npmpackage.info

esm

Tomorrow's ECMAScript modules today!

3.2.25

5,271

NOASSERTION

JavaScript

1.32 kB

595,037,985 1.6

Installations

npm install esm

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Min. Node Version

>=6

Node Version

12.2.0

NPM Version

6.9.0 Score

97.2

Supply Chain

88.7

Quality

75.9

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

3

Total

132

Closed

76

Merged

53

Issues

Open

83

Total

648

Closed

565

Releases

188

3.2.25

Updated on May 17, 2019

3.2.24

Updated on May 16, 2019

3.2.23

Updated on May 16, 2019

3.2.22

Updated on Mar 29, 2019

3.2.21

Updated on Mar 29, 2019

3.2.20

Updated on Mar 21, 2019

View All 188 releases

Contributors

Unable to fetch Contributors

View All 29 Contributors

Languages

JavaScript

WebAssembly

TypeScript

CoffeeScript

JavaScript (99.87%)

WebAssembly (0.08%)

TypeScript (0.05%)

validate.email 🚀

Verify real, reachable, and deliverable emails with instant MX records, SMTP checks, and disposable email detection.

Developer

standard-things

Download Statistics

Total Downloads

595,037,985

Last Day

579,920

Last Week

3,063,765

Last Month

13,038,189

Last Year

135,659,702

GitHub Statistics

NOASSERTION License

5,271 Stars

6,378 Commits

147 Forks

56 Watchers

1 Branches

29 Contributors

Updated on Mar 13, 2025

Bundle Size

2.78 kB

Minified

1.32 kB

Minified + Gzipped

Bundlephobia

Maintainers

Package Meta Information

Latest Version

3.2.25

Package Id

esm@3.2.25

Size

89.29 kB

NPM Version

6.9.0

Node Version

12.2.0

Published on

May 17, 2019

Total Downloads

Cumulative downloads

Total Downloads

595,037,985

Last Day

4.9%

579,920

Compared to previous day

Last Week

2.6%

3,063,765

Compared to previous week

Last Month

12.3%

13,038,189

Compared to previous month

Last Year

11.2%

135,659,702

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

No dependencies detected.

esm

The brilliantly simple, babel-less, bundle-less ECMAScript module loader.

esm is the world’s most advanced ECMAScript module loader. This fast, production ready, zero dependency loader is all you need to support ECMAScript modules in Node 6+. See the release post and video for details!

Install

New projects

Run npm init esm or yarn create esm.

:bulb: Use the -y flag to answer “yes” to all prompts.
Existing projects

Run npm i esm or yarn add esm.

Getting started

There are two ways to enable esm.

Enable esm for packages:

Use esm to load the main ES module and export it as CommonJS.

index.js

1// Set options as a parameter, environment variable, or rc file.
2require = require("esm")(module/*, options*/)
3module.exports = require("./main.js")

main.js

1// ESM syntax is supported.
2export {}

:bulb: These files are automagically created with npm init esm or yarn create esm.

Enable esm for local runs:
```
1node -r esm main.js
```
:bulb: Omit the filename to enable esm in the REPL.

Features

:clap: By default, :100: percent CJS interoperability is enabled so you can get stuff done.
:lock: .mjs files are limited to basic functionality without support for esm options.

Out of the box esm just works, no configuration necessary, and supports:

Passing all applicable test262 compliance tests
import/export
import.meta
Dynamic import
Live bindings
File URI scheme
Node stdin, --eval, --print flags
Node --check flag (Node 10+)

Options

Specify options with one of the following:

"esm" field in package.json
CJS/ESM in an .esmrc.js, .esmrc.cjs, or .esmrc.mjs file
JSON6 in an .esmrc or .esmrc.json file
JSON6 or file path in the ESM_OPTIONS environment variable
ESM_DISABLE_CACHE environment variable

{

"cjs":true

A boolean or object for toggling CJS features in ESM.

Features

`{`
`"cache":true`	A boolean for storing ES modules in `require.cache`.
`"esModule":true`	A boolean for `__esModule` interoperability.
`"extensions":true`	A boolean for respecting `require.extensions` in ESM.
`"mutableNamespace":true`	A boolean for mutable namespace objects.
`"namedExports":true`	A boolean for importing named exports of CJS modules.
`"paths":true`	A boolean for following CJS path rules in ESM.
`"vars":true`	A boolean for `__dirname`, `__filename`, and `require` in ESM.
`"dedefault":false`	A boolean for requiring ES modules without the dangling `require().default`.
`"topLevelReturn":false`	A boolean for top-level `return` support.
`}`

"mainFields":["main"]

An array of fields checked when importing a package.

"mode":"auto"

A string mode:

"auto" detect files with import, import.meta, export,
"use module", or .mjs as ESM.
"all" files besides those with "use script" or .cjs are treated as ESM.
"strict" to treat only .mjs files as ESM.

"await":false

A boolean for top-level await in modules without ESM exports. (Node 10+)

"force":false

A boolean to apply these options to all module loads.

"wasm":false

A boolean for WebAssembly module support. (Node 8+)

}

DevOpts

`{`
`"cache":true`	A boolean for toggling cache creation or a cache directory path.
`"sourceMap":false`	A boolean for including inline source maps.
`}`

Tips

Bundling

For bundlers like browserify+esmify, parcel-bundler, and webpack add a "module" field to package.json pointing to the main ES module.
```
1"main": "index.js",
2"module": "main.js"
```
:bulb: This is automagically done with npm init esm or yarn create esm.

Extensions

Enable esm for wallaby.js following their integration example.

Loading

Load esm before loaders/monitors like @babel/register, newrelic, sqreen, and ts-node.
Load esm for jasmine using the "helpers" field in jasmine.json:
```
1"helpers": [
2  "node_modules/esm"
3]
```
Load esm with “node-args" options of:
- pm2: --node-args="-r esm"
Load esm with “require” options of ava, mocha, nodemon, nyc, qunit, tape, and webpack.

:bulb: Builtin require cannot sideload .mjs files. However, .js files can be sideloaded or .mjs files may be loaded with dynamic import.

Stable Version

3.2.25

Moderate

0/10

Summary

Regular Expression Denial of Service

Affected Versions

< 3.1.0

Patched Versions

3.1.0

9

License

Determines if the project has defined a license.

8

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

1

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

Security-Policy

Determines if the project has published a security policy.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

105 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-pp75-xfpw-37g9
Warn: Project is vulnerable to: GHSA-7v5v-9h63-cj86
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99
Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
Warn: Project is vulnerable to: GHSA-pp7h-53gx-mx7r
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-9j49-mfvp-vmhm
Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-r9p9-mrjm-926w
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-2j2x-2gpw-g8fm
Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4
Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g
Warn: Project is vulnerable to: GHSA-56x4-j7p9-fcf9
Warn: Project is vulnerable to: GHSA-v78c-4p63-2j6c
Warn: Project is vulnerable to: GHSA-4c7m-wxvm-r7gc
Warn: Project is vulnerable to: GHSA-pch5-whg9-qr2r
Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p
Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-g6ww-v8xp-vmwg
Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
Warn: Project is vulnerable to: GHSA-hwj9-h5mp-3pm3
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-g954-5hwp-pp24
Warn: Project is vulnerable to: GHSA-h755-8qp9-cq85
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-hxcc-f52p-wc94
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
Warn: Project is vulnerable to: GHSA-94xh-2fmc-xf5j
Warn: Project is vulnerable to: GHSA-8j36-q8x7-pm6q
Warn: Project is vulnerable to: GHSA-4v2w-h9jm-mqjg
Warn: Project is vulnerable to: GHSA-m57p-p67h-mq74
Warn: Project is vulnerable to: GHSA-2m8v-572m-ff2v
Warn: Project is vulnerable to: GHSA-jff2-qjw8-5476
Warn: Project is vulnerable to: GHSA-cvv5-9h9w-qp2m
Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp

Score

1.6

/10

Last Scanned on 2025-03-03

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to esm

@esbuild-kit/esm-loader

2.6.5

Node.js loader for compiling TypeScript modules to ESM

is-file-esm

1.0.0

Determines whether a Node file is a Module (`import`) or a Script (`require`)

@humanwhocodes/module-importer

1.0.1

Universal module importer for Node.js

mdast-util-mdxjs-esm

2.0.1

mdast extension to parse and serialize MDX.js ESM (import/exports)