Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
ts-node-dev
Advanced tools
ts-node-dev is a development tool for TypeScript that allows you to run and restart your TypeScript application automatically when files are modified. It combines the functionality of ts-node and nodemon, providing a seamless development experience for TypeScript projects.
Automatic Restart
Automatically restarts the TypeScript application when any file in the project is modified. This is useful for development as it eliminates the need to manually restart the server after making changes.
ts-node-dev --respawn src/index.ts
Fast Compilation
Uses TypeScript's transpile-only mode to speed up the compilation process. This is useful for development environments where type checking can be deferred to a later stage.
ts-node-dev --transpile-only src/index.ts
Ignore Files
Allows you to specify files or directories to ignore for changes. This is useful for excluding large directories like node_modules from being watched, which can improve performance.
ts-node-dev --ignore-watch node_modules src/index.ts
Custom Compiler
Allows you to specify a custom TypeScript compiler. This is useful if you are using a TypeScript compiler with additional features or plugins.
ts-node-dev --compiler ttypescript src/index.ts
Nodemon is a utility that monitors for any changes in your source and automatically restarts your server. It is language-agnostic and can be used with JavaScript, TypeScript, and other languages. Unlike ts-node-dev, nodemon does not provide TypeScript compilation out of the box and requires additional setup to work with TypeScript.
ts-node is a TypeScript execution environment and REPL for Node.js. It allows you to run TypeScript code directly without precompiling. However, it does not provide automatic restarts on file changes, which is a feature provided by ts-node-dev.
Webpack is a module bundler that can be used to compile TypeScript code and watch for changes. It is highly configurable and can be used with various plugins and loaders to achieve similar functionality to ts-node-dev. However, it is more complex to set up and configure compared to ts-node-dev.
Tweaked version of node-dev that uses ts-node under the hood.
It restarts target node process when any of required files changes (as standard node-dev
) but shares Typescript compilation process between restarts. This significantly increases speed of restarting comparing to node-dev -r ts-node/register ...
, nodemon -x ts-node ...
variations because there is no need to instantiate ts-node
compilation each time.
yarn add ts-node-dev --dev
npm i ts-node-dev --save-dev
ts-node-dev [node-dev|ts-node flags] [ts-node-dev flags] [node cli flags] [--] [script] [script arguments]
So you just combine node-dev and ts-node options (see docs of those packages):
ts-node-dev --respawn --transpile-only server.ts
There is also short alias tsnd
for running ts-node-dev
:
tsnd --respawn server.ts
Look up flags and options can be used in ts-node's docs.
Also there are additional options specific to ts-node-dev
:
--ignore-watch
- (default: []) - files/folders to be ignored by node-dev
. But this behaviour is enhanced: it also supports regular expression in the ignore strings and will check absolute paths of required files for match.
--deps
- Also watch node_modules
; by default watching is turned off
--debug
- Some additional [DEBUG] output
--quiet
- Silent [INFO] messages
--interval
- Polling interval (ms) - DOESN'T WORK CURRENTLY
--debounce
- Debounce file change events (ms, non-polling mode)
--clear
(--cls
) - Will clear screen on restart
--watch
- Explicitly add arbitrary files or folders to watch and restart on change (list separated by commas, chokidar patterns)
--exit-child
- Adds 'SIGTERM' exit handler in a child process.
--rs
- Allow to restart with "rs" line entered in stdio, disabled by default.
--notify
- to display desktop-notifications (Notifications are only displayed if node-notifier
is installed).
--cache-directory
- tmp dir which is used to keep the compiled sources (by default os tmp directory is used)
If you need to detect that you are running with ts-node-dev
, check if process.env.TS_NODE_DEV
is set.
Points of notice:
If you want desktop-notifications you should install node-notifier
package and use --notify
flag.
Especially for large code bases always consider running with --transpile-only
flag which is normal for dev workflow and will speed up things greatly. Note, that ts-node-dev
will not put watch handlers on TS files that contain only types/interfaces (used only for type checking) - this is current limitation by design.
--ignore-watch
will NOT affect files ignored by TS compilation. Use --ignore
option (or TS_NODE_IGNORE
env variable) to pass RegExp strings for filtering files that should not be compiled, by default /node_modules/
are ignored.
Unknown flags (node
cli flags are considered to be so) are treated like string value flags by default. The right solution to avoid ambiguity is to separate script name from option flags with --
, for example:
ts-node-dev --inspect -- my-script.ts
The good thing is that ts-node-dev
watches used tsconfig.json
file, and will reinitialize compilation on its change, but you have to restart the process manually when you update used version of typescript
or make any other changes that may effect compilation results.
If you have an issue, please create one. But, before:
--files
option enabled (see ts-node docs)--debug
flag and see the outputCurrently versioning is not stable and it is still treated as pre-release. You might expect some options API changes. If you want to avoid unexpected problems it is recommended to fixate the installed version and update only in case of issues, you may consult CHANGELOG for updates.
MIT.
FAQs
Compiles your TS app and restarts when files are modified.
The npm package ts-node-dev receives a total of 855,362 weekly downloads. As such, ts-node-dev popularity was classified as popular.
We found that ts-node-dev demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.