Research
/Security News
Fake imToken Chrome Extension Steals Seed Phrases via Phishing Redirects
Mixed-script homoglyphs and a lookalike domain mimic imToken’s import flow to capture mnemonics and private keys.
By Kirill Boychenko - Mar 05, 2026
You're Invited:Meet the Socket Team at RSAC and BSidesSF 2026, March 23–26.RSVP →
node-version-call-local
Advanced tools
node-version-call-local
Call a function in a Node version found in PATH.
This is a lightweight alternative to node-version-call that finds an existing Node in PATH rather than installing one. Use this when you need to execute code in a different Node version without the overhead of installation dependencies.
Installation
npm install node-version-call-local
Usage
Sync API (returns value, throws on error)
import { callSync, bindSync } from 'node-version-call-local';
// Immediate call - returns value synchronously
const result = callSync('>0.12', '/path/to/worker.js', {}, arg1, arg2);
// Bound caller for repeated use
const worker = bindSync('>0.12', '/path/to/worker.js', {});
const result1 = worker(arg1);
const result2 = worker(arg2);
Async API (callback or Promise)
import call, { bind } from 'node-version-call-local';
// With callback (last argument is function)
call('>0.12', '/path/to/worker.js', {}, arg1, (err, result) => {
if (err) return console.error(err);
console.log(result);
});
// With Promise (no callback)
const result = await call('>0.12', '/path/to/worker.js', {}, arg1);
// Bound caller with callback
const worker = bind('>0.12', '/path/to/worker.js', {});
worker(arg1, (err, result) => { /* ... */ });
// Bound caller with Promise
const result = await worker(arg1);
API
Sync Functions
callSync(version, workerPath, options?, ...args)
Execute a file synchronously in a Node version found in PATH.
- version - Semver constraint (
'>0.12','>=18','^16') or exact ('v18.0.0') - workerPath - Path to the file to execute
- options - Execution options (see below)
- args - Arguments to pass to the worker
Returns the result from the worker. Throws on error.
bindSync(version, workerPath, options?)
Create a bound caller for repeated synchronous use.
Returns a function (...args) => result that calls the worker.
Async Functions
call(version, workerPath, options?, ...args)
Execute a file asynchronously in a Node version found in PATH.
- If last argument is a function, it's treated as a callback:
(err, result) => void - Otherwise, returns a Promise
bind(version, workerPath, options?)
Create a bound caller for repeated async use.
Returns a function that:
- Takes a callback as last arg:
(...args, callback) => void - Or returns a Promise:
(...args) => Promise<result>
Options
interface CallOptions {
callbacks?: boolean; // Worker uses callback style (default: false)
spawnOptions?: boolean; // Use spawnOptions for child process env setup (default: true)
env?: NodeJS.ProcessEnv; // Environment variables (default: process.env)
}
- callbacks - Set to
trueif the worker function uses callback style (fn(...args, callback)) rather than returning a value or Promise - spawnOptions - When
true, sets up proper environment (PATH, etc.) so child processes spawned by the worker use the correct Node version - env - Custom environment variables to pass to the worker
Comparison with node-version-call
| Feature | node-version-call-local | node-version-call |
|---|---|---|
| Version not found | Throws error | Installs it |
| Dependencies | Lightweight | Heavy (install chain) |
| Version binding | At bind time | At call time |
| Use case | Polyfills, bootstrap code | Testing, exact versions |
Example: HTTPS polyfill for old Node
import { callSync } from 'node-version-call-local';
const major = +process.versions.node.split('.')[0];
const noHTTPS = major === 0;
function fetchFileSync(url) {
if (noHTTPS) {
// Current Node can't do HTTPS, find one that can
return callSync('>0', __filename, {}, url);
}
// Modern Node - fetch directly
return fetchSync(url);
}
Example: Async with Promise
import call from 'node-version-call-local';
async function fetchData(url) {
// Worker uses callback style internally
const result = await call('>10', '/path/to/worker.js', { callbacks: true }, url);
return result;
}
Example: npm install polyfill
import { bindSync } from 'node-version-call-local';
const major = +process.versions.node.split('.')[0];
// Worker that runs npm install
const workerPath = path.join(__dirname, 'workers', 'npmInstall.js');
// Need spawnOptions for npm environment
const npmInstall = bindSync('>10', workerPath, { spawnOptions: true });
function install(packageName) {
if (major > 10) {
// Current Node is fine
return runNpmInstall(packageName);
}
// Use older Node found in PATH
return npmInstall(packageName);
}
License
MIT
FAQs
Call a function in a Node version found in PATH
The npm package node-version-call-local receives a total of 2,448 weekly downloads. As such, node-version-call-local popularity was classified as popular.
We found that node-version-call-local demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 19 Dec 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Socket Named a Supply Chain Innovator in Latio's 2026 Application Security Market Report
Latio’s 2026 report recognizes Socket as a Supply Chain Innovator and highlights our work in 0-day malware detection, SCA, and auto-patching.
By Sarah Gooding - Mar 05, 2026
Company News
Meet the Socket Team at RSAC and BSidesSF 2026
Join Socket for live demos, rooftop happy hours, and one-on-one meetings during BSidesSF and RSA 2026 in San Francisco.
By Sarah Gooding - Mar 03, 2026