module-root-sync
Advanced tools
Finds the directory that the module resides in.
import moduleRoot from 'module-root-sync';
const root = moduleRoot(import.meta.filename);
interface RootOptions {
name?: string; // Custom marker filename (default: 'package.json')
includeSynthetic?: boolean; // Include synthetic package.json files (default: false)
}
By default, moduleRoot skips "synthetic" package.json files that only exist to specify the module system (e.g., { "type": "module" }). These are commonly found in dist/esm or dist/cjs directories.
A package.json is considered synthetic if it has no name field.
// Default: skips synthetic package.json, finds real one
const root = moduleRoot(import.meta.filename);
// Include synthetic package.json files
const root = moduleRoot(import.meta.filename, { includeSynthetic: true });
// Custom marker file (synthetic detection only applies to package.json)
const root = moduleRoot(import.meta.filename, { name: 'tsconfig.json' });
The keyExists option has been removed. If you were using keyExists: 'name' to skip synthetic packages, this is now the default behavior.
// v1.x
const root = moduleRoot(dir, { keyExists: 'name' });
// v2.x (same behavior, now default)
const root = moduleRoot(dir);
FAQs
Finds the directory that the modules resides in
We found that module-root-sync demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
An impersonated golang.org/x/crypto clone exfiltrates passwords, executes a remote shell stager, and delivers a Rekoobe backdoor on Linux.
Security News
npm rolls out a package release cooldown and scalable trusted publishing updates as ecosystem adoption of install safeguards grows.
Security News
AI agents are writing more code than ever, and that's creating new supply chain risks. Feross joins the Risky Business Podcast to break down what that means for open source security.