Research
Security News
Malicious PyPI Package ‘pycord-self’ Targets Discord Developers with Token Theft and Backdoor Exploit
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
resolve like require.resolve() on behalf of files asynchronously and synchronously
The resolve npm package is a module for resolving file paths within a project. It is particularly useful for resolving the path of a module as Node.js would, taking into account node_modules folders and the package.json file. It can be used both programmatically and as a command-line tool.
Asynchronously resolve the path of a module
This feature allows you to asynchronously find the path of a module from a given base directory. The callback receives the resolved path or an error if the module cannot be found.
const resolve = require('resolve');
resolve('module_name', { basedir: '/some/path' }, function (err, res) {
if (err) console.error(err);
else console.log(res);
});
Synchronously resolve the path of a module
This feature allows you to synchronously find the path of a module from a given base directory. It either returns the resolved path or throws an error if the module cannot be found.
const resolve = require('resolve');
try {
const res = resolve.sync('module_name', { basedir: '/some/path' });
console.log(res);
} catch (err) {
console.error(err);
}
Resolve a module with custom package filter
This feature allows you to specify a custom filter function to modify the package data before the resolution process. This can be useful for redirecting the main entry point of a package.
const resolve = require('resolve');
const opts = {
packageFilter: function (pkg) {
if (pkg.main) {
pkg.main = 'some-other-file.js';
}
return pkg;
}
};
resolve('module_name', opts, function (err, res) {
if (err) console.error(err);
else console.log(res);
});
Command-line interface
The resolve package also provides a command-line interface (CLI) that can be used to resolve the path of a module from the command line.
$ resolve module_name --basedir=/some/path
enhanced-resolve is a library that offers more advanced resolution options and plugins, similar to webpack's resolver. It is more complex and configurable compared to resolve.
browser-resolve is a resolve algorithm that takes browser field in package.json into account. It is similar to resolve but is specifically designed for browser environments.
require-resolve is a package that mimics node's require.resolve function. It is similar to resolve but focuses on mimicking the behavior of Node.js's native require.resolve method.
implements the node require.resolve()
algorithm
such that you can require.resolve()
on behalf of a file asynchronously and
synchronously
asynchronously resolve:
var resolve = require('resolve');
resolve('tap', { basedir: __dirname }, function (err, res) {
if (err) console.error(err)
else console.log(res)
});
$ node example/async.js
/home/substack/projects/node-resolve/node_modules/tap/lib/main.js
synchronously resolve:
var resolve = require('resolve');
var res = resolve.sync('tap', { basedir: __dirname });
console.log(res);
$ node example/sync.js
/home/substack/projects/node-resolve/node_modules/tap/lib/main.js
var resolve = require('resolve')
Asynchronously resolve the module path string id
into cb(err, res [, pkg])
, where pkg
(if defined) is the data from package.json
.
options are:
opts.basedir - directory to begin resolving from
opts.package - package.json
data applicable to the module being loaded
opts.extensions - array of file extensions to search in order
opts.readFile - how to read files asynchronously
opts.isFile - function to asynchronously test whether a file exists
opts.packageFilter - transform the parsed package.json contents before looking at the "main" field
opts.pathFilter(pkg, path, relativePath) - transform a path within a package
opts.paths - require.paths array to use if nothing is found on the normal node_modules recursive walk (probably don't use this)
opts.moduleDirectory - directory (or directories) in which to recursively look for modules. default: "node_modules"
opts.preserveSymlinks - if true, doesn't resolve basedir
to real path before resolving.
This is the way Node resolves dependencies when executed with the --preserve-symlinks flag.
Note: this property is currently true
by default but it will be changed to
false
in the next major version because Node's resolution algorithm does not preserve symlinks by default.
default opts
values:
{
paths: [],
basedir: __dirname,
extensions: [ '.js' ],
readFile: fs.readFile,
isFile: function (file, cb) {
fs.stat(file, function (err, stat) {
if (err && err.code === 'ENOENT') cb(null, false)
else if (err) cb(err)
else cb(null, stat.isFile())
});
},
moduleDirectory: 'node_modules',
preserveSymlinks: true
}
Synchronously resolve the module path string id
, returning the result and
throwing an error when id
can't be resolved.
options are:
opts.basedir - directory to begin resolving from
opts.extensions - array of file extensions to search in order
opts.readFile - how to read files synchronously
opts.isFile - function to synchronously test whether a file exists
opts.packageFilter(pkg, pkgfile)
- transform the parsed package.json
contents before looking at the "main" field
opts.paths - require.paths array to use if nothing is found on the normal node_modules recursive walk (probably don't use this)
opts.moduleDirectory - directory (or directories) in which to recursively look for modules. default: "node_modules"
opts.preserveSymlinks - if true, doesn't resolve basedir
to real path before resolving.
This is the way Node resolves dependencies when executed with the --preserve-symlinks flag.
Note: this property is currently true
by default but it will be changed to
false
in the next major version because Node's resolution algorithm does not preserve symlinks by default.
default opts
values:
{
paths: [],
basedir: __dirname,
extensions: [ '.js' ],
readFileSync: fs.readFileSync,
isFile: function (file) {
try { return fs.statSync(file).isFile() }
catch (e) { return false }
},
moduleDirectory: 'node_modules',
preserveSymlinks: true
}
Return whether a package is in core.
With npm do:
npm install resolve
MIT
FAQs
resolve like require.resolve() on behalf of files asynchronously and synchronously
The npm package resolve receives a total of 52,830,486 weekly downloads. As such, resolve popularity was classified as popular.
We found that resolve demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.