npmpackage.info

Gathering detailed insights and metrics for treeverse

Other packages similar to treeverse

@types/treeverse

3.0.5

TypeScript definitions for treeverse

opensea-scraper

6.6.0

Scraping floor prices from opensea.

opensea-scraper-ts

5.0.4

Scraping accurate floor prices from opensea, because the API returns inacurate floor prices.

medium-parser-to-markdown

1.1.3

Parser medium article (image, author, date, title, description) and converts description to markdown

Gathering detailed insights and metrics for treeverse

treeverse

Walk any kind of tree structure depth- or breadth-first. Supports promises and advanced map-reduce operations with a very small API.

3.0.0

131

ISC

JavaScript

244,680,807 3.1

Installations

npm install treeverse

Pull Requests

Open

3

Total

50

Closed

28

Merged

19

Issues

Open

1

Total

3

Closed

2

Releases

v3.0.0

Published on 14 Oct 2022

v2.0.0

Published on 05 Apr 2022

View all 2 releases

Developer

npm

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

^14.17.0 || ^16.13.0 || >=18.0.0

Typescript Support

No

Node Version

18.10.0

NPM Version

8.19.2 Statistics

131 Stars

52 Commits

12 Forks

13 Watching

2 Branches

7 Contributors

Updated on 22 Aug 2024

Languages

JavaScript (100%)

Total Downloads

Cumulative downloads

Total Downloads

244,680,807

Last day

3.1%

489,538

Compared to previous day

Last week

4.7%

2,677,679

Compared to previous week

Last month

9.9%

10,952,188

Compared to previous month

Last year

29.1%

106,146,900

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

@npmcli/eslint-config @npmcli/template-oss tap

Versions

treeverse

Walk any kind of tree structure depth- or breadth-first. Supports promises and advanced map-reduce operations with a very small API.

Treeverse does not care what kind of tree it is, it will traverse it for you just fine. It does the right thing with functions that return Promises, and returns a non-Promise value if your functions don't return Promises.

Rather than imposing a specific structure, like requiring you to have child nodes stored in a children array, it calls the supplied getChildren() function, so the children can be anywhere (or not even exist yet!) This makes it suitable for creating an optimized tree from a set of dependency manifests, for example.

USAGE

1const {depth, breadth} = require('treeverse')
2
3// depth-first traversal
4// returns a promise if any visit/leave function returns a promise
5// otherwise returns the result of leave, or visit if no leave function
6// provided.
7depth({
8  // the root node where we start the traversal
9  tree: rootNode,
10
11  visit (node) {
12    // optional
13    // called upon descent into the node.
14    // return a promise, or a mapped value, or nothing to just leave it
15    // as-is
16  },
17  leave (node, children) {
18    // optional
19    // called as we ascend back to the root of the tree.
20    // return a promise, or a reduced value, or nothing to leave it as is
21    // the children array is a list of the child nodes that have been
22    // visited (and potentially left) already.  If the tree is acyclic,
23    // then leave() will have been called on all of them.  If it has
24    // cycles, then the children may not have been left yet.
25  },
26  getChildren (node, nodeResult) {
27    // required
28    // return an array of child nodes in the tree, if any exist
29    // returning a promise is totally ok, of course.
30    // the first argument is the original value of the node.  The second
31    // argument is the result of visit(node).
32  },
33  filter (node) {
34    // optional
35    // return true if the node should be visited, false otherwise
36    // initial tree is always visited, so this only filters children
37    // note that filtering a node _also_ filters all of its children.
38  },
39})
40
41// breadth first traversal
42// returns a promise if any visit function returns a promise
43// otherwise returns the result of the top-level node.
44// note that only a visit() function is supported here, since a node's
45// children are typically traversed much later in the process.
46breadth({
47  // the root node where we start the traversal
48  tree: rootNode,
49
50  visit (node) {
51    // optional, but a no-op if not provided.
52    // called when this node is encountered in the traversal.
53    // return a promise, or a mapped value, or nothing to leave as-is.
54  },
55  getChildren (node, nodeResult) {
56    // required, same as depth()
57  },
58  filter (node) {
59    // optional, same as depth()
60  },
61})

API

Both functions take a single options object as an argument, and return either the result value, or a Promise to the result value if the methods in the options argument ever return a Promise.

treeverse.breadth - Perform a breadth-first traversal. That is, walk across node siblings before traversing node children.
treeverse.depth - Perform a depth-first traversal. That is, walk down into child nodes before traversing siblings.

OPTIONS

All function options can return a Promise or actual value.

The return value is the result of the top level visit function if no leave function is provided, or leave. If any method along the way returns a promise, then the top level function will return a promise which resolves to the result of visiting (and leaving) the top node in the tree.

tree - The initial node where the traversal begins.
visit(node) - Function to call upon visiting a node.
leave(node, children) - (Depth only) Function to call upon leaving a node, once all of its children have been visited, and potentially left. children is an array of child node visit results. If the graph is cyclic, then some children may have been visited but not left.
getChildren(node, nodeResult) - Get an array of child nodes to process.
filter - Filter out child nodes from the traversal. Note that this filters the entire branch of the tree, not just that one node. That is, children of filtered nodes are not traversed either.

STACK DEPTH WARNING

When a leave method is specified, then recursion is used, because maintaining state otherwise is challenging. This means that using leave with a synchronous depth first traversal of very deeply nested trees will result in stack overflow errors.

To avoid this, either make one or more of the functions async, or do all of the work in the visit method.

Breadth-first traversal always uses a loop, and is stack-safe.

It is possible to implement depth first traversal with a leave method using a loop rather than recursion, but maintaining the leave(node, [children]) API surface would be challenging, and is not implemented at this time.

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

10

License

Determines if the project has defined a license.

7

SAST

Determines if the project uses static code analysis.

2

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/audit.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/audit.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/audit.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/audit.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-release.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-release.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-release.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:175: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-release.yml:211: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/post-dependabot.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/post-dependabot.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/post-dependabot.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/post-dependabot.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/post-dependabot.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/post-dependabot.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/pull-request.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/pull-request.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:182: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:215: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:263: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:280: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:286: update your workflow using https://app.stepsecurity.io/secureworkflow/isaacs/treeverse/release.yml/main?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/audit.yml:32
Warn: npmCommand not pinned by hash: .github/workflows/audit.yml:36
Warn: npmCommand not pinned by hash: .github/workflows/ci-release.yml:87
Warn: npmCommand not pinned by hash: .github/workflows/ci-release.yml:91
Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:37
Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:41
Warn: npmCommand not pinned by hash: .github/workflows/post-dependabot.yml:33
Warn: npmCommand not pinned by hash: .github/workflows/post-dependabot.yml:37
Warn: npmCommand not pinned by hash: .github/workflows/pull-request.yml:36
Warn: npmCommand not pinned by hash: .github/workflows/pull-request.yml:40
Warn: npmCommand not pinned by hash: .github/workflows/release.yml:47
Warn: npmCommand not pinned by hash: .github/workflows/release.yml:51
Warn: npmCommand not pinned by hash: .github/workflows/release.yml:161
Warn: npmCommand not pinned by hash: .github/workflows/release.yml:165
Warn: npmCommand not pinned by hash: .github/workflows/release.yml:291
Warn: npmCommand not pinned by hash: .github/workflows/release.yml:295
Info: 0 out of 28 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 9 third-party GitHubAction dependencies pinned
Info: 0 out of 16 npmCommand dependencies pinned

0

Fuzzing

Determines if the project uses fuzzing.

0

Security-Policy

Determines if the project has published a security policy.

Score

3.1

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More