Adjust the scale of the graph / space between nodes
    2. Adjust the layout of the graph / position of the nodes
    3. Hide a selection of nodes (representing libraries or files)
    4. Highlight a selection of nodes (representing libraries or files)
  • Hover your mouse above menu items to find more information about their functionality

Configuration

Via package.json (defaults):

{
   ...
   "luna": {
      "debug": false,            // toggle debug mode
      "components": {            // toggle components of LUNA
         "callGraph": true,      // detection of function calls within files
         "dependencyTree": true, // detection of dependency chains
         "libraryAPI": true,     // detection of used API of libraries
      },
      "ignore": [],              // array of glob patterns for LUNA's scanner to ignore
   },
   ...
}

Via command line arguments (limited):

npx luna-scanner [path_to_project] [debug]

Known Issues

  • The library used to handle collapsing and expanding of nodes may break in some situations. Best to avoid excessive collapsing/expanding.

Feedback

Much appreciated! I encourage you to use my feedback form.

Keywords

FAQs

Package last updated on 05 Oct 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

vlt Launches "reproduce": A New Tool Challenging the Limits of Package Provenance

Security News

vlt Launches "reproduce": A New Tool Challenging the Limits of Package Provenance

vlt's new "reproduce" tool verifies npm packages against their source code, outperforming traditional provenance adoption in the JavaScript ecosystem.

By Sarah Gooding  -  Feb 26, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc