Security News
PyPI’s New Archival Feature Closes a Major Security Gap
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
By Sarah Gooding - Jan 30, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@aofl/polyfill-service
Advanced tools
@aofl/polyfill-service
Implements a customized version of @webcomponents/webcomponentsjs/webcomponents-loader.js that uses dynamic imports to load polyfills. It also allows for lazy loading other polyfills based on a config file.
Installation
npm i -S @aofl/polyfill-service
Config file
// sample-config.js
export default {
'Object.assign': () => import('@aofl/polyfill-service/src/object-assign-polyfill'),
'fetch': () => import('isomorphic-fetch'),
'Reflect': () => import('harmony-reflect'),
'Array.prototype.find': () => import('array.prototype.find'),
'html-imports': {
test() {
return !('import' in document.createElement('link'));
},
load: () => import('@webcomponents/webcomponentsjs/webcomponents-bundle')
}
};
Usage
// init-polyfill-service.js
import {Polyfill} from '@aofl/polyfill-service';
import polyfills from './sample-config';
const ready = Polyfill.loadAll(polyfills); // promise
export default ready;
polyfill.loadAll() returns a promise. In addition to this WebComponentsReady is fired once all promises are loaded.
Gotchas
If using webpack you will have to use imports-loader to fix the global variable in webcomponents polyfills.
// webpack.config.js
...
module: {
rules: [
{
test: /@webcomponents/,
loader: 'imports-loader?this=>window'
},
]
}
...
v3.5.0 - 2020-02-25
[Added]
- @aofl/wdio - Web Components support with Local and SauceLabs presets
- @aofl/cli - source-map-loader
- npmignore unnecessary files from the packages
[Changed]
- @aofl/unit-testing-plugin - refactored to use WebdriverIO
- unit testing config to work with new version
- @aofl/cli - devtool source-map as default for development builds
- @aofl/cli - updated workbox and pwa-manifest
[Deprecated]
[Removed]
- lodash
- mkdirp
- webcomponents-tester
[Fixed]
- Exclude babel built-ins from generated bundles
- Source map files of generated bundles
- @aofl/cli - eslint loader cache set to false
- @aofl/templating-plugin - routes loader cache set to false. Build will pick up updated routes configs.
- @aofl/cli - init - repo and branch name support
[Security]
- Replaced WebComponentsTester with WebdriverIO
- Updated npm packages
- Changed .gitignore
FAQs
Uses dynamic imports to load polyfills
The npm package @aofl/polyfill-service receives a total of 65 weekly downloads. As such, @aofl/polyfill-service popularity was classified as not popular.
We found that @aofl/polyfill-service demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 03 Mar 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
North Korean APT Lazarus Targets Developers with Malicious npm Package
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.
By Kirill Boychenko, Peter van der Zee - Jan 29, 2025
Security News
CISA Brings KEV Data to GitHub
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
By Sarah Gooding - Jan 29, 2025