A 100% compliant, self-hosted javascript parser with high focus on both performance and stability
100% compliant, self-hosted javascript parser with high focus on both performance and stability. Stable and already used in production.
Interactive Playground Benchmark
These features need to be enabled with the next option.
Meriyah doesn't parse RegExp internal syntax, ESTree spec didn't require internal structure of RegExp. Meriyah does use JavaScript runtime to validate the RegExp literal by default. That means Meriyah's RegExp support is only as good as JavaScript runtime's RegExp support.
As of May 2025, some latest RegExp features requires Node.js>=24.
Use validateRegex: false if you want consistent behavior in different environments or don't need errors for invalid RegExp.
npm install meriyah --save-dev
Meriyah generates AST according to ESTree AST format, and can be used to perform syntactic analysis (parsing) of a JavaScript program, and with ES2015 and later a JavaScript program can be either a script or a module.
The parse method exposed by meriyah takes an optional options object which allows you to specify whether to parse in script mode (the default) or in module mode.
import { parse } from 'meriyah';
const result = parse('let some = "code";', { ranges: true });
The available options:
{
// Indicate the mode the code should be parsed in 'script', 'module', or 'commonjs' mode, default `'script'`
sourceType: 'script' | 'module' | 'commonjs';
// The flag to enable stage 3 support (ESNext), default `false`
next: boolean;
// The flag to enable start, end offsets and range: [start, end] to each node, default `false`
ranges: boolean;
// Enable web compatibility, default `false`
webcompat: boolean;
// The flag to enable line/column location information to each node, default `false`
loc: boolean;
// The flag to attach raw property to each literal and identifier node, default `false`
raw: boolean;
// The flag to enable implied strict mode, default `false`
impliedStrict: boolean;
// Allows comment extraction. Accepts either a function or array, default `undefined`
onComment: [];
// Allows detection of automatic semicolon insertion. Accepts a callback function that will be passed the character offset where the semicolon was inserted, default `undefined`
onInsertedSemicolon: (position: number) => {};
// Allows token extraction. Accepts either a function or array, default `undefined`
onToken: [];
// Enable non-standard parenthesized expression node, default `false`
preserveParens: boolean;
// Enable lexical binding and scope tracking, default `false`
lexical: boolean;
// Adds a source attribute in every node’s loc object when the locations option is `true`
source: string; // Set to source: 'source-file.js'
// Enable React JSX parsing, default `false`
jsx: boolean;
// Validate regular expressions with runtime, default `true`
validateRegex: boolean;
}
If an array is supplied, comments/tokens will be pushed to the array, the item in the array contains start/end/range information when ranges flag is true, it will also contain loc information when loc flag is true.
If a function callback is supplied, the signature must be
declare function onComment(type: string, value: string, start: number, end: number, loc: SourceLocation): void;
declare function onToken(token: string, start: number, end: number, loc: SourceLocation): void;
Note the start/end/loc information are provided to the function callback regardless of the settings on ranges and loc flags. onComment callback has one extra argument value: string for the body string of the comment.
If a function callback is supplied, the signature must be
declare function onInsertedSemicolon(position: number): void;
isParseErrorExposed for error instance checking.
import { parse, isParseError } from './meriyah';
try {
parse('invalid code');
} catch (error) {
if (isParseError(error)) {
console.error(error.description);
} else {
throw error;
}
}
import { parse } from './meriyah';
parse('({x: [y] = 0} = 1)');
This will return when serialized in json:
{
type: "Program",
sourceType: "script",
body: [
{
type: "ExpressionStatement",
expression: {
type: "AssignmentExpression",
left: {
type: "ObjectPattern",
properties: [
{
type: "Property",
key: {
type: "Identifier",
name: "x"
},
value: {
type: "AssignmentPattern",
left: {
type: "ArrayPattern",
elements: [
{
"type": "Identifier",
"name": "y"
}
]
},
right: {
type: "Literal",
value: 0
}
},
kind: "init",
computed: false,
method: false,
shorthand: false
}
]
},
operator: "=",
right: {
type: "Literal",
value: 1
}
}
}
]
}
Acorn is a small, fast, JavaScript-based JavaScript parser. It is known for its modularity and flexibility, allowing users to extend its functionality with plugins. Compared to Meriyah, Acorn is more extensible but may be slightly slower in performance.
Esprima is a high-performance, standard-compliant ECMAScript parser. It is widely used in various JavaScript tools and frameworks. Esprima is known for its accuracy and reliability, but Meriyah is generally faster and more lightweight.
FAQs
A 100% compliant, self-hosted javascript parser with high focus on both performance and stability
The npm package meriyah receives a total of 541,040 weekly downloads. As such, meriyah popularity was classified as popular.
We found that meriyah demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.
Security News
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.