🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
DemoInstallSign in
Socket
DemoInstallSign in

node-modules-dependencies-extractor

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

node-modules-dependencies-extractor

Extracts dependencies from the node_modules folder, to a reference format. This reference format is a JSON file containing arrays of objects with keys name and version.

0.1.1
latest
npm
Version published
Weekly downloads
5
-58.33%
Maintainers
1
Weekly downloads
 
Created
Source

node-modules-dependencies-extractor

Description

Extracts dependencies from the node_modules folder of a Javascript project, to a reference format. This reference format is a JSON file containing arrays of objects with keys name and version. The node_modules folder is assumed to have been generated by one of the following commands: npm install or yarn install.

Outputs the following files:

  • dependencies_from_node_modules.json (name can be overriden) contains the dependencies as identified in the node_modules folder, in a reference format. This reference format is a JSON file containing arrays of objects with keys name and version. It contains unique objects by the combination name and version

Status

0.1.1, see CHANGELOG.md

Limitation

  • tested with the node_modules folder of various Javascript projects, as generated by the install command of the following package managers:
    • yarn
    • npm

Prerequisites

In order to run this project, you should have installed:

  • Node installed (we used node v12.2.0)
  • yarn (we used version v1.19.0) The input to this script should be a folder named node_modules, as generated by the install commands of either npm or yarn .

Installation

Install globally:

npm install -g node-modules-dependencies-extractor

Or you could use it without installing by running:

npx node-modules-dependencies-extractor [options]

Usage

extract-nm-dependencies [options]

Supported options:

FlagAliasFunctionality
--input [path]-i(mandatory) specifies path to the node_modules folder.
--output [filename]-o(optional) Filename to which the list of dependencies (name+version) is written (json format). If the file already exists, it will be overwritten. Default value: dependencies_from_node_modules.json
--verboseVerbose output of commands and errors
--help-hDisplays usage information
--version-vDisplays version number

Sample usage

yarn extract-nm-dependencies -i ./test-data/node_modules_samples/siblings_no_nesting

Technology stack

  • Javascript
  • This software is intended to be used standalone, as a command-line tool

How to build

Get the sources locally; in a command line, go to the root folder of this project and execute:

yarn install

How to test

yarn test

or

yarn coverage

How to do static analysis of code

Automatically enabled: standard

yarn lint

Owners

See CODEOWNERS

Maintainers

See MAINTAINERS.md

Contributing

See CONTRIBUTING.md

License

See LICENSE.md

Author

Sanda Contiu

Keywords

  • dependencies
  • sbom
  • software bill of material
  • node_modules
  • npm
  • yarn

Keywords

dependencies
sbom
software bill of material
node_modules
npm
yarn

FAQs

Package last updated on 12 Jun 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious npm Package Wipes Codebases with Remote Trigger

Research

Security News

Malicious npm Package Wipes Codebases with Remote Trigger

A malicious npm typosquat uses remote commands to silently delete entire project directories after a single mistyped install.

By Kush Pandya  -  May 30, 2025