Adds source map support to node.js (for stack traces)
Installations
npm install source-map-supportScore
98.5
Supply Chain
98.6
Quality
79.9
Maintenance
100
Vulnerability
100
License
Releases
Contributors
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4){kind=avatar}
Developer
evanw
Developer Guide
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
16.11.1
NPM Version
8.0.0
Statistics
2,162 Stars
343 Commits
224 Forks
20 Watching
10 Branches
63 Contributors
Updated on 15 Nov 2024
Bundle Size
33.40 kB
Minified
10.39 kB
Minified + Gzipped
Languages
JavaScript (95.61%)
CoffeeScript (2.55%)
HTML (1.84%)
Total Downloads
Cumulative downloads
Total Downloads
10,278,412,532
Last day
-8.1%
11,223,038
Compared to previous day
Last week
1.7%
66,413,685
Compared to previous week
Last month
16.8%
266,704,347
Compared to previous month
Last year
13.5%
2,596,824,330
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Dev Dependencies
5
Source Map Support
This module provides source map support for stack traces in node via the V8 stack trace API. It uses the source-map module to replace the paths and line numbers of source-mapped files with their original paths and line numbers. The output mimics node's stack trace format with the goal of making every compile-to-JS language more of a first-class citizen. Source maps are completely general (not specific to any one language) so you can use source maps with multiple compile-to-JS languages in the same node process.
Installation and Usage
Node support
Node >=12.12.0
This package is no longer required as Node 12.12.0 introduced the --enable-source-maps flag. (unless you're using the vm module, as --enable-source-maps does not work with vm.runInThisContext).
Node <12.12.0
$ npm install source-map-support
Source maps can be generated using libraries such as source-map-index-generator. Once you have a valid source map, place a source mapping comment somewhere in the file (usually done automatically or with an option by your transpiler):
//# sourceMappingURL=path/to/source.map
If multiple sourceMappingURL comments exist in one file, the last sourceMappingURL comment will be respected (e.g. if a file mentions the comment in code, or went through multiple transpilers). The path should either be absolute or relative to the compiled file.
From here you have two options.
CLI Usage
1node -r source-map-support/register compiled.js
Programmatic Usage
Put the following line at the top of the compiled file.
1require('source-map-support').install();
It is also possible to install the source map support directly by
requiring the register module which can be handy with ES6:
1import 'source-map-support/register' 2 3// Instead of: 4import sourceMapSupport from 'source-map-support' 5sourceMapSupport.install()
Note: if you're using babel-register, it includes source-map-support already.
It is also very useful with Mocha:
$ mocha --require source-map-support/register tests/
Browser support
This library also works in Chrome. While the DevTools console already supports source maps, the V8 engine doesn't and Error.prototype.stack will be incorrect without this library. Everything will just work if you deploy your source files using browserify. Just make sure to pass the --debug flag to the browserify command so your source maps are included in the bundled code.
This library also works if you use another build process or just include the source files directly. In this case, include the file browser-source-map-support.js in your page and call sourceMapSupport.install(). It contains the whole library already bundled for the browser using browserify.
1<script src="browser-source-map-support.js"></script> 2<script>sourceMapSupport.install();</script>
This library also works if you use AMD (Asynchronous Module Definition), which is used in tools like RequireJS. Just list browser-source-map-support as a dependency:
1<script> 2 define(['browser-source-map-support'], function(sourceMapSupport) { 3 sourceMapSupport.install(); 4 }); 5</script>
Options
This module installs two things: a change to the stack property on Error objects and a handler for uncaught exceptions that mimics node's default exception handler (the handler can be seen in the demos below). You may want to disable the handler if you have your own uncaught exception handler. This can be done by passing an argument to the installer:
1require('source-map-support').install({ 2 handleUncaughtExceptions: false 3});
This module loads source maps from the filesystem by default. You can provide alternate loading behavior through a callback as shown below. For example, Meteor keeps all source maps cached in memory to avoid disk access.
1require('source-map-support').install({ 2 retrieveSourceMap: function(source) { 3 if (source === 'compiled.js') { 4 return { 5 url: 'original.js', 6 map: fs.readFileSync('compiled.js.map', 'utf8') 7 }; 8 } 9 return null; 10 } 11});
The module will by default assume a browser environment if XMLHttpRequest and window are defined. If either of these do not exist it will instead assume a node environment. In some rare cases, e.g. when running a browser emulation and where both variables are also set, you can explictly specify the environment to be either 'browser' or 'node'.
1require('source-map-support').install({ 2 environment: 'node' 3});
To support files with inline source maps, the hookRequire options can be specified, which will monitor all source files for inline source maps.
1require('source-map-support').install({ 2 hookRequire: true 3});
This monkey patches the require module loading chain, so is not enabled by default and is not recommended for any sort of production usage.
Demos
Basic Demo
original.js:
1throw new Error('test'); // This is the original code
compiled.js:
1require('source-map-support').install(); 2 3throw new Error('test'); // This is the compiled code 4// The next line defines the sourceMapping. 5//# sourceMappingURL=compiled.js.map
compiled.js.map:
1{ 2 "version": 3, 3 "file": "compiled.js", 4 "sources": ["original.js"], 5 "names": [], 6 "mappings": ";;AAAA,MAAM,IAAI" 7}
Run compiled.js using node (notice how the stack trace uses original.js instead of compiled.js):
$ node compiled.js
original.js:1
throw new Error('test'); // This is the original code
^
Error: test
at Object.<anonymous> (original.js:1:7)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Function.Module.runMain (module.js:497:10)
at startup (node.js:119:16)
at node.js:901:3
TypeScript Demo
demo.ts:
1declare function require(name: string); 2require('source-map-support').install(); 3class Foo { 4 constructor() { this.bar(); } 5 bar() { throw new Error('this is a demo'); } 6} 7new Foo();
Compile and run the file using the TypeScript compiler from the terminal:
$ npm install source-map-support typescript
$ node_modules/typescript/bin/tsc -sourcemap demo.ts
$ node demo.js
demo.ts:5
bar() { throw new Error('this is a demo'); }
^
Error: this is a demo
at Foo.bar (demo.ts:5:17)
at new Foo (demo.ts:4:24)
at Object.<anonymous> (demo.ts:7:1)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Function.Module.runMain (module.js:497:10)
at startup (node.js:119:16)
at node.js:901:3
There is also the option to use -r source-map-support/register with typescript, without the need add the require('source-map-support').install() in the code base:
$ npm install source-map-support typescript
$ node_modules/typescript/bin/tsc -sourcemap demo.ts
$ node -r source-map-support/register demo.js
demo.ts:5
bar() { throw new Error('this is a demo'); }
^
Error: this is a demo
at Foo.bar (demo.ts:5:17)
at new Foo (demo.ts:4:24)
at Object.<anonymous> (demo.ts:7:1)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Function.Module.runMain (module.js:497:10)
at startup (node.js:119:16)
at node.js:901:3
CoffeeScript Demo
demo.coffee:
1require('source-map-support').install() 2foo = -> 3 bar = -> throw new Error 'this is a demo' 4 bar() 5foo()
Compile and run the file using the CoffeeScript compiler from the terminal:
1$ npm install source-map-support coffeescript 2$ node_modules/.bin/coffee --map --compile demo.coffee 3$ node demo.js 4 5demo.coffee:3 6 bar = -> throw new Error 'this is a demo' 7 ^ 8Error: this is a demo 9 at bar (demo.coffee:3:22) 10 at foo (demo.coffee:4:3) 11 at Object.<anonymous> (demo.coffee:5:1) 12 at Object.<anonymous> (demo.coffee:1:1) 13 at Module._compile (module.js:456:26) 14 at Object.Module._extensions..js (module.js:474:10) 15 at Module.load (module.js:356:32) 16 at Function.Module._load (module.js:312:12) 17 at Function.Module.runMain (module.js:497:10) 18 at startup (node.js:119:16)
Tests
This repo contains both automated tests for node and manual tests for the browser. The automated tests can be run using mocha (type mocha in the root directory). To run the manual tests:
- Build the tests using
build.js - Launch the HTTP server (
npm run serve-tests) and visit- http://127.0.0.1:1336/amd-test
- http://127.0.0.1:1336/browser-test
- http://127.0.0.1:1336/browserify-test - Currently not working due to a bug with browserify (see pull request #66 for details).
- For
header-test, runserver.jsinside that directory and visit http://127.0.0.1:1337/
License
This code is available under the MIT license.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.md:0
Reason
Found 5/17 approved changesets -- score normalized to 2
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 20 are checked with a SAST tool
Reason
41 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-6chw-6frg-f759
- Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
- Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-c6rq-rjc2-86v2
- Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-h6ch-v84p-w6p9
- Warn: Project is vulnerable to: GHSA-jc84-3g44-wf2q
- Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
- Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3
- Warn: Project is vulnerable to: MAL-2023-462
- Warn: Project is vulnerable to: GHSA-qh2h-chj9-jffq
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-hxm2-r34f-qmc5
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-gqgv-6jq5-jjj9
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp
- Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr
- Warn: Project is vulnerable to: GHSA-qg8p-v9q4-gh34
- Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
- Warn: Project is vulnerable to: GHSA-j44m-qm6p-hp7m
- Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
- Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
- Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
- Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
- Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-34r7-q49f-h37c
- Warn: Project is vulnerable to: GHSA-c9f4-xj24-8jqx
Score
2
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to source-map-support
@types/source-map-support
TypeScript definitions for source-map-support
ts-node
TypeScript execution environment and REPL for node.js, with source map support
ts-jest
A Jest transformer with source map support that lets you use Jest to test projects written in TypeScript
snapdragon
Easy-to-use plugin system for creating powerful, fast and versatile parsers and compilers, with built-in source-map support.