Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
requireindex
Advanced tools
Write minimal node index.js files that require and export siblings by file basename
The requireindex npm package is a utility that helps you require all modules in a directory and returns an object with the module names as keys and the modules themselves as values. This can be particularly useful for organizing and managing large codebases where you need to import multiple modules from a single directory.
Require all modules in a directory
This feature allows you to require all modules in a specified directory. The code sample demonstrates how to use requireindex to import all modules from the 'myModules' directory and log the resulting object.
const requireindex = require('requireindex');
const modules = requireindex(__dirname + '/myModules');
console.log(modules);
Custom file filtering
This feature allows you to filter which files to require based on a custom function. The code sample shows how to only require JavaScript files from the 'myModules' directory.
const requireindex = require('requireindex');
const modules = requireindex(__dirname + '/myModules', (filename) => filename.endsWith('.js'));
console.log(modules);
The require-all package is similar to requireindex in that it allows you to require all modules in a directory. However, require-all provides more configuration options, such as the ability to filter files by regular expressions, exclude certain files, and more. It is more flexible but also slightly more complex to use.
The include-all package is another alternative that allows you to include all files in a directory. It offers features like recursive directory inclusion and custom file filtering. Compared to requireindex, include-all is more feature-rich and provides more control over the inclusion process.
Write minimal node index.js files that require and export siblings by file basename
1.2.0
npm install requireindex
or in package.json
{
...
"dependencies": {
"requireindex": "1.1.x"
}
}
Check the test directory for example usage. The test/lib looks like:
lib/
index.js
Foo.js
bar/
index.js
f.js
fing.js
fed/
again.js
ignored.js
index.js
somemore.js
bam.js
_private.js
The index.js files in test/lib/ and test/lib/bar/ contain:
module.exports = require('requireindex')(__dirname);
and the index.js file in test/lib/bar/fed/ contains:
module.exports = require('requireindex')(__dirname, ['again', 'somemore']);
The optional second argument allows you to explicitly specify the required files using their basename. In this example test/lib/bar/fed/ignored.js is not included as a public module. The other way to make a module/file private without the need for explicitly naming all the other included files is to prefix the filename with an underscore, as demonstrated by test/lib/_private.js which is not exported.
So, with these index.js files, the result of
require('lib');
is:
{
bam: {
m: [Function],
n: [Function]
},
bar: {
f: [Function],
fed: {
again: [Function],
somemore: [Function]
},
fing: [Function]
},
Foo: {
l: [Function],
ls: [Function]
}
}
FAQs
Write minimal node index.js files that require and export siblings by file basename
We found that requireindex demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.