Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
The ts-node npm package is a TypeScript execution engine and REPL for Node.js. It allows developers to run TypeScript files directly without precompiling them to JavaScript. This is particularly useful for development purposes where you can execute scripts or run a REPL environment without an additional build step.
Execute TypeScript files
Run a TypeScript file directly from the command line without prior compilation.
ts-node script.ts
REPL
Start a TypeScript REPL (Read-Eval-Print Loop) to execute TypeScript code interactively.
ts-node
Transpile Only Mode
Run TypeScript files without type checking for faster execution, suitable for development.
ts-node --transpile-only script.ts
Type Checking
Enable type checking when running a TypeScript file, ensuring that the code adheres to the defined types.
ts-node --type-check script.ts
Integration with Testing Frameworks
Use ts-node to run TypeScript tests with Mocha or other Node.js testing frameworks.
mocha --require ts-node/register tests/**/*.spec.ts
esbuild-register uses the esbuild bundler to transpile TypeScript and JavaScript files on the fly. It is known for its speed and efficiency compared to ts-node, which can be slower due to its full type checking.
babel-node is a part of the Babel toolchain that allows running TypeScript and modern JavaScript directly. It is similar to ts-node but uses Babel for transpilation, which can be more configurable and supports a wider range of JavaScript features and experimental syntax.
sucrase-node is a development tool that allows super-fast development builds. It is similar to ts-node but focuses on speed by avoiding full type checking and supporting a subset of TypeScript features.
swc-node is a TypeScript/JavaScript compiler that uses SWC, a super-fast compiler written in Rust. It is designed to be a faster alternative to ts-node, especially for larger codebases.
TypeScript execution and REPL for node.js, with source map support. Works with
typescript@>=2.0
.
# Locally in your project
npm install -D ts-node
npm install -D typescript
# Or globally (not recommended)
npm install -g ts-node
npm install -g typescript
Tip: Installing modules locally allows you to control and share the versions through package.json
.
# Execute a script as `node` + `tsc`.
ts-node script.ts
# Starts a TypeScript REPL.
ts-node
# Execute code with TypeScript.
ts-node -e 'console.log("Hello, world!")'
# Execute, and print, code with TypeScript.
ts-node -p '"Hello, world!"'
# Pipe scripts to execute with TypeScript.
echo "console.log('Hello, world!')" | ts-node
You can require ts-node
and register the loader for future requires by using require('ts-node').register({ /* options */ })
. You can also use file shortcuts - node -r ts-node/register
or node -r ts-node/register/transpile-only
- depending on your preferences.
Note: If you need to use advanced node.js CLI arguments (e.g. --inspect
), use them with node -r ts-node/register
instead of the ts-node
CLI.
mocha --require ts-node/register --watch-extensions ts,tsx "test/**/*.{ts,tsx}" [...args]
Note: --watch-extensions
is only used in --watch
mode.
ts-node node_modules/tape/bin/tape [...args]
# Create a `gulpfile.ts` and run `gulp`.
gulp
Create a new node.js configuration, add -r ts-node/register
to node args and move the program
to the args
list (so VS Code doesn't look for outFiles
).
{
"type": "node",
"request": "launch",
"name": "Launch Program",
"runtimeArgs": [
"-r",
"ts-node/register"
],
"args": [
"${workspaceFolder}/index.ts"
]
}
TypeScript Node works by registering the TypeScript compiler for .tsx?
and .jsx?
extension (when allowJs == true
). When node.js has an extension registered (via require.extensions
), it will use the extension internally for module resolution. When an extension is unknown to node.js, it handles the file as .js
(JavaScript).
P.S. This means if you don't register an extension, it is compiled as JavaScript. When ts-node
is used with allowJs
, JavaScript files are transpiled using the TypeScript compiler.
tsconfig.json
Typescript Node loads tsconfig.json
automatically. Use --skip-project
to the loading tsconfig.json
.
Tip: You can use ts-node
together with tsconfig-paths to load modules according to the paths
section in tsconfig.json
.
You can set options by passing them before the script path, via programmatic usage or via environment variables.
ts-node --compiler ntypescript --project src/tsconfig.json hello-world.ts
Supports --print
, --eval
and --require
from node.js CLI options.
--help
Prints help text--version
Prints version informationEnvironment variable denoted in parentheses.
-T, --transpileOnly
Use TypeScript's faster transpileModule
(TS_NODE_TRANSPILE_ONLY
)--cacheDirectory
Configure the output file cache directory (TS_NODE_CACHE_DIRECTORY
)-I, --ignore [pattern]
Override the path patterns to skip compilation (TS_NODE_IGNORE
)-P, --project [path]
Path to TypeScript JSON project file (TS_NODE_PROJECT
)-C, --compiler [name]
Specify a custom TypeScript compiler (TS_NODE_COMPILER
)-D, --ignoreDiagnostics [code]
Ignore TypeScript warnings by diagnostic code (TS_NODE_IGNORE_DIAGNOSTICS
)-O, --compilerOptions [opts]
JSON object to merge with compiler options (TS_NODE_COMPILER_OPTIONS
)--files
Load files from tsconfig.json
on startup (TS_NODE_FILES
)--pretty
Use pretty diagnostic formatter (TS_NODE_PRETTY
)--no-cache
Disable the local TypeScript Node cache (TS_NODE_CACHE
)--skip-project
Skip project config resolution and loading (TS_NODE_SKIP_PROJECT
)--skip-ignore
Skip ignore checks (TS_NODE_SKIP_IGNORE
)transformers
An array of transformers to pass to TypeScriptreadFile
Custom TypeScript-compatible file reading functionfileExists
Custom TypeScript-compatible file existence functionTypeScript Node compiles source code via require()
, watching files and code reloads are out of scope for the project. If you want to restart the ts-node
process on file change, existing node.js tools such as nodemon, onchange and node-dev work.
There's also ts-node-dev
, a modified version of node-dev
using ts-node
for compilation and won't restart the process on file change.
MIT
FAQs
TypeScript execution environment and REPL for node.js, with source map support
We found that ts-node demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.