Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
module-definition
Advanced tools
Determines the module definition type (CommonJS, AMD, ES6, or none) for a given JavaScript file by walking through the AST.
npm install module-definition
const getModuleType = require('module-definition');
// Async
getModuleType('myscript.js', (error, type) => {
console.log(type);
});
// Sync
let type = getModuleType.sync('myscript.js');
console.log(type);
// From source (string or an AST)
type = getModuleType.fromSource('define({foo: "foo"});');
console.log(type);
Passes one of the following strings to the given callback or returns the string in sync API:
You may also pass an AST to fromSource
to avoid an internal parsing of the source.
When specifying a filename, using the sync or async API, you can also provide an options
object with an alternative fs
implementation used to read the source file with.
const myFs = GetFs();
const options = { fileSystem: myFs };
// Async
getModuleType('myscript.js', (error, type) => {
console.log(type);
}, options);
// Sync
const type = getModuleType.sync('myscript.js', options);
Assumes a global install module-definition with npm install -g module-definition
module-definition filename
FAQs
Determines if a file is using a CommonJS or AMD module definition
We found that module-definition demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.