Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
resolve like require.resolve() on behalf of files asynchronously and synchronously
The resolve npm package is a module for resolving file paths within a project. It is particularly useful for resolving the path of a module as Node.js would, taking into account node_modules folders and the package.json file. It can be used both programmatically and as a command-line tool.
Asynchronously resolve the path of a module
This feature allows you to asynchronously find the path of a module from a given base directory. The callback receives the resolved path or an error if the module cannot be found.
const resolve = require('resolve');
resolve('module_name', { basedir: '/some/path' }, function (err, res) {
if (err) console.error(err);
else console.log(res);
});
Synchronously resolve the path of a module
This feature allows you to synchronously find the path of a module from a given base directory. It either returns the resolved path or throws an error if the module cannot be found.
const resolve = require('resolve');
try {
const res = resolve.sync('module_name', { basedir: '/some/path' });
console.log(res);
} catch (err) {
console.error(err);
}
Resolve a module with custom package filter
This feature allows you to specify a custom filter function to modify the package data before the resolution process. This can be useful for redirecting the main entry point of a package.
const resolve = require('resolve');
const opts = {
packageFilter: function (pkg) {
if (pkg.main) {
pkg.main = 'some-other-file.js';
}
return pkg;
}
};
resolve('module_name', opts, function (err, res) {
if (err) console.error(err);
else console.log(res);
});
Command-line interface
The resolve package also provides a command-line interface (CLI) that can be used to resolve the path of a module from the command line.
$ resolve module_name --basedir=/some/path
enhanced-resolve is a library that offers more advanced resolution options and plugins, similar to webpack's resolver. It is more complex and configurable compared to resolve.
browser-resolve is a resolve algorithm that takes browser field in package.json into account. It is similar to resolve but is specifically designed for browser environments.
require-resolve is a package that mimics node's require.resolve function. It is similar to resolve but focuses on mimicking the behavior of Node.js's native require.resolve method.
implements the node require.resolve()
algorithm
such that you can require.resolve()
on behalf of a file asynchronously and
synchronously
asynchronously resolve:
var resolve = require('resolve');
resolve('tap', { basedir: __dirname }, function (err, res) {
if (err) console.error(err);
else console.log(res);
});
$ node example/async.js
/home/substack/projects/node-resolve/node_modules/tap/lib/main.js
synchronously resolve:
var resolve = require('resolve');
var res = resolve.sync('tap', { basedir: __dirname });
console.log(res);
$ node example/sync.js
/home/substack/projects/node-resolve/node_modules/tap/lib/main.js
var resolve = require('resolve');
Asynchronously resolve the module path string id
into cb(err, res [, pkg])
, where pkg
(if defined) is the data from package.json
.
options are:
opts.basedir - directory to begin resolving from
opts.package - package.json
data applicable to the module being loaded
opts.extensions - array of file extensions to search in order
opts.readFile - how to read files asynchronously
opts.isFile - function to asynchronously test whether a file exists
opts.packageFilter(pkg, pkgfile)
- transform the parsed package.json contents before looking at the "main" field
opts.pathFilter(pkg, path, relativePath)
- transform a path within a package
opts.paths - require.paths array to use if nothing is found on the normal node_modules
recursive walk (probably don't use this)
opts.moduleDirectory - directory (or directories) in which to recursively look for modules. default: "node_modules"
opts.preserveSymlinks - if true, doesn't resolve basedir
to real path before resolving.
This is the way Node resolves dependencies when executed with the --preserve-symlinks flag.
Note: this property is currently true
by default but it will be changed to
false
in the next major version because Node's resolution algorithm does not preserve symlinks by default.
default opts
values:
{
paths: [],
basedir: __dirname,
extensions: ['.js'],
readFile: fs.readFile,
isFile: function isFile(file, cb) {
fs.stat(file, function (err, stat) {
if (!err) {
return cb(null, stat.isFile() || stat.isFIFO());
}
if (err.code === 'ENOENT' || err.code === 'ENOTDIR') return cb(null, false);
return cb(err);
});
},
moduleDirectory: 'node_modules',
preserveSymlinks: true
}
Synchronously resolve the module path string id
, returning the result and
throwing an error when id
can't be resolved.
options are:
opts.basedir - directory to begin resolving from
opts.extensions - array of file extensions to search in order
opts.readFile - how to read files synchronously
opts.isFile - function to synchronously test whether a file exists
opts.packageFilter(pkg, dir)
- transform the parsed package.json contents before looking at the "main" field
opts.pathFilter(pkg, path, relativePath)
- transform a path within a package
opts.paths - require.paths array to use if nothing is found on the normal node_modules
recursive walk (probably don't use this)
opts.moduleDirectory - directory (or directories) in which to recursively look for modules. default: "node_modules"
opts.preserveSymlinks - if true, doesn't resolve basedir
to real path before resolving.
This is the way Node resolves dependencies when executed with the --preserve-symlinks flag.
Note: this property is currently true
by default but it will be changed to
false
in the next major version because Node's resolution algorithm does not preserve symlinks by default.
default opts
values:
{
paths: [],
basedir: __dirname,
extensions: ['.js'],
readFileSync: fs.readFileSync,
isFile: function isFile(file) {
try {
var stat = fs.statSync(file);
} catch (e) {
if (e && (e.code === 'ENOENT' || e.code === 'ENOTDIR')) return false;
throw e;
}
return stat.isFile() || stat.isFIFO();
},
moduleDirectory: 'node_modules',
preserveSymlinks: true
}
Return whether a package is in core.
With npm do:
npm install resolve
MIT
FAQs
resolve like require.resolve() on behalf of files asynchronously and synchronously
The npm package resolve receives a total of 59,670,540 weekly downloads. As such, resolve popularity was classified as popular.
We found that resolve demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.