Security News
Fluent Assertions Faces Backlash After Abandoning Open Source Licensing
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
@agoric/bundle-source
Advanced tools
This package creates source bundles from ES Modules, compatible with Agoric contracts and SwingSet vats.
To bundle your sources, first do
import bundleSource from '@agoric/bundle-source';
const sourceBundleP = bundleSource(new URL('../path/to/toplevel', import.meta.url).pathname);
to get a promise for a source bundle, that resolves after reading the
named sources and bundling them into a form that vats can load, as indicated
by the moduleFormat
below. Currently, the only supported module format
is getExport
. Note that this way of loading external modules is likely to
change.
To obtain the contents of the promised sourceBundleP
, once it resolves, do:
sourceBundleP.then(({moduleFormat, source, sourceMap}) => ...);
or inside an async function (and therefore outside of Jessie), do:
const { moduleFormat, source, sourceMap } = await sourceBundleP;
...
The first main moduleFormat
is the "getExport"
format. It generates
source like:
function getExport() {
let exports = {};
const module = { exports };
// CommonJS source translated from the inputs.
...
return module.exports;
}
To evaluate it and obtain the resulting module namespace, you need to endow
a require
function to resolve external imports.
This is logically similar to the getExport
format, except that the code
may additionally depend upon a nestedEvaluate(src)
function to be used
to evaluate submodules in the same context as the parent function.
The advantage of this format is that it helps preserve the filenames within the bundle in the event of any stack traces.
Also, the toplevel getExport(filePrefix = "/bundled-source")
accepts an
optional filePrefix
argument (which is prepended to relative paths for the
bundled files) in order to help give context to stack traces.
FAQs
Create source bundles from ES Modules
The npm package @agoric/bundle-source receives a total of 141 weekly downloads. As such, @agoric/bundle-source popularity was classified as not popular.
We found that @agoric/bundle-source demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.