Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The walk-sync npm package is designed to provide a simple and efficient way to recursively list all files and directories within a given directory, similar to the Unix 'find' command. It is particularly useful for tasks involving file system traversal, such as building file trees, indexing project files, or performing batch operations on multiple files.
Basic Directory Listing
This feature allows you to list all files and directories within a specified directory. The result is an array of strings, each representing a path relative to the initial directory.
const walkSync = require('walk-sync');
const paths = walkSync('path/to/directory');
console.log(paths);
Directory Listing with Options
This feature enhances the basic directory listing by allowing you to specify options such as excluding directories from the output or filtering files by glob patterns. This is useful for more targeted file system operations.
const walkSync = require('walk-sync');
const options = { directories: false, globs: ['**/*.js'] };
const paths = walkSync('path/to/directory', options);
console.log(paths);
Directory Listing with Entry Objects
This feature returns detailed information about each file and directory in the form of entry objects, including properties like size and relativePath. This is useful for applications that need more information about file system entries than just their paths.
const walkSync = require('walk-sync');
const options = { directories: true, includeBasePath: true, entries: true };
const entries = walkSync('path/to/directory', options);
entries.forEach(entry => {
console.log(entry.relativePath, entry.size);
});
The 'glob' package provides pattern matching functionality to filter files in the file system. It is similar to walk-sync in its ability to traverse directories, but it focuses more on matching files against specified patterns rather than listing all files.
Similar to walk-sync, 'readdirp' allows for recursive directory listing with a focus on streaming the results. It offers a more event-driven approach, making it suitable for scenarios where processing large directories without blocking the event loop is important.
This package is an alternative to walk-sync that emphasizes performance and supports multiple patterns for file matching. 'fast-glob' is designed for speed and efficiency, making it a good choice for projects requiring fast file searching capabilities.
Return an array containing all recursive files and directories under a given
directory, similar to Unix find
. Follows symlinks. Bare-bones, but
very fast.
Similar to wrench.readdirSyncRecursive
,
but adds trailing slashes to directories.
Not to be confused with node-walk, which has both an asynchronous and a synchronous API.
yarn add walk-sync
const walkSync = require('walk-sync');
const paths = walkSync('project')
Given project/one.txt
and project/subdir/two.txt
, paths
will be the following
array:
['one.txt', 'subdir/', 'subdir/two.txt']
Directories come before their contents, and have a trailing forward-slash (on all platforms).
Symlinks are followed.
Sometimes, it is important to get additional information from a walk of a directory; for instance if the downstream consumer needs to stat the files we can leverage the stats from the walk.
To accommodate, walkSync.entries(path [, options])
is also provided, instead
of returning a list of files and/or directories it returns an array of objects
which correspond to a given file or directory, except with more data.
entry.relativePath
entry.mode // => fs.statSync(fullPath).mode
entry.size // => fs.statSync(fullPath).size
entry.mtime // => fs.statSync(fullPath).mtime.getTime()
entry.isDirectory() // => true if directory
globs
: An array of globs. Only files and directories that match at least
one of the provided globs will be returned.
const paths = walkSync('project', { globs: ['subdir/**/*.txt'] });
// => ['subdir/two.txt']
As an alternative to string globs, you can pass an array of precompiled
minimatch.Minimatch
instances. This is faster and allows to specify your own globbing options.
directories
(default: true): Pass false
to only return files, not
directories:
const paths = walkSync('project', { directories: false })
// => ['one.txt', 'subdir/two.txt']
ignore
: An array of globs. Files and directories that match at least one
of the provided globs will be pruned while searching.
const paths = walkSync('project', { ignore: ['subdir'] })
// => ['one.txt']
As an alternative to string globs, you can pass an array of precompiled
minimatch.Minimatch
instances. This is faster and allows to specify your own globbing options.
includeBasePath
(default: false): Pass true
to include the basePath in the output.
note: this flag is only for walkSync(..)
not walkSync.entries(..)
const paths = walkSync('project', { includeBasePath: true });
// => ['project/one.txt', 'project/subdir/two.txt']
fs
: Allows an alternative implementation of fs to be supplied.
examples of alternative file systems include memfs or graceful-fs
import {Volume, createFsFromVolume} from 'memfs'
const fs = createFsFromVolume(Volume.fromJSON({'aDir/aFile': 'some-contents'}))
const paths = walkSync('project', { fs });
// => ['aDir/', 'aDir/aFile']
globOptions
: Pass any options for Minimatch that will be applied to all items in globs
and ignore
that are strings.
If items in globs
or ignore
are instances of minimatch.Minimatch
, the globOptions
will not be applied.
walkSync(baseDir)
is a faster substitute for
glob.sync('**', {
cwd: baseDir,
dot: true,
mark: true,
strict: true
})
3.0.0
FAQs
Get an array of recursive directory contents
The npm package walk-sync receives a total of 1,490,257 weekly downloads. As such, walk-sync popularity was classified as popular.
We found that walk-sync demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.