
Product
Introducing Tier 1 Reachability: Precision CVE Triage for Enterprise Teams
Socket’s new Tier 1 Reachability filters out up to 80% of irrelevant CVEs, so security teams can focus on the vulnerabilities that matter.
merge-source-map
Advanced tools
The merge-source-map npm package is a utility that allows developers to merge multiple source maps. This is particularly useful in development environments where JavaScript files are transformed through processes like minification or transpilation, and maintaining accurate source maps is crucial for debugging.
Merge Source Maps
This feature allows the merging of two source maps into one. It is useful when you have transformations applied in stages and need to track the original source accurately across these transformations.
const mergeSourceMap = require('merge-source-map');
const originalMap = { version: 3, sources: ['foo.js'], names: [], mappings: 'AAAA' };
const additionalMap = { version: 3, sources: ['foo.js'], names: [], mappings: 'CAAC' };
const mergedMap = mergeSourceMap(originalMap, additionalMap);
console.log(mergedMap);
The 'source-map' package provides functionalities for generating and consuming source maps. It can be used to manipulate and merge source maps similarly to 'merge-source-map', but it also includes features for creating new source maps from scratch, which 'merge-source-map' does not offer.
Similar to 'merge-source-map', 'combine-source-map' allows for the combination of multiple source maps into a single map. It is particularly useful in browserify chains. The main difference is that 'combine-source-map' focuses more on integration with browserify, whereas 'merge-source-map' is more general-purpose.
Merge old source map and new source map in multi-transform flow
var merge = require('merge-source-map')
merge(oldMap, newMap)
Merge old source map and new source map and return merged. If old or new source map value is falsy, return another one as it is.
oldMap
: object|undefined
newmap
: object|undefined
var esprima = require('esprima'),
estraverse = require('estraverse'),
escodegen = require('escodegen'),
convert = require('convert-source-map'),
merge = require('merge-source-map')
const CODE = 'a = 1',
FILEPATH = 'a.js'
// create AST of original code
var ast = esprima.parse(CODE, {sourceType: 'module', loc: true})
// transform AST of original code
estraverse.replace(ast, {
enter: function(node, parent) { /* change AST */ },
leave: function(node, parent) { /* change AST */ }
})
// generate code and source map from transformed AST
var gen = escodegen.generate(ast, {
sourceMap: FILEPATH,
sourceMapWithCode: true,
sourceContent: CODE
})
// merge old source map and new source map
var oldMap = convert.fromSource(CODE) && convert.fromSource(CODE).toObject(),
newMap = JSON.parse(gen.map.toString()),
mergedMap = merge(oldMap, newMap),
mapComment = convert.fromObject(mergedMap).toComment()
// attach merge source map to transformed code
var transformed = gen.code + '\n' + mapComment
console.log(transformed);
% npm install
% npm test
MIT (c) keik
FAQs
Merge old source map and new source map in multi-transform flow
The npm package merge-source-map receives a total of 3,349,883 weekly downloads. As such, merge-source-map popularity was classified as popular.
We found that merge-source-map demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket’s new Tier 1 Reachability filters out up to 80% of irrelevant CVEs, so security teams can focus on the vulnerabilities that matter.
Research
/Security News
Ongoing npm supply chain attack spreads to DuckDB: multiple packages compromised with the same wallet-drainer malware.
Security News
The MCP Steering Committee has launched the official MCP Registry in preview, a central hub for discovering and publishing MCP servers.