nodesecurity-npm-utils
v6.0.0
Published
## Methods:
Downloads
108,739
Readme
node security project npm utilities
Methods:
getPackageJson = function (module, callback)
Return the full package document for the given module
.
getShrinkwrapDependencies = function (shrinkwrapJson, callback)
Get a depTree for the module from a full npm-shrinkwrap.json. shrinkwrapJson
should be an object from a parsed npm-shrinkwrap.json file (or look like one): required keys: name
, version
, dependencies
.
var fs = require('fs');
getShrinkwrapDependencies(JSON.parse(fs.readFileSync('./npm-shrinkwrap.json')), function (err, depTree) {
console.log(depTree);
});
depTree format
The returned depTree
representing the full dependency tree object is in a format that's easier to traverse than a full tree. Each module in the full heirarchy has a key in the object of module@version
. It's value is an object with parents
, children
and source
.
Note that the root module has a key too.
e.g.:
//depTree for some-module version 1.1.0
{
//root module
"[email protected]": {
parents: [],
children: ["[email protected]", "[email protected]", "[email protected]"],
},
//root's dependencies
"[email protected]": {
parents: ["[email protected]"],
children: ["[email protected]"],
source: "npm"
},
"[email protected]": {
parents: ["[email protected]"],
children: ["[email protected]", "[email protected]"],
source: "npm"
},
"[email protected]": {
parents: ["[email protected]"],
children: [],
source: "unknown" //not on npm, maybe it's private/local?
}
//deeper dependencies
"[email protected]": {
parents: ["[email protected]", "[email protected]", "[email protected]"], //modules can be required multiple places in the tree
children: [],
source: "npm"
},
"[email protected]": {
parents: ["[email protected]"], //modules can be required multiple places in the tree
children: ["[email protected]"],
source: "npm"
}
}