Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Find files simply. Walks a directory tree emitting events based on what it finds. Presents a familiar callback/emitter/a+sync interface. Walk a tree of any depth.
The walkdir npm package is a utility for recursively traversing directories and handling files and directories found within. It provides a simple and efficient way to walk through directory trees, making it useful for tasks such as file system analysis, batch processing of files, and more.
Basic Directory Traversal
This feature allows you to traverse a directory and log each file and directory found. The callback function receives the path and stat object for each item.
const walk = require('walkdir');
walk('/path/to/directory', function(path, stat) {
console.log('Found:', path);
});
Filtering Files
This feature demonstrates how to filter files based on certain criteria, such as file extension. In this example, only JavaScript files are logged.
const walk = require('walkdir');
walk('/path/to/directory', function(path, stat) {
if (stat.isFile() && path.endsWith('.js')) {
console.log('Found JavaScript file:', path);
}
});
Handling Errors
This feature shows how to handle errors that may occur during directory traversal. The 'error' event is emitted with the path and error details.
const walk = require('walkdir');
const emitter = walk('/path/to/directory');
emitter.on('file', function(path, stat) {
console.log('Found file:', path);
});
emitter.on('error', function(path, err) {
console.error('Error for path', path, ':', err);
});
Asynchronous Traversal
This feature demonstrates synchronous directory traversal, where the entire directory tree is read and returned as an array of paths.
const walk = require('walkdir');
const paths = walk.sync('/path/to/directory');
paths.forEach(function(path) {
console.log('Found:', path);
});
fs-extra is a package that extends the native Node.js fs module with additional methods, including recursive directory traversal. It provides a higher-level API for file system operations, making it more versatile but also more complex compared to walkdir.
glob is a package for matching files using patterns. It can be used to find files and directories that match specific patterns, making it useful for tasks like file searching and filtering. Unlike walkdir, glob focuses on pattern matching rather than directory traversal.
readdirp is a recursive version of fs.readdir, providing a stream-based API for reading directories. It is similar to walkdir in that it allows for recursive directory traversal, but it uses streams for more efficient handling of large directory trees.
Find files. Walks a directory tree emitting events based on what it finds. Presents a familliar callback/emitter/sync interface. Walk a tree of any depth. This is a performant option any pull requests to make it more so will be taken into consderation..
var walk = require('walkdir');
//async with path callback
walk('../', function(path, stat) {
console.log('found: ', path);
});
//use async emitter to capture more events
var emitter = walk('../');
emitter.on('file', function(filename, stat) {
console.log('file from emitter: ', filename);
});
//sync with callback
walk.sync('../', function(path, stat) {
console.log('found sync:', path);
});
//sync just need paths
var paths = walk.sync('../');
console.log('found paths sync: ', paths);
// async await/promise!
let result = await walk.async('../',{return_object:true})
//result['path'] = {statObject}
npm install walkdir
walkdir(path, [options], [callback]) walkdir.sync(path, [options], [callback]);
path
options. supported options are
{
/**
* follow symlinks. default FALSE
*/
"follow_symlinks"?: boolean,
/**
* only go one level deep. convenience param.
*/
"no_recurse"?: boolean,
/**
* only travel to max depth. emits an error if hit.
*/
"max_depth"?: number,
/**
* on filesystems where inodes are not unique like windows (or perhaps hardlinks) some files may not be emitted due to inode collision.
* turning off this behavior may be required but at the same time may lead to hitting max_depth via link loop.
*/
"track_inodes"?: boolean;
/**
* make this syncronous. the same as calling walkdir.sync
*/
"sync"?:boolean,
/**
* return an object of {path:stat} instead of just the resolved path names
*/
"return_object"?: boolean,
/**
* dont build up an internal list or object of all of the paths. this can be an important optimization for listing HUGE trees.
*/
"no_return"?: boolean,
/**
* filter. filter an array of paths from readdir
*/
"filter"?:(directory:string,files:string[])=>string[]|Promise<string[]>,
/**
* pass in a custom fs object like gracfeful-fs
* needs stat, lstat, readdir, readlink and sync verisons if you use sync:true
*/
"fs"?:any,
/***
* default True. if false this will use stat insteqad of lstat and not find links at all.
*/
"find_links?":boolean,
}
walkdir.sync/walkdir.async only
{
"return_object": false, // if true the sync return will be in {path:stat} format instead of [path,path,...]
"no_return": false, // if true null will be returned and no array or object will be created with found paths. useful for large listings
}
callback
this is bound to the path event of the emitter. its optional in all cases.
callback(path, stat)
non error type events are emitted with (path,stat). stat is an instanceof fs.Stats
fired for everything
fired only for regular files
fired only for directories
fired when a symbolic link is found
fired when the entire tree has been read and emitted.
fired when a socket descriptor is found
fired when a fifo is found
fired when a character device is found
fired when a block device is found
fired for the stat of the path you provided as the first argument. is is only fired if it is a directory.
fired for empty directory
error type events are emitted with (path,error). error being the error object returned from an fs call or other opperation.
if the target path cannot be read an error event is emitted. this is the only failure case.
when stat or read fails on a path somewhere in the walk and it is not your target path you get a fail event instead of error. This is handy if you want to find places you dont have access too.
the async emitter returned supports 3 methods
###end stop a walk in progress
###pause pause the walk. no more events will be emitted until resume
###resume resume the walk
will not traverse these directories. may be called in the path event handler to ignore dynamically.
var walk = require('walkdir');
var p = require('path');
walk('/', function(path, stat) {
// ignore all .git directories.
if (p.basename(path) === '.git') {
this.ignore(path)
}
})
//cancel a walk in progress within callback.
var walk = require('walkdir');
walk('../', function(path, stat) {
this.end();
});
//cancel a walk in progress with emitter handle
var walk = require('walkdir');
var emitter = walk('../');
doSomethingAsync(function() {
emitter.end();
})
thanks to substack. the interface for this module is based off of node-findit
see CONTRIBUTING.md
for guidelines. this is an open opensource project.
FAQs
Find files simply. Walks a directory tree emitting events based on what it finds. Presents a familiar callback/emitter/a+sync interface. Walk a tree of any depth.
We found that walkdir demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.