Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
parse-diff
Advanced tools
The `parse-diff` npm package is a utility for parsing unified diffs. It allows you to analyze and manipulate diff data, which is useful for applications that need to process changes between file versions, such as code review tools, version control systems, and more.
Parse a diff string
This feature allows you to parse a unified diff string into a structured format. The code sample demonstrates how to parse a diff string and log the resulting file changes.
const parse = require('parse-diff');
const diffString = `diff --git a/file1.txt b/file1.txt
index 83db48f..f735c2d 100644
--- a/file1.txt
+++ b/file1.txt
@@ -1,3 +1,3 @@
-Hello World
+Hello parse-diff
This is a test file.
It has multiple lines.`;
const files = parse(diffString);
console.log(files);
Access file changes
This feature allows you to access detailed information about file changes, including chunks and individual changes. The code sample demonstrates how to iterate through the parsed diff data and log the file, chunk, and change details.
const parse = require('parse-diff');
const diffString = `diff --git a/file1.txt b/file1.txt
index 83db48f..f735c2d 100644
--- a/file1.txt
+++ b/file1.txt
@@ -1,3 +1,3 @@
-Hello World
+Hello parse-diff
This is a test file.
It has multiple lines.`;
const files = parse(diffString);
files.forEach(file => {
console.log(`File: ${file.to}`);
file.chunks.forEach(chunk => {
console.log(`Chunk: ${chunk.content}`);
chunk.changes.forEach(change => {
console.log(`Change: ${change.content}`);
});
});
});
The `diff` package provides a set of tools to compare strings, arrays, and objects, and generate diffs. It is more general-purpose compared to `parse-diff`, which is specifically designed for parsing unified diff strings. `diff` can be used for a wider range of diffing tasks, but may require more effort to handle unified diff formats.
The `diff2html` package converts unified diff data into HTML. It is useful for visualizing diffs in a web application. While `diff2html` focuses on rendering diffs as HTML, `parse-diff` is more about parsing and analyzing the diff data. They can be used together, with `parse-diff` handling the parsing and `diff2html` handling the rendering.
The `git-diff-parser` package is another tool for parsing git diff output. It provides similar functionality to `parse-diff`, allowing you to parse and analyze diff data. However, `git-diff-parser` is specifically tailored for git diffs, whereas `parse-diff` can handle a broader range of unified diff formats.
Simple unified diff parser for nodejs
var parse = require('parse-diff');
var diff = ''; // input diff string
var files = parse(diff);
console.log(files.length); // number of patched files
files.forEach(function(file) {
console.log(file.lines.length); // number of hunk/added/deleted lines
// each line in file.lines is a string
console.log(file.deletions); // number of deletions in the patch
console.log(file.additions); // number of additions in the patch
});
FAQs
Unified diff parser
The npm package parse-diff receives a total of 354,347 weekly downloads. As such, parse-diff popularity was classified as popular.
We found that parse-diff demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.