Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
module-definition
Advanced tools
Determines if a file is using a CommonJS or AMD module definition
Determines the module definition type (CommonJS, AMD, ES6, or none) for a given JavaScript file by walking through the AST.
npm install module-definition
const getModuleType = require('module-definition');
// Async
getModuleType('myscript.js', (error, type) => {
console.log(type);
});
// Sync
let type = getModuleType.sync('myscript.js');
console.log(type);
// From source (string or an AST)
type = getModuleType.fromSource('define({foo: "foo"});');
console.log(type);
Passes one of the following strings to the given callback or returns the string in sync API:
You may also pass an AST to fromSource
to avoid an internal parsing of the source.
When specifying a filename, using the sync or async API, you can also provide an options
object with an alternative fs
implementation used to read the source file with.
const myFs = GetFs();
const options = { fileSystem: myFs };
// Async
getModuleType('myscript.js', (error, type) => {
console.log(type);
}, options);
// Sync
const type = getModuleType.sync('myscript.js', options);
Assumes a global install module-definition with npm install -g module-definition
module-definition filename
FAQs
Determines if a file is using a CommonJS or AMD module definition
The npm package module-definition receives a total of 1,295,290 weekly downloads. As such, module-definition popularity was classified as popular.
We found that module-definition demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.