npmpackage.info

Gathering detailed insights and metrics for write-file-atomic

write-file-atomic

Write files in an atomic fashion w/configurable ownership

6.0.0

230

ISC

JavaScript

8,995,682,909 6.7

Installations

npm install write-file-atomic

Pull Requests

Open

1

Total

162

Closed

100

Merged

61

Issues

Open

12

Total

46

Closed

34

Releases

v6.0.0

Published on 25 Sept 2024

v5.0.1

Published on 26 Apr 2023

v5.0.0

Published on 14 Oct 2022

v4.0.2

Published on 16 Aug 2022

write-file-atomic v4.0.1

v4.0.1

Published on 10 Feb 2022

write-file-atomic v4.0.0

v4.0.0

Published on 18 Jan 2022

View all 8 releases

Developer

npm

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

^18.17.0 || >=20.5.0

Typescript Support

No

Node Version

22.9.0

NPM Version

10.8.3 Statistics

230 Stars

193 Commits

47 Forks

17 Watching

3 Branches

90 Contributors

Updated on 25 Sept 2024

Languages

JavaScript (100%)

Total Downloads

Cumulative downloads

Total Downloads

8,995,682,909

Last day

-9.4%

10,423,758

Compared to previous day

Last week

1.4%

61,762,378

Compared to previous week

Last month

16.5%

249,338,158

Compared to previous month

Last year

15.9%

2,498,606,904

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

imurmurhash signal-exit

Dev Dependencies

@npmcli/eslint-config @npmcli/template-oss tap

Versions

write-file-atomic

This is an extension for node's fs.writeFile that makes its operation atomic and allows you set ownership (uid/gid of the file).

`writeFileAtomic(filename, data, [options], [callback])`

Description:

Atomically and asynchronously writes data to a file, replacing the file if it already exists. data can be a string or a buffer.

Options:

filename String
data String | Buffer
options Object | String
- chown Object default, uid & gid of existing file, if any
  - uid Number
  - gid Number
- encoding String | Null default = 'utf8'
- fsync Boolean default = true
- mode Number default, from existing file, if any
- tmpfileCreated Function called when the tmpfile is created
callback Function

Usage:

1var writeFileAtomic = require('write-file-atomic')
2writeFileAtomic(filename, data, [options], [callback])

The file is initially named filename + "." + murmurhex(__filename, process.pid, ++invocations). Note that require('worker_threads').threadId is used in addition to process.pid if running inside of a worker thread. If writeFile completes successfully then, if passed the chown option it will change the ownership of the file. Finally it renames the file back to the filename you specified. If it encounters errors at any of these steps it will attempt to unlink the temporary file and then pass the error back to the caller. If multiple writes are concurrently issued to the same file, the write operations are put into a queue and serialized in the order they were called, using Promises. Writes to different files are still executed in parallel.

If provided, the chown option requires both uid and gid properties or else you'll get an error. If chown is not specified it will default to using the owner of the previous file. To prevent chown from being ran you can also pass false, in which case the file will be created with the current user's credentials.

If mode is not specified, it will default to using the permissions from an existing file, if any. Expicitly setting this to false remove this default, resulting in a file created with the system default permissions.

If options is a String, it's assumed to be the encoding option. The encoding option is ignored if data is a buffer. It defaults to 'utf8'.

If the fsync option is false, writeFile will skip the final fsync call.

If the tmpfileCreated option is specified it will be called with the name of the tmpfile when created.

Example:

1writeFileAtomic('message.txt', 'Hello Node', {chown:{uid:100,gid:50}}, function (err) {
2  if (err) throw err;
3  console.log('It\'s saved!');
4});

This function also supports async/await:

1(async () => {
2  try {
3    await writeFileAtomic('message.txt', 'Hello Node', {chown:{uid:100,gid:50}});
4    console.log('It\'s saved!');
5  } catch (err) {
6    console.error(err);
7    process.exit(1);
8  }
9})();

`writeFileAtomicSync(filename, data, [options])`

Description:

The synchronous version of writeFileAtomic.

Usage:

1var writeFileAtomicSync = require('write-file-atomic').sync
2writeFileAtomicSync(filename, data, [options])

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

10

Security-Policy

Determines if the project has published a security policy.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

10

License

Determines if the project has defined a license.

8

SAST

Determines if the project uses static code analysis.

6

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/audit.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/audit.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/audit.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/audit.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/ci-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/ci-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-release.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/ci-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/ci-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/ci-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-release.yml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/ci-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/post-dependabot.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/post-dependabot.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/post-dependabot.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/post-dependabot.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/post-dependabot.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/post-dependabot.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/pull-request.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/pull-request.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-integration.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-integration.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:199: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:218: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:236: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:274: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:283: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:303: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/write-file-atomic/release.yml/main?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/audit.yml:38
Warn: npmCommand not pinned by hash: .github/workflows/ci-release.yml:58
Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:42
Warn: npmCommand not pinned by hash: .github/workflows/post-dependabot.yml:39
Warn: npmCommand not pinned by hash: .github/workflows/pull-request.yml:42
Warn: npmCommand not pinned by hash: .github/workflows/release-integration.yml:52
Warn: npmCommand not pinned by hash: .github/workflows/release.yml:50
Warn: npmCommand not pinned by hash: .github/workflows/release.yml:130
Info: 0 out of 26 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 12 third-party GitHubAction dependencies pinned
Info: 0 out of 8 npmCommand dependencies pinned

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Fuzzing

Determines if the project uses fuzzing.

Score

6.7

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More