Generated on Apr 8, 2024 via pnpm

Npm

Home

node-gyp 3.4.0

Node.js native addon build tool

native

addon

module

c++

bindings

gyp

Package summary

issues

licenses

Package created

5 Feb 2012

Version published

28 Jun 2016

Maintainers

Total deps

112

Direct deps

License

MIT

Issues

7 high severity issues

high

tar@2.2.2

Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization

Recommendation: Upgrade to version 3.2.2 or later

via: tar@2.2.2

tar@2.2.2

Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization

Recommendation: Upgrade to version 4.4.18 or later

via: tar@2.2.2

es5-ext@0.10.64

Package uses postinstall script: " node -e "try{require('./_postinstall')}catch(e){}" || exit 0"

via: path-array@1.0.1

har-validator@5.1.5

Deprecated package

via: request@2.88.2

request@2.88.2

Deprecated package

via: request@2.88.2

tar@2.2.2

Deprecated package

via: tar@2.2.2

uuid@3.4.0

Deprecated package

via: request@2.88.2

Collapse

Expand

2 moderate severity issues

moderate

tough-cookie@2.5.0

tough-cookie Prototype Pollution vulnerability

Recommendation: Upgrade to version 4.1.3 or later

via: request@2.88.2

request@2.88.2

Server-Side Request Forgery in Request

Recommendation: None

via: request@2.88.2

Collapse

Expand

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

64 Packages, Including:

ajv@6.12.6

ansi-regex@2.1.1

array-index@1.0.0

asn1@0.2.6

assert-plus@1.0.0

asynckit@0.4.0

aws4@1.12.0

balanced-match@1.0.2

brace-expansion@1.1.11

code-point-at@1.1.0

combined-stream@1.0.8

concat-map@0.0.1

core-util-is@1.0.2

core-util-is@1.0.3

dashdash@1.14.1

debug@2.6.9

delayed-stream@1.0.0

delegates@1.0.0

ecc-jsbn@0.1.2

es6-iterator@2.0.3

event-emitter@0.3.5

extend@3.0.2

extsprintf@1.3.0

fast-deep-equal@3.1.3

fast-json-stable-stringify@2.1.0

form-data@2.3.3

getpass@0.1.7

har-validator@5.1.5

has-color@0.1.7

http-signature@1.2.0

is-fullwidth-code-point@1.0.0

is-typedarray@1.0.0

isarray@1.0.0

isstream@0.1.2

jsbn@0.1.1

json-schema-traverse@0.4.1

jsprim@1.4.2

mime-db@1.52.0

mime-types@2.1.35

minimist@1.2.8

mkdirp@0.5.6

ms@2.0.0

node-gyp@3.4.0

number-is-nan@1.0.1

object-assign@4.1.1

os-homedir@1.0.2

os-tmpdir@1.0.2

path-array@1.0.1

path-is-absolute@1.0.1

performance-now@2.1.0

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

36 Packages, Including:

abbrev@1.1.1

aproba@1.2.0

are-we-there-yet@1.1.7

block-stream@0.0.9

console-control-strings@1.1.0

d@1.0.2

es5-ext@0.10.64

es6-symbol@3.1.4

esniff@2.0.1

ext@1.7.0

fs.realpath@1.0.0

fstream@1.0.12

gauge@2.6.0

glob@7.2.3

graceful-fs@4.2.11

har-schema@2.0.0

has-unicode@2.0.1

inflight@1.0.6

inherits@2.0.4

isexe@2.0.0

json-stringify-safe@5.0.1

minimatch@3.1.2

next-tick@1.1.0

nopt@3.0.6

npmlog@3.1.2

once@1.4.0

osenv@0.1.5

rimraf@2.7.1

semver@5.7.2

set-blocking@2.0.0

signal-exit@3.0.7

tar@2.2.2

type@2.7.2

which@1.3.1

wide-align@1.1.5

wrappy@1.0.2

Apache License 2.0

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

use-patent-claims

place-warranty

Cannot

hold-liable

use-trademark

Must

include-copyright

include-license

state-changes

include-notice

6 Packages, Including:

aws-sign2@0.7.0

caseless@0.12.0

forever-agent@0.6.1

oauth-sign@0.9.0

request@2.88.2

tunnel-agent@0.6.0

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

3 Packages, Including:

bcrypt-pbkdf@1.0.2

qs@6.5.3

tough-cookie@2.5.0

(AFL-2.1 OR BSD-3-Clause)

Permissive

1 Packages, Including:

json-schema@0.4.0

The Unlicense

Public Domain

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

private-use

modify

Cannot

include-copyright

hold-liable

Must

1 Packages, Including:

tweetnacl@0.14.5

BSD 2-Clause "Simplified" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

hold-liable

Must

include-copyright

include-license

1 Packages, Including:

uri-js@4.4.1

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of node-gyp 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
fstream	1.0.12	16.61 kB	ISC	prod
glob	7.2.3	15.08 kB	ISC	prod
graceful-fs	4.2.11	9.57 kB	ISC	prod
minimatch	3.1.2	11.66 kB	ISC	prod
mkdirp	0.5.6	2.95 kB	MIT	prod
nopt	3.0.6	10.07 kB	ISC	prod
npmlog	3.1.2	6.08 kB	ISC	prod
osenv	0.1.5	2.25 kB	ISC	prod
path-array	1.0.1	3.9 kB	MIT	prod	1
request	2.88.2	57.83 kB	Apache-2.0	prod	3 2
rimraf	2.7.1	5.53 kB	ISC	prod
semver	5.7.2	17.45 kB	ISC	prod
tar	2.2.2	211.58 kB	ISC	prod	3
which	1.3.1	4.08 kB	ISC	prod

Tree

Treemap

Frequently Asked Questions

What does node-gyp do?

Node-gyp is a cross-platform command-line tool created with Node.js that is used for compiling native addon modules for Node.js. It's designed to work on multiple target versions of Node.js, irrespective of which version of Node.js is installed on your system. Node-gyp achieves this by downloading the required development files or headers for the targeted version. It's important to note that while node-gyp aids in the development of Node.js native addons, it is not utilized for building Node.js itself.

How do you use node-gyp?

Utilizing node-gyp requires a few steps. First, you need to install it through npm by running npm install -g node-gyp in your terminal. Node-gyp has dependencies on Python, make and a C/C++ compiler toolchain like GCC on Unix, Python and XCode Command Line Tools on macOS, and Python and Visual C++ Build Environment on Windows, so ensure these are correctly installed on your system.

Once installed and dependencies are resolved, using node-gyp involves generating project build files and then invoking the build command. Here's a simple usage example for your native addon:

cd my_node_addon
node-gyp configure
node-gyp build

In this example, you first navigate to the root directory of your native addon, generate the necessary project build files for your platform using the configure command, and then build your native addon with the build command. The compiled bindings will be found in build/Debug/ or build/Release/ depending on your build mode.

Where are the node-gyp docs?

You can access the detailed and extensive node-gyp documentation in the docs directory on the package's GitHub repository link: node-gyp Github repository. This documentation provides additional information on specific node-gyp topics which can come in handy when installing or building addons using node-gyp. It also has the command and configuration options for finer control over your builds.