Lines 1-31javascript
3 * npx-compatible launcher for mdflow.
5 * mdflow runs on Bun (the source uses Bun APIs directly), but `npx mdflow`
6 * executes bins under Node. This launcher bridges the gap: find bun, exec the
7 * real entry through it, and if bun is missing offer to install it (TTY) or
8 * print the one-liner (non-TTY). It must stay plain Node ESM with zero
9 * dependencies — it is the one file that runs before Bun exists.
12import { spawnSync } from "node:child_process";
13import { existsSync } from "node:fs";
HighChild Process
Package source references child process execution.
bin/mdflow.mjsView on unpkg · L11 HighRuntime Package Install
Package source invokes a package manager install command at runtime.
bin/mdflow.mjsView on unpkg · L4 14import { delimiter, dirname, join } from "node:path";
15import { fileURLToPath } from "node:url";
17const root = dirname(dirname(fileURLToPath(import.meta.url)));
18const entry = join(root, "src", "index.ts");
21 const names = process.platform === "win32" ? ["bun.exe", "bun.cmd", "bun"] : ["bun"];
22 for (const dir of (process.env.PATH ?? "").split(delimiter)) {
23 if (!dir) continue;
HighSandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
bin/mdflow.mjsView on unpkg · L11 24 for (const name of names) {
25 const candidate = join(dir, name);
26 if (existsSync(candidate)) return candidate;
29 const home = process.env.HOME || process.env.USERPROFILE;
31 const fallback = join(home, ".bun", "bin", process.platform === "win32" ? "bun.exe" : "bun");