Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

node-modules-dependencies-extractor

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

node-modules-dependencies-extractor

Extracts dependencies from the node_modules folder, to a reference format. This reference format is a JSON file containing arrays of objects with keys name and version.

  • 0.1.0
  • npm
  • Socket score
Version published
Weekly downloads
14
increased by75%
Maintainers
1
Weekly downloads
 
Created
Source

node-modules-dependencies-extractor

Description

Extracts dependencies from the node_modules folder of a Javascript project, to a reference format. This reference format is a JSON file containing arrays of objects with keys name and version. The node_modules folder is assumed to have been generated by one of the following commands: npm install or yarn install.

Outputs the following files:

  • dependencies_from_node_modules.json (name can be overriden) contains the dependencies as identified in the node_modules folder, in a reference format. This reference format is a JSON file containing arrays of objects with keys name and version. It contains unique objects by the combination name and version

Status

0.0.1, see CHANGELOG.md

Limitation

  • tested with the node_modules folder of various Javascript projects, as generated by the install command of the following package managers:
    • yarn
    • npm

Prerequisites

In order to run this project, you should have installed:

  • Node installed (we used node v12.2.0)
  • yarn (we used version v1.19.0) The input to this script should be a folder named node_modules, as generated by the install commands of either npm or yarn .

Usage

yarn extract [options]

Supported options:

FlagAliasFunctionality
--input [path]-i(mandatory) specifies path to the node_modules folder.
--output [filename]-o(optional) Filename to which the list of dependencies (name+version) is written (json format). If the file already exists, it will be overwritten. Default value: dependencies_from_node_modules.json
--verboseVerbose output of commands and errors
--help-hDisplays usage information
--version-vDisplays version number

Sample usage

yarn extract -i ./test-data/node_modules_samples/siblings_no_nesting

Technology stack

  • Javascript
  • This software is intended to be used standalone, as a command-line tool

How to build

Get the sources locally; in a command line, go to the root folder of this project and execute:

yarn install

How to test

yarn test

or

yarn coverage

How to do static analysis of code

Automatically enabled: standard

yarn lint

Owners

See CODEOWNERS

Maintainers

See MAINTAINERS.md

Contributing

See CONTRIBUTING.md

License

See LICENSE.md

Author

Sanda Contiu

Keywords

  • dependencies
  • sbom
  • software bill of material
  • node_modules
  • npm
  • yarn

Keywords

FAQs

Package last updated on 11 Jun 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

UK Officials Consider Banning Ransomware Payments from Public Entities

Security News

UK Officials Consider Banning Ransomware Payments from Public Entities

The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.

By Sarah Gooding  -  Jan 15, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc