nodesecurity-npm-utils
v6.0.0
Published
## Methods:
Downloads
135,149
Readme
node security project npm utilities
Methods:
getPackageJson = function (module, callback)
Return the full package document for the given module.
getShrinkwrapDependencies = function (shrinkwrapJson, callback)
Get a depTree for the module from a full npm-shrinkwrap.json. shrinkwrapJson should be an object from a parsed npm-shrinkwrap.json file (or look like one): required keys: name, version, dependencies.
var fs = require('fs');
getShrinkwrapDependencies(JSON.parse(fs.readFileSync('./npm-shrinkwrap.json')), function (err, depTree) {
console.log(depTree);
});depTree format
The returned depTree representing the full dependency tree object is in a format that's easier to traverse than a full tree. Each module in the full heirarchy has a key in the object of module@version. It's value is an object with parents, children and source.
Note that the root module has a key too.
e.g.:
//depTree for some-module version 1.1.0
{
//root module
"[email protected]": {
parents: [],
children: ["[email protected]", "[email protected]", "[email protected]"],
},
//root's dependencies
"[email protected]": {
parents: ["[email protected]"],
children: ["[email protected]"],
source: "npm"
},
"[email protected]": {
parents: ["[email protected]"],
children: ["[email protected]", "[email protected]"],
source: "npm"
},
"[email protected]": {
parents: ["[email protected]"],
children: [],
source: "unknown" //not on npm, maybe it's private/local?
}
//deeper dependencies
"[email protected]": {
parents: ["[email protected]", "[email protected]", "[email protected]"], //modules can be required multiple places in the tree
children: [],
source: "npm"
},
"[email protected]": {
parents: ["[email protected]"], //modules can be required multiple places in the tree
children: ["[email protected]"],
source: "npm"
}
}