Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
ts-morph
TypeScript Compiler API wrapper. Provides an easier way to programmatically navigate and manipulate TypeScript and JavaScript code.
Formerly ts-simple-ast.
Overview
Main Features
- Wraps the compiler API objects to provide helper methods for getting information and programmatically changing files.
- Allows falling back to the compiler API objects if necessary (ex.
classDeclaration.compilerNodeortypeChecker.compilerObject). - All changes are kept in memory (including file and directory moves) until specifying to save to the underlying file system.
- Changes are made to the text and wrapped nodes can be held on to between manipulations.
Getting Started
Library Progress
This library is still under active development. Most common code manipulation/generation use cases are implemented, but there's still a lot of work to do. Please open an issue if you find a feature missing, bug, or question that isn't in the issue tracker.
Example
import { Project, StructureKind } from "ts-morph";
// initialize
const project = new Project({
// Optionally specify compiler options, tsconfig.json, in-memory file system, and more here.
// If you initialize with a tsconfig.json, then it will automatically populate the project
// with the associated source files.
// Read more: https://ts-morph.com/setup/
});
// add source files
project.addSourceFilesAtPaths("src/**/*.ts");
const myClassFile = project.createSourceFile("src/MyClass.ts", "export class MyClass {}");
const myEnumFile = project.createSourceFile("src/MyEnum.ts", {
statements: [{
kind: StructureKind.Enum,
name: "MyEnum",
isExported: true,
members: [{ name: "member" }],
}],
});
// get information
const myClass = myClassFile.getClassOrThrow("MyClass");
myClass.getName(); // returns: "MyClass"
myClass.hasExportKeyword(); // returns: true
myClass.isDefaultExport(); // returns: false
// manipulate
const myInterface = myClassFile.addInterface({
name: "IMyInterface",
isExported: true,
properties: [{
name: "myProp",
type: "number",
}],
});
myClass.rename("NewName");
myClass.addImplements(myInterface.getName());
myClass.addProperty({
name: "myProp",
initializer: "5",
});
project.getSourceFileOrThrow("src/ExistingFile.ts").delete();
// asynchronously save all the changes above
await project.save();
// get underlying compiler node from the typescript AST from any node
const compilerNode = myClassFile.compilerNode;
Or navigate existing compiler nodes created with the TypeScript compiler (the ts named export is the TypeScript compiler):
import { createWrappedNode, ClassDeclaration, ts } from "ts-morph";
// some code that creates a class declaration using the ts object
const classNode: ts.ClassDeclaration = ...;
// create and use a wrapped node
const classDec = createWrappedNode(classNode) as ClassDeclaration;
const firstProperty = classDec.getProperties()[0];
// ... do more stuff here ...
Other packages similar to ts-morph
typescript
The 'typescript' package is the core TypeScript compiler itself. While ts-morph is built on top of it and provides a higher-level API for easier manipulation of TypeScript code, using the 'typescript' package directly requires more in-depth knowledge of the TypeScript compiler API.
jscodeshift
jscodeshift is a toolkit for running codemods over multiple JavaScript or TypeScript files. It provides a more scriptable interface for transforming code. Compared to ts-morph, jscodeshift is more focused on code transformations and less on detailed AST navigation or code generation.
babel
Babel is a widely used JavaScript compiler that allows developers to use next-generation JavaScript, today. It can be used for code transformations similar to ts-morph, but it's more focused on compiling modern JavaScript syntax to backwards-compatible versions. Babel's plugin system allows for powerful code transformations but requires more setup compared to ts-morph for TypeScript-specific tasks.
FAQs
TypeScript compiler wrapper for static analysis and code manipulation.
The npm package ts-morph receives a total of 2,838,213 weekly downloads. As such, ts-morph popularity was classified as popular.
We found that ts-morph demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 12 Oct 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025