Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

mr-dep-walk

Package Overview
Dependencies
Maintainers
3
Versions
9
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

mr-dep-walk

[![Build Status](https://travis-ci.org/stefanpenner/mr-dep-walk.svg?branch=master)](https://travis-ci.org/stefanpenner/mr-dep-walk) [![Build status](https://ci.appveyor.com/api/projects/status/ybwgahl64faf0507?svg=true)](https://ci.appveyor.com/project/em

  • 1.4.0
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
8K
increased by16.68%
Maintainers
3
Weekly downloads
 
Created
Source

mr-dep-walk

Build Status Build status

This library extracts dependent files from both ES6 module syntax, and AMD module syntax;

Usage

yarn add mr-dep-walk

const {
  depFilesFromFile,
  depsFromFile,
  depsFromSource,
  depsFromAST
} = require('mr-dep-walk');

For depFilesFromFile given an entry file, it will produce a list of all dependent files (recursively):

// file.js
import x from 'y';

// y.js

depFilesFromFile({
  entry: 'file.js',
  /* cwd: optional, */
  /* parse: optional,  */
}); // => 'y.js';

For depsFromFile given a file, it will produce a list of its immediate dependent moduleNames;

// file.js
import x from 'y';

// y.js

depsFromFile({
  entry: 'file.js',
  /* cwd: optional, */
  /* parse: optional,  */
}); // => 'y';

For depsFromSource given the raw source, it will produce a list of its immediate dependent moduleNames;

depsFromSource(`import x from 'y'`/*, options */); // => 'y'

For depsFromAST given the AST, it will produce a list of its immediate dependent moduleNames;

depsFromSource(acorn.parse(`import x from 'y'`, {
  ecmaVersion: 8,
  sourceType: 'module'
})); // => 'y'

Custom Parse Step

By default mr-dep-walk will use:

source => acorn.parse(source, { ecmaVersion: 8, sourceType: 'module'})

But some methods (depFilesFromFile, depsFromFile, depsFromSource) support an alt-parser, example:

depFilesFromFile('some-file.js', {
  entry: 'foo.js',
  parse(source) {
    return customParser(source);
  },
});

FAQs

Package last updated on 09 Jan 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm

Security News

Research

Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm

The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.

By Kush Pandya  -  Dec 11, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc