Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Alternative to glob #182

Open
jimmywarting opened this issue May 21, 2023 · 2 comments
Open

Alternative to glob #182

jimmywarting opened this issue May 21, 2023 · 2 comments

Comments

@jimmywarting
Copy link

jimmywarting commented May 21, 2023
edited
Loading

Requested Update

Ditch glob

Why Is This Update Needed?

  • Every (sub)dependency is a potential vulnerable security risk 78% of vulnerabilities are found in indirect dependencies
  • There is a built in option to list files recursively.
  • And even without it, it could be very easy to implement a async iterator to do it
  • the native option is probably way faster
  • reduce dependencies / size
  • this are all the things you include by using glob

image

Are There Examples Of This Requested Update Elsewhere?

import { readdir } from 'node:fs/promises'

const files = await readdir(path, { recursive: true })

for (const file of files)
  console.log(file)

Since it's relative new, a own approch to this would be to just do:

import { opendir } from 'node:fs/promises'
import { join } from 'node:path'

/** @parma {string} path */
async function* readdir(path) {
  const dir = await opendir(path)
  for await (const dirent of dir) {
    const name = join(path, dirent.name)
    if (dirent.isDirectory()) {
      yield* listDir(name)
    } else {
      yield name
    }
  }
}

const files = await readdir(path)

for (const file of files)
  console.log(file)

This solution is probably way faster than any gulp alternative
and to provide more fine gradient filter create some default filter- generator

async function * match (iterable) {
  for await (const file of iterable)
    if (!file.include('node_module') && file.endsWith('.js')) yield file
}

for await (const file of match( readdir(path) )) {
  esCheck(path)
}

it dose not really need to be any fancy glob syntax

Read about references issues here. Provide paragraph text responses to each header.
@yowainwright
Copy link
Owner

@jimmywarting sorry it took me so long to see this! I'm on it asap!

@yowainwright
Copy link
Owner

@jimmywarting I dug into this a bit last night using your suggestions and trying to hack something up quick myself. This seems like a fun improvement (and good for security) but a higher effort task to do safely regarding the product.

It may be a lower LOE to switch to tiny-glob which only depends on modules the author wrote. If you wanna do this work (?) or have recommendations, I'll all ears. 😃

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@yowainwright @jimmywarting