Security News
Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
@americanexpress/one-app-bundler
Advanced tools
A command line interface(CLI) tool for bundling One App and its modules.
A command line interface(CLI) tool for bundling One App and One App modules.
To build a React component for usage as a One App module:
Install:
npm i -D @americanexpress/one-app-bundler
Run the bundle-module
script as part of your build. This script is provided by one-app-bundler
:
{
"scripts": {
"build": "bundle-module",
"prepare": "npm run build",
}
}
When bundling a One App module, some options can be applied by adding a bundler
config object to a one-amex
section
within package.json
:
{
"one-amex": {
"bundler": {
}
}
}
providedExternals
& requiredExternals
In order to avoid duplicate code in your One App instance, you may want to
share a dependency across all your modules that is not already provided by One
App. These dependencies can be provided to your modules by your tenant root
module. The tenant root module should include in its configuration
providedExternals
, which is an array of external dependencies to be bundled
with it and provided to other modules.
{
"one-amex": {
"bundler": {
"providedExternals": ["some-dependency", "another-dependency"]
}
}
}
Modules consuming these external dependencies must declare what they expect the
tenant root module to provide by setting the requiredExternals
option. Any dependency
listed there will not be bundled with the module, but will be replaced with a
reference to the external dependency as provided by the tenant root module.
{
"one-amex": {
"bundler": {
"requiredExternals": ["some-dependency"]
}
}
}
Modules shouldn't configure both providedExternals
and requiredExternals
.
Any module with requiredExternals
configured will be validate at runtime to ensure that
the tenant root module is in fact providing those requiredExternals, and will fail to load if it is
not.
If you attempt to include in providedExternals
or requiredExternals
and dependencies
already provided by One App, your build will fail.
performanceBudget
Set a custom performance budget
for your client module build. The default value is 200e3
.
{
"one-amex": {
"bundler": {
"performanceBudget": 500e3
}
}
}
webpackConfigPath
You may extend the webpack configuration by providing a path to your config file in this option. Use of this option is at your own risk.
{
"one-amex": {
"bundler": {
"webpackConfigPath": "webpack.config.js"
}
}
}
purgecss
OptionsYou may add additional paths for purgecss
to consider before stripping out
unused CSS by adding an array of glob patterns to bundler.purgecss.paths
under bundler.purgecss.paths
. The example below illustrates how we would add
some-lib
if we were applying custom styles to it in our module.
{
"one-amex": {
"bundler": {
"purgecss": {
"paths": ["node_modules/some-lib/src/**/*.{js,jsx}"]
}
}
}
}
purgecss
can be disabled for your module by adding
bundler.purgecss.disabled
as true
. This option is only to be used in
rare instances and as a last resort, the effect of disabling will have a
negative impact on performance.
{
"one-amex": {
"bundler": {
"purgecss": {
"disabled": true
}
}
}
}
The following scripts are provided by one-app-bundler
and used by one-app
.
npm run build:bundle
This would bundle one app.
npm run serve-module ../path-to-your-one-app-module
This would serve your module locally.
npm run drop-module ../path-to-your-one-app-module
This would stop serving your module locally.
6.1.1 (2020-01-24)
Note: Version bump only for package one-app-cli
FAQs
A command line interface(CLI) tool for bundling One App and its modules.
The npm package @americanexpress/one-app-bundler receives a total of 29 weekly downloads. As such, @americanexpress/one-app-bundler popularity was classified as not popular.
We found that @americanexpress/one-app-bundler demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.