Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Returns true when the given `name` matches any of the path properties on a vinyl file.
Returns true when the given
name
matches any of the path properties on a vinyl file.
Please consider following this project's author, Jon Schlinkert, and consider starring the project to show your :heart: and support.
Install with npm:
$ npm install --save match-file
var matchFile = require('match-file');
Returns true if the given string matches one of the path properties on the file
object (does not match agains file.extname
only)
var File = require('vinyl');
var matchFile = require('match-file');
var file = new File({path: 'a/b/c.txt', base: 'a'});
var isMatch = matchFile('c.txt', file);
//=> true (since `c.txt` matches file.basename)
Examples
Continuing with the above setup code, all of the following would return true
:
// file.path
matchFile('a/b/c.txt', file);
// file.relative
matchFile('b/c.txt', file);
// file.basename
matchFile('c.txt', file);
// file.stem
matchFile('c', file);
Similar to matchFile
, but also supports glob patterns for matching. micromatch is used for matching, visit that project to see all available features and options.
var file = new File({path: 'a/b/c.txt'});
console.log(matcher.isMatch('*.js', file));
//=> false
var file = new File({path: 'a/b/c.js'});
console.log(matcher.isMatch('*.js', file));
//=> true
var File = require('vinyl');
var matchFile = require('match-file');
var file = new File({path: 'a/b/c/d/e.txt', base: 'a/b/c'});
file.key = 'zzz/a.txt'; // arbitrary key (for caching)
// file.path
console.log(matchFile.isMatch('a/b/c/d/e.txt', file));
// file.relative
console.log(matchFile.isMatch('d/e.txt', file));
// file.basename
console.log(matchFile.isMatch('e.txt', file));
// file.stem
console.log(matchFile.isMatch('e', file));
// file.key
console.log(matchFile.isMatch('zzz/a.txt', file));
// glob pattern for `file.path`
console.log(matchFile.isMatch('**/*.txt', file));
// glob pattern for `file.relative`
console.log(matchFile.isMatch('d/*.txt', file));
// glob pattern for `file.stem`
console.log(matchFile.isMatch('*', file));
// glob pattern for `file.basename`
console.log(matchFile.isMatch('*.txt', file));
Returns a matcher function bound to the given glob patterns
and options
. micromatch is used for matching, visit that project to see all available features and options.
var isMatch = matchFile.matcher('*.js');
console.log(isMatch);
//=> [function]
var file = new File({path: 'a/b/c.txt'});
console.log(isMatch(file));
//=> false
var file = new File({path: 'a/b/c.js'});
console.log(isMatch(file));
//=> true
Given this setup code:
var File = require('vinyl');
var matchFile = require('match-file');
var file = new File({path: 'a/b/c/d/e.txt', base: 'a/b/c'});
file.key = 'zzz/a.txt'; // arbitrary key (for caching)
All of the following examples would return true
:
// file.path
var isMatch = matchFile.matcher('a/b/c/d/e.txt');
console.log(isMatch(file));
// file.relative
var isMatch = matchFile.matcher('d/e.txt');
console.log(isMatch(file));
// file.basename
var isMatch = matchFile.matcher('e.txt');
console.log(isMatch(file));
// file.stem
var isMatch = matchFile.matcher('e');
console.log(isMatch(file));
// file.key
var isMatch = matchFile.matcher('zzz/a.txt');
console.log(isMatch(file));
// glob pattern for `file.path`
var isMatch = matchFile.matcher('**/*.txt');
console.log(isMatch(file));
// glob pattern for `file.relative`
var isMatch = matchFile.matcher('d/*.txt');
console.log(isMatch(file));
// glob pattern for `file.stem`
var isMatch = matchFile.matcher('*');
console.log(isMatch(file));
// glob pattern for `file.basename`
var isMatch = matchFile.matcher('*.txt');
console.log(isMatch(file));
Use in your gulp plugin:
var though = require('though2');
var gulp = require('gulp');
gulp.task('example', function() {
return gulp.src('src/**/*')
.pipe(filter('*.js'));
});
function filter(pattern, options) {
// define a matcher function outside of the plugin function
var isMatch = matchFile.matcher(pattern, options);
return through.obj(function(file, enc, next) {
// use the matcher function
if (isMatch(file)) {
next(null, file);
return;
}
next();
});
}
Pull requests and stars are always welcome. For bugs and feature requests, please create an issue.
Running and reviewing unit tests is a great way to get familiarized with a library and its API. You can install dependencies and run tests with the following command:
$ npm install && npm test
(This project's readme.md is generated by verb, please don't edit the readme directly. Any changes to the readme must be made in the .verb.md readme template.)
To generate the readme, run the following command:
$ npm install -g verbose/verb#dev verb-generate-readme && verb
You might also be interested in these projects:
Jon Schlinkert
Copyright © 2018, Jon Schlinkert. Released under the MIT License.
This file was generated by verb-generate-readme, v0.6.0, on February 14, 2018.
FAQs
Returns true when the given `name` matches any of the path properties on a vinyl file.
The npm package match-file receives a total of 21,142 weekly downloads. As such, match-file popularity was classified as popular.
We found that match-file demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.