node package manager
Orgs are free. Discover, share, and reuse code in your team. Create a free org »



A sandboxed node.js module loader that lets you inject dependencies into your modules.

@tristanls 's Note: This version contains a dirty hack to make it work in strict mode. It works for me, you shouldn't use it, but should help fix the original project.


npm install sandboxed-module


var SandboxedModule = require('sandboxed-module');
var user = SandboxedModule.require('./user', {
  requires: {'mysql': {fake: 'mysql module'}},
  globals: {myGlobal: 'variable'},
  locals: {myLocal: 'other variable'},
  strictMode : true

What to do with this

This module is intended to ease dependency injection for unit testing. However, feel free to use it for whatever crimes you can think of.


SandboxedModule.load(moduleId, [options])

Returns a new SandboxedModule where moduleId is a regular module path / id as you would normally pass into require(). The new module will be loaded in its own v8 context, but otherwise have access to the normal node.js environment.

options is an optional object that can be used to inject any of the following:

  • requires: An object containing moduleIds and the values to inject for them when required by the sandboxed module. This does not affect children of the sandboxed module.
  • globals: An object of global variables to inject into the sandboxed module.
  • locals: An object of local variables to inject into the sandboxed module.
  • strictMode: A boolean flag that will inclue "use strict"; when wrapping the sandboxed module.

SandboxedModule.require(moduleId, [options])

Identical to SandboxedModule.load(), but returns sandboxedModule.exports directly.


The full path to the module.


The underlaying node.js Module instance.


A getter returning the sandboxedModule.module.exports object.


The global object of the v8 context this module was loaded in. Modifications to this object will be reflected in the sandboxed module.


The local variables injected into the sandboxed module using a closure. Modifying this object has no effect on the state of the sandbox.


An object holding a list of all module required by the sandboxed module itself. The keys are the moduleIds used for the require calls.


Returns an array of variable names that have leaked into the global scope, except those those that are part of the node environment, or have been injected using the globals: option.


sandboxed-module is licensed under the MIT license.