New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

meriyah

Package Overview
Dependencies
Maintainers
0
Versions
920
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

meriyah

A 100% compliant, self-hosted javascript parser with high focus on both performance and stability

  • 6.0.4
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
105K
decreased by-12.35%
Maintainers
0
Weekly downloads
 
Created
Source

Meriyah

100% compliant, self-hosted javascript parser with high focus on both performance and stability. Stable and already used in production.

Meriyah NPM Node.js CI License


Interactive Playground Benchmark

Features

  • Conforms to the standard ECMAScript® 2024 (ECMA-262 15th Edition) language specification
  • Support some TC39 stage 3 proposals via option "next"
  • Support for additional ECMAScript features for Web Browsers (Annex B)
  • JSX support via option "jsx"
  • Does NOT support TypeScript or Flow syntax
  • Track syntactic node locations with option "ranges" or "loc"
  • Emits an ESTree-compatible abstract syntax tree
  • No backtracking
  • Low memory usage

ESNext Stage 3 features

Supported stage 3 features:

These features need to be enabled with the next option.

Not yet supported stage 3 features:

RegExp support

Meriyah doesn't parse RegExp internal syntax, ESTree spec didn't require internal structure of RegExp. Meriyah does use JavaScript runtime to validate the RegExp literal. That means Meriyah's RegExp support is only as good as JavaScript runtime's RegExp support.

As of Auguest 2024, some latest RegExp features are not supported due to missing implementation in general JavaScript runtime.

In addition, RegExp v flag (unicodeSets) only works on Nodejs v20+ and latest browsers.

Installation

npm install meriyah --save-dev

API

Meriyah generates AST according to ESTree AST format, and can be used to perform syntactic analysis (parsing) of a JavaScript program, and with ES2015 and later a JavaScript program can be either a script or a module.

The parse method exposed by meriyah takes an optional options object which allows you to specify whether to parse in script mode (the default) or in module mode.

// There are also "parseScript" and "parseModule" exported.
import { parse } from 'meriyah';
const result = parse('let some = "code";', { ranges: true });

The available options:

{
  // The flag to allow module code
  module: false;

  // The flag to enable stage 3 support (ESNext)
  next: false;

  // The flag to enable start, end offsets and range: [start, end] to each node
  ranges: false;

  // Enable web compatibility
  webcompat: false;

  // The flag to enable line/column location information to each node
  loc: false;

  // The flag to attach raw property to each literal and identifier node
  raw: false;

  // The flag to allow return in the global scope
  globalReturn: false;

  // The flag to enable implied strict mode
  impliedStrict: false;

  // Allows comment extraction. Accepts either a function or array
  onComment: [];

  // Allows detection of automatic semicolon insertion. Accepts a callback function that will be passed the charater offset where the semicolon was inserted
  onInsertedSemicolon: (pos) => {};

  // Allows token extraction. Accepts either a function or array
  onToken: [];

  // Enable non-standard parenthesized expression node
  preserveParens: false;

  // Enable lexical binding and scope tracking
  lexical: false;

  // Adds a source attribute in every node’s loc object when the locations option is `true`
  source: undefined; // Set to source: 'source-file.js'

  // Enable React JSX parsing
  jsx: false;
}

onComment and onToken

If an array is supplied, comments/tokens will be pushed to the array, the item in the array contains start/end/range information when ranges flag is true, it will also contain loc information when loc flag is true.

If a function callback is supplied, the signature must be

declare function onComment(type: string, value: string, start: number, end: number, loc: SourceLocation): void;

declare function onToken(token: string, start: number, end: number, loc: SourceLocation): void;

Note the start/end/loc information are provided to the function callback regardless of the settings on ranges and loc flags. onComment callback has one extra argument value: string for the body string of the comment.

onInsertedSemicolon

If a function callback is supplied, the signature must be

declare function onInsertedSemicolon(position: number): void;

Example usage

import { parseScript } from './meriyah';

parseScript('({x: [y] = 0} = 1)');

This will return when serialized in json:

{
    type: "Program",
    sourceType: "script",
    body: [
        {
            type: "ExpressionStatement",
            expression: {
                type: "AssignmentExpression",
                left: {
                    type: "ObjectPattern",
                    properties: [
                        {
                            type: "Property",
                            key: {
                                type: "Identifier",
                                name: "x"
                            },
                            value: {
                                type: "AssignmentPattern",
                                left: {
                                    type: "ArrayPattern",
                                    elements: [
                                        {
                                            "type": "Identifier",
                                            "name": "y"
                                        }
                                    ]
                                },
                                right: {
                                    type: "Literal",
                                    value: 0
                                }
                            },
                            kind: "init",
                            computed: false,
                            method: false,
                            shorthand: false
                        }
                    ]
                },
                operator: "=",
                right: {
                    type: "Literal",
                    value: 1
                }
            }
        }
    ]
}

Keywords

FAQs

Package last updated on 03 Jan 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Oracle Drags Its Feet in the JavaScript Trademark Dispute

Security News

Oracle Drags Its Feet in the JavaScript Trademark Dispute

Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.

By Sarah Gooding  -  Feb 07, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc