The closest you can get to require something with bypassing the require cache
Installations
npm install stealthy-requireDeveloper Guide
Typescript
No
Module System
CommonJS
Min. Node Version
>=0.10.0
Node Version
4.8.0
NPM Version
2.15.11
Score
99.6
Supply Chain
100
Quality
75.3
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Contributors
Unable to fetch Contributors
Languages
JavaScript (100%)
Developer
analog-nico
Download Statistics
Total Downloads
2,383,667,474
Last Day
667,903
Last Week
3,062,446
Last Month
15,257,277
Last Year
227,109,352
GitHub Statistics
22 Stars
37 Commits
3 Forks
1 Watching
1 Branches
2 Contributors
Bundle Size
692.00 B
Minified
397.00 B
Minified + Gzipped
Maintainers
Package Meta Information
Latest Version
1.1.1
Package Id
stealthy-require@1.1.1
Size
4.65 kB
NPM Version
2.15.11
Node Version
4.8.0
Publised On
09 May 2017
Total Downloads
Cumulative downloads
Total Downloads
2,383,667,474
Last day
-3.9%
667,903
Compared to previous day
Last week
-20.1%
3,062,446
Compared to previous week
Last month
3.2%
15,257,277
Compared to previous month
Last year
-19.7%
227,109,352
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Stealthy-Require
This is probably the closest you can currently get to require something in node.js with completely bypassing the require cache.
stealthy-require works like this:
- It clears the require cache.
- It calls a callback in which you require your module(s) without the cache kicking in.
- It clears the cache again and restores its old state.
The restrictions are:
- Native modules cannot be required twice. Thus this module bypasses the require cache only for non-native (e.g. JS) modules.
- The require cache is only bypassed for all operations that happen synchronously when a module is required. If a module lazy loads another module at a later time that require call will not bypass the cache anymore.
This means you should have a close look at all internal require calls before you decide to use this library.
Installation
This is a module for node.js and is installed via npm:
1npm install stealthy-require --save
Usage
Let's say you want to bypass the require cache for this require call:
1var request = require('request');
With stealthy-require you can do that like this:
1var stealthyRequire = require('stealthy-require'); 2 3var requestFresh = stealthyRequire(require.cache, function () { 4 return require('request'); 5});
The require cache is bypassed for the module you require (i.e. request) as well as all modules the module requires (i.e. http and many more).
Sometimes the require cache shall not be bypassed for specific modules. E.g. request is required but tough-cookie – on which request depends on – shall be required using the regular cache. For that you can pass two extra arguments to stealthyRequire(...):
- A callback that requires the modules that shall be required without bypassing the cache
- The
modulevariable
1var stealthyRequire = require('stealthy-require'); 2 3var requestFresh = stealthyRequire(require.cache, function () { 4 return require('request'); 5}, 6function () { 7 require('tough-cookie'); // No return needed 8 // You can require multiple modules here 9}, module);
Usage with Module Bundlers
- Webpack works out-of-the-box like described in the Usage section above.
- Browserify does not expose
require.cache. However, as ofbrowserify@13.0.1the cache is passed as the 6th argument to CommonJS modules. Thus you can pass this argument instead:
1// Tweak for Browserify - using arguments[5] instead of require.cache 2var requestFresh = stealthyRequire(arguments[5], function () { 3 return require('request'); 4});
Preventing a Memory Leak When Repeatedly Requiring Fresh Module Instances in Node.js
If you are using stealthy-require in node.js and repeatedly require fresh module instances the module.children array will hold all module instances which prevents unneeded instances to be garbage collected.
Assume your code calls doSomething() repeatedly.
1var stealthyRequire = require('stealthy-require'); 2 3function doSomething() { 4 5 var freshInstance = stealthyRequire(require.cache, function () { 6 return require('some-module'); 7 }); 8 9 return freshInstance.calc(); 10 11}
After doSomething() returns freshInstance is not used anymore but won’t be garbage collected because module.children still holds a reference. The solution is to truncate module.children accordingly:
1var stealthyRequire = require('stealthy-require'); 2 3function doSomething() { 4 5 var initialChildren = module.children.slice(); // Creates a shallow copy of the array 6 7 var freshInstance = stealthyRequire(require.cache, function () { 8 return require('some-module'); 9 }); 10 11 module.children = initialChildren; 12 13 return freshInstance.calc(); 14 15}
The slice operation removes all new module.children entries created during the stealthyRequire(...) call and thus freshInstance gets garbage collected after doSomething() returns.
Technical Walkthrough
1// 1. Load stealthy-require 2var stealthyRequire = require('stealthy-require'); 3// This does nothing but loading the code. 4// It has no side-effects like patching the module loader or anything. 5 6// Any regular require works as always. 7var request1 = require('request'); 8 9// 2. Call stealthyRequire with passing the require cache and a callback. 10var requestFresh = stealthyRequire(require.cache, function () { 11 12 // 2a. Before this callback gets called the require cache is cleared. 13 14 // 2b. Any require taking place here takes place on a clean require cache. 15 // Since the require call is part of the user's code it also works with module bundlers. 16 return require('request'); 17 // Anything returned here will be returned by stealthyRequire(...). 18 19 // 2c. After this callback gets called the require cache is 20 // - cleared again and 21 // - restored to its old state before step 2. 22 23}); 24 25// Any regular require again works as always. 26// In this case require returns the cached request module instance. 27var request2 = require('request'); 28 29// And voilà : 30request1 === request2 // -> true 31request1 === requestFresh // -> false
Contributing
To set up your development environment for stealthy-require:
- Clone this repo to your desktop,
- in the shell
cdto the main folder, - hit
npm install, - hit
npm install gulp -gif you haven't installed gulp globally yet, and - run
gulp dev. (Or runnode ./node_modules/.bin/gulp devif you don't want to install gulp globally.)
gulp dev watches all source files and if you save some changes it will lint the code and execute all tests. The test coverage report can be viewed from ./coverage/lcov-report/index.html.
If you want to debug a test you should use gulp test-without-coverage to run all tests without obscuring the code by the test coverage instrumentation.
Change History
- v1.1.1 (2017-05-08)
- Fix that stops
undefinedentries from appearing inrequire.cache(Thanks to @jasperjn from reporting this in issue #4)
- Fix that stops
- v1.1.0 (2017-04-25)
- Added ability to disable bypassing the cache for certain modules (Thanks to @novemberborn for suggesting this in issue #3)
- Added section in README about a potential memory leak (Thanks to @Flarna and @novemberborn for bringing that up in issue #2)
- Performance optimizations (Thanks to @jcready for pull request #1)
- v1.0.0 (2016-07-18)
- Breaking Change: API completely changed. Please read the Usage section again.
- Redesigned library to support module bundlers like Webpack and Browserify
- v0.1.0 (2016-05-26)
- Initial version
License (ISC)
In case you never heard about the ISC license it is functionally equivalent to the MIT license.
See the LICENSE file for details.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: ISC License: LICENSE:0
Reason
Found 1/27 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 4 are checked with a SAST tool
Score
3
/10
Last Scanned on 2025-01-27
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to stealthy-require
stealthy-require-no-leak
Drop-in replacement for stealthy-require that fixes a memory leak when being called multiple times.
continuous-stealthy-require
Requires a fresh, uncached module without causing a memory leak
jest-transform-stealthy-require
Transforms stealthy require calls into jest.isolateModules()