Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
A wonderfully simple way to load your code.
Tired of futzing around with require
statements everywhere, littering your code
with require File.dirname(__FILE__)
crap? What if you could just
point something at a big directory full of code and have everything just
automagically load?
Wouldn't that be nice? Well, now you can!
Add this line to your application's Gemfile:
gem 'require_all'
And then execute:
$ bundle
Or install it yourself as:
$ gem install require_all
require 'require_all'
# load all ruby files in the directory "lib" and its subdirectories
require_all 'lib'
# or load all files by using glob
require_all 'lib/**/*.rb'
# or load files in an Array
require_all Dir.glob("blah/**/*.rb").reject { |f| stupid_file? f }
# or load manually specified files
require_all 'lib/a.rb', 'lib/b.rb', 'lib/c.rb', 'lib/d.rb'
You can also load files relative to the current file by using require_rel
:
# Instead of
require File.dirname(__FILE__) + '/foobar'
# you can do simply like this
require_rel 'foobar'
You can give all the same argument types to the require_rel
as for require_all
.
It is recommended to use require_rel
instead of require_all
since it will require files relatively
to the current file (__FILE__
) as opposed to loading files relative from the working directory.
load_all
and load_rel
methods also exist to use Kernel#load
instead of Kernel#require
!
Files are required in alphabetical order and if there are files in nested directories, they are
required depth-first. If a NameError
caused by a reference to an uninitialised constant is
encountered during the requiring process, then a RequireAll::LoadError
will be thrown,
indicating the file that needs the dependency adding to.
This library also includes methods for performing autoload
- what a bargain!
Similar syntax is used as for require_(all|rel)
and load_(all|rel)
methods with some caveats:
# lib/dir1/dir2/my_file.rb
module Dir1
module Dir2
class MyFile
end
end
end
# lib/loader.rb
autoload_all File.dirname(__FILE__) + "/dir1"
base_dir
option has to be specified if loading directories or files from some other location
than top-level directory:# lib/dir1/other_file.rb
autoload_all File.dirname(__FILE__) + "/dir2/my_file.rb",
base_dir: File.dirname(__FILE__) + "/../dir1"
autoload_all
- this means that defined?(Dir1)
will
return "constant"
even if my_file.rb
is not yet loaded!Of course there's also an autoload_rel
method:
autoload_rel "dir2/my_file.rb", base_dir: File.dirname(__FILE__) + "/../dir1"
If having some problems with autoload_all
or autoload_rel
then set $DEBUG=true
to see how files
are mapped to their respective modules and classes.
As of version 2, RequireAll will raise a RequireAll::LoadError
if it encounters a NameError
caused by a reference to an uninitialised constant during the requiring process. As such, it is not
backwards compatible with version 1.x, but simple to upgrade by adding any requires to load
dependencies in files that need them. See CHANGES for more details.
You can reach the author on github or by email jarmo.p@gmail.com
MIT (see the LICENSE file for details)
FAQs
Unknown package
We found that require_all demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.