Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

packageurl-js

Package Overview
Dependencies
Maintainers
1
Versions
16
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

packageurl-js

JavaScript library to parse and build "purl" aka. package URLs. This is a microlibrary implementing the purl spec at https://github.com/package-url

  • 0.0.1
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
241K
decreased by-2.19%
Maintainers
1
Weekly downloads
 
Created

What is packageurl-js?

The packageurl-js npm package is a JavaScript implementation of the Package URL (purl) specification. It allows you to parse, construct, and manipulate package URLs, which are used to identify and locate software packages in a standardized way.

What are packageurl-js's main functionalities?

Parsing a Package URL

This feature allows you to parse a package URL string into its components. The code sample demonstrates how to parse a package URL for the Angular core package.

const { PackageURL } = require('packageurl-js');
const purl = PackageURL.fromString('pkg:npm/%40angular/core@12.0.0');
console.log(purl);

Constructing a Package URL

This feature allows you to construct a package URL from its components. The code sample demonstrates how to create a package URL for the Angular core package.

const { PackageURL } = require('packageurl-js');
const purl = new PackageURL('npm', '@angular', 'core', '12.0.0', null, null);
console.log(purl.toString());

Manipulating a Package URL

This feature allows you to manipulate the components of a package URL. The code sample demonstrates how to change the version of an existing package URL.

const { PackageURL } = require('packageurl-js');
let purl = new PackageURL('npm', '@angular', 'core', '12.0.0', null, null);
purl.version = '12.1.0';
console.log(purl.toString());

Other packages similar to packageurl-js

Keywords

FAQs

Package last updated on 17 Aug 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc