Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
The recast npm package is a JavaScript library for parsing, transforming, and printing JavaScript code. It allows developers to manipulate the syntax tree of JavaScript code, enabling tasks such as code refactoring, code generation, and more. Recast preserves the original formatting of the code as much as possible, which is useful when modifying existing code.
Parsing JavaScript code into an Abstract Syntax Tree (AST)
This feature allows you to parse a string of JavaScript code into an AST, which can then be manipulated or analyzed.
const recast = require('recast');
const code = 'let x = 42;';
const ast = recast.parse(code);
Transforming the AST
This feature enables you to traverse and modify the AST. In this example, all 'let' declarations are changed to 'var'.
const recast = require('recast');
const ast = recast.parse('let x = 42;');
recast.types.visit(ast, {
visitVariableDeclaration(path) {
path.node.kind = 'var';
return false;
}
});
const transformedCode = recast.print(ast).code;
Printing the modified AST back to JavaScript code
After modifying the AST, this feature allows you to print it back into a formatted JavaScript code string.
const recast = require('recast');
const ast = recast.parse('let x = 42;');
// ... modify the AST ...
const modifiedCode = recast.print(ast).code;
Babel is a widely-used JavaScript compiler that allows you to transform your JavaScript code using various plugins. It can parse and transform modern JavaScript features into a format compatible with older browsers. Babel's plugin system is more extensive than recast, and it is often used for compiling next-gen JavaScript features down to current standards.
Esprima is a JavaScript parser that produces an AST for JavaScript code. It is similar to recast in that it can be used for static code analysis and manipulation. However, unlike recast, Esprima does not focus on preserving the original code formatting.
jscodeshift is a toolkit for running codemods over multiple JavaScript or TypeScript files. It uses recast and babel under the hood for parsing and printing, but provides a higher-level API for transforming code, making it more accessible for writing complex codemods.
From NPM:
npm install recast
From GitHub:
cd path/to/node_modules
git clone git://github.com/benjamn/recast.git
cd recast
npm install .
In less poetic terms, Recast exposes two essential interfaces, one for parsing JavaScript code (require("recast").parse
) and the other for reprinting modified syntax trees (require("recast").print
).
Here's a simple but non-trivial example of how you might use .parse
and .print
:
var recast = require("recast");
// Let's turn this function declaration into a variable declaration.
var code = [
"function add(a, b) {",
" return a +",
" // Weird formatting, huh?",
" b;",
"}"
].join("\n");
// Parse the code using an interface similar to require("esprima").parse.
var ast = recast.parse(code);
Now do whatever you want to ast
. Really, anything at all!
// Grab a reference to the function declaration we just parsed.
var add = ast.program.body[0];
// Make sure it's a FunctionDeclaration (optional).
recast.namedTypes.FunctionDeclaration.assert(add);
// If you choose to use recast.builders to construct new AST nodes, all builder
// arguments will be dynamically type-checked against the Mozilla Parser API.
var b = recast.builders;
// This kind of manipulation should seem familiar if you've used Esprima or the
// Mozilla Parser API before.
ast.program.body[0] = b.variableDeclaration("var", [
b.variableDeclarator(add.id, b.functionExpression(
null, // Anonymize the function expression.
add.params,
add.body
))
]);
// Just for fun, because addition is commutative:
add.params.push(add.params.shift());
When you finish manipulating the AST, let recast.print
work its magic:
var output = recast.print(ast);
The output
string now looks exactly like this, weird formatting and all:
var add = function(b, a) {
return a +
// Weird formatting, huh?
b;
}
The magic of Recast is that it reprints only those parts of the syntax tree that you modify. In other words, the following identity is guaranteed:
recast.print(recast.parse(source)) === source
Whenever Recast cannot reprint a modified node using the orginal source code, it falls back to using a generic pretty printer. So the worst that can happen is that your changes trigger some harmless reformatting of your code.
If you really don't care about preserving the original formatting, you can access the pretty printer directly:
var output = recast.prettyPrint(ast, { tabWidth: 2 });
And here's the exact output
:
var add = function(b, a) {
return a + b;
}
Note that the weird formatting was discarded, yet the behavior and abstract structure of the code remain the same.
The more code you have, the harder it becomes to make big, sweeping changes quickly and confidently. Even if you trust yourself not to make too many mistakes, and no matter how proficient you are with your text editor, changing tens of thousands of lines of code takes precious, non-refundable time.
Is there a better way? Not always! When a task requires you to alter the semantics of many different pieces of code in subtly different ways, your brain inevitably becomes the bottleneck, and there is little hope of completely automating the process. Your best bet is to plan carefully, buckle down, and get it right the first time. Love it or loathe it, that's the way programming goes sometimes.
What I hope to eliminate are the brain-wasting tasks, the tasks that are bottlenecked by keystrokes, the tasks that can be expressed as operations on the syntactic structure of your code. Specifically, my goal is to make it possible for you to run your code through a parser, manipulate the abstract syntax tree directly, subject only to the constraints of your imagination, and then automatically translate those modifications back into source code, without upsetting the formatting of unmodified code.
And here's the best part: when you're done running a Recast script, if you're not completely satisfied with the results, blow them away with git reset --hard
, tweak the script, and just run it again. Change your mind as many times as you like. Instead of typing yourself into a nasty case of RSI, gaze upon your new wells of free time and ask yourself: what next?
Recast is ready for use with JavaScript today. There's nothing particularly JavaScript-specific about the ideas involved, but I write a lot of JS, and a good parser was readily available. If these ideas gain sufficient traction in the JavaScript community, more languages will undoubtedly follow.
FAQs
JavaScript syntax tree transformer, nondestructive pretty-printer, and automatic source map generator
The npm package recast receives a total of 7,679,622 weekly downloads. As such, recast popularity was classified as popular.
We found that recast demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.