spawn-wrap
Advanced tools
Wrap all spawned Node.js child processes by adding environs and arguments ahead of the main JavaScript file argument.
The spawn-wrap npm package is used to wrap child_process.spawn calls, allowing for modifications to the environment, arguments, and executable used in child processes. This is particularly useful for instrumenting child processes or modifying their behavior in a consistent way across a project.
Environment Variable Modification
This feature allows you to prepend command line options to node processes, enabling features like harmony in all spawned child processes.
const wrap = require('spawn-wrap');
wrap(['--harmony']);
require('child_process').spawn('node', ['script.js']);Executable Wrapping
This feature allows you to specify a custom executable (like a different version of Node.js) to be used for all child processes.
const wrap = require('spawn-wrap');
const wrappers = ['/path/to/custom/node'];
wrap(wrappers);
require('child_process').spawn('node', ['script.js']);cross-spawn is similar to spawn-wrap in that it also enhances the functionality of child_process.spawn. However, cross-spawn focuses more on cross-platform compatibility, ensuring that spawned processes work similarly across different operating systems, unlike spawn-wrap which focuses on wrapping and modifying spawn calls.
forever-monitor is a package that deals with managing and monitoring multiple child processes. While it provides some overlapping functionality with spawn-wrap in terms of managing child processes, its primary focus is on keeping these processes running continuously, which is different from the modification and instrumentation focus of spawn-wrap.
Wrap all spawned Node.js child processes by adding environs and arguments ahead of the main JavaScript file argument.
Any child processes launched by that child process will also be wrapped in a similar fashion.
This is a bit of a brutal hack, designed primarily to support code
coverage reporting in cases where tests or the system under test are
loaded via child processes rather than via require().
It can also be handy if you want to run your own mock executable instead of some other thing when child procs call into it.
var wrap = require('spawn-wrap')
// wrap(wrapperArgs, environs)
var unwrap = wrap(['/path/to/my/main.js', 'foo=bar'], { FOO: 1 })
// later to undo the wrapping, you can call the returned function
unwrap()
In this example, the /path/to/my/main.js file will be used as the
"main" module, whenever any Node or io.js child process is started,
whether via a call to spawn or exec, whether node is invoked
directly as the command or as the result of a shebang #! lookup.
In /path/to/my/main.js, you can do whatever instrumentation or
environment manipulation you like. When you're done, and ready to run
the "real" main.js file (ie, the one that was spawned in the first
place), you can do this:
// /path/to/my/main.js
// process.argv[1] === 'foo=bar'
// and process.env.FOO === '1'
// my wrapping manipulations
setupInstrumentationOrCoverageOrWhatever()
process.on('exit', function (code) {
storeCoverageInfoSynchronously()
})
// now run the instrumented and covered or whatever codes
require('spawn-wrap').runMain()
Spawn-wrap responds to two environment variables, both of which are preserved through child processes.
SPAWN_WRAP_DEBUG=1 in the environment will make this module dump a
lot of information to stderr.
SPAWN_WRAP_SHIM_ROOT can be set to a path on the filesystem where
the shim files are written in a .node-spawn-wrap-<id> folder. By
default this is done in $HOME, but in some environments you may wish
to point it at some other root. (For example, if $HOME is mounted
as read-only in a virtual machine or container.)
The initial wrap call uses synchronous I/O. Probably you should not be using this script in any production environments anyway.
Also, this will slow down child process execution by a lot, since we're adding a few layers of indirection.
The contract which this library aims to uphold is:
(Much of this made possible by foreground-child.)
There are a few ways situations in which this contract cannot be adhered to, despite best efforts:
node is invoked in a shell script,
the PATH environment variable is modified such that the the shim
will be run before the "real" node. However, since Windows does
not allow executing shebang scripts like regular programs, a
node.cmd file is required.dash doesn't always work. So, if you
use child_process.exec() on systems where /bin/sh is actually
dash, then the process may exit with a status code > 128 rather
than indicating that it received a signal.cmd.exe is even stranger with how it propagates and interprets
unix signals. If you want your programs to be portable, then
probably you wanna not rely on signals too much.PATH, and then calls a
specific node binary explicitly.FAQs
Wrap all spawned Node.js child processes by adding environs and arguments ahead of the main JavaScript file argument.
We found that spawn-wrap demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.