Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
resolver-cache
Advanced tools
Readme
This is an unsafe Resolver Cache.
It intercepts require()
calls and caches:
Is unsafe is because there is this edge case:
src/file.js
requires some-module
via require()
callnode_modules/some-module
node_modules/some-module
is moved or removed../node_modules/some-module
It's still very useful as it decreases require()
time.
The highest recorded local net decrease was as high as 42.44%.
However this is not a guarantee, and you should always run your own performance test before and after using this package.
npm install --save-dev resolver-cache
In your file, make sure you run your code after class instantiation:
var cacheDir = path.join(__dirname, '..','.cache');
var resolverCacheInstance = new ResolverCache({
cacheFile: path.join(cacheDir, 'resolver-cache-server.sqlite3'),
disable: false,
}, function () {
// run your code here
});
const cacheDir = path.join(__dirname, '..', '.cache');
function startResolverCache() => {
return new Promise( (resolve, reject) =>{
new ResolverCache({
cacheFile: path.join(cacheDir, 'resolver-cache-server.sqlite3'),
disable: false,
}, () => {
resolve();
});
} );
}
The following configuration options are available
cacheFile
(string) the cache file to use; defaults to resolver-cache.sqlite3
in the OS's temporary directoryhookRequire
(bool) whether to intercept calls to require()
; defaults to true; this can be turned on later by calling classInstance.hookRequire()
alwaysVerifyCache
(bool) whether to verify filemtime and filesize during all calls, defaults to false. This is useful during dev for file watcherssaveDelay
(int) how many ms to wait for other file changes, before updating the cache database; defaults to 300disable
(bool) convenience parameter to disable the class entirely. Useful for debugging; defaults to falsetranspiler
(bool false or function) a function used to transform the contents of resolved files; defaults to false; the function is called with the following parameters: transpier(filepath, filesource)
; you are responsible for embedding transpiler options in the function you passresolve
(function) the original file path resolution mechanism; defaults to NodeJS's Module._resolveFilename
; this is useful for other tools such as webpack which already wrap resolutionvar resolverCache = new (require('resolver-cache'))( { /* config opts */ }, function(){
var webpackConfig = {
// ...
plugins: [
new webpack.ResolverPlugin( () => {
return { apply: function(resolver){
var oldResolve = resolver.resolve;
resolver.resolve = function resolve(context, request, callback) {
// perform cache lookup
var result = resolverCache.lookup(request, { id:context });
if(result){
return callback(null, result.path);
}
// call the old resolver
oldResolve.call(resolver, context, request, function(err, result) {
if(err) {
return callback(err);
}
// save to cache
try{
var source = fs.readFileSync(result, 'utf-8');
var mtime = fs.statSync(result).mtime.getTime();
resolverCache.cache(request, {id: context}, result, source, mtime);
}catch(e){
//
}
// send result on
callback(null, result);
});
};
} }
}),
// ...
]
}
} );
FAQs
Unsafe SQLITE3 paths and file contents cache for JS
The npm package resolver-cache receives a total of 0 weekly downloads. As such, resolver-cache popularity was classified as not popular.
We found that resolver-cache demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.