Product
Rust Support Now in Beta
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.
By Mikola Lysenko, Trevor Norris - Sep 11, 2025
@brodybits/rollup-plugin-size-snapshot
Advanced tools
@brodybits/rollup-plugin-size-snapshot
fork with update to use Webpack v5, as needed with Node.js 17 ref: [webpack/webpack#14532 (comment 985083189)](https://github.com/webpack/webpack/issues/14532#issuecomment-985083189)
@brodybits/rollup-plugin-size-snapshot
fork with update to use Webpack v5, as needed with Node.js 17 ref: webpack/webpack#14532 (comment 985083189)
This plugin provides details about
- actual bundle size (bundler parsing size)
- minified bundle size (browser parsing size)
- gzipped bundle size (download size)
All of these sizes are important criteria when choosing a library, and they will be stored in the .size-snapshot.json file.
There is also a nice feature for the es output format which provides sizes of treeshaked bundles with both rollup and webpack, so if your library has more than one independent parts, you can track that users will not consume dead code. Such bundles entry point looks like this
// nothing is imported here so nothing should go in user bundle
import {} from "library";
Why bundle with rollup
- internals are hidden so you shouldn't worry that user reuses your frequently updated modules
- faster user bundling if library has a lot of modules
- predictable and more efficient scope hoisting and as a result more predictable size
- easier to work without sourcemaps with vendors since development bundlers add a lot of unreadable stuff in module definition
Recommended installation
It is recommended to install this fork as a npm alias, for example:
yarn add --dev rollup-plugin-size-snapshot@npm:@brodybits/rollup-plugin-size-snapshot@latest
The usage below assumes this kind of installation for this fork.
Usage
import { sizeSnapshot } from "rollup-plugin-size-snapshot";
export default {
input: "src/index.js",
output: {
file: "dist/index.js",
format: "es",
},
plugins: [sizeSnapshot()],
};
If you use uglify or terser plugins, then make sure they are placed after this one.
import { uglify } from "rollup-plugin-uglify";
// or import terser from "@rollup/plugin-terser";
import { sizeSnapshot } from "rollup-plugin-size-snapshot";
export default {
// ...
plugins: [sizeSnapshot(), uglify({ toplevel: true })],
};
Options
snapshotPath
type: string
default: '.size-snapshot.json'
matchSnapshot
This option allows you to verify that contributors don't forget to build or commit the .size-snapshot.json file. If this is true, the plugin will validate the snapshot against an existing one. Typically, one would define this option's value as true during continuous integration; using it locally is unintended.
type: boolean
default: false
threshold
Possible difference between sizes in actual snapshot and generated one.
Note: Make sense only when matchSnapshot is true.
type: number
default: 0
printInfo
Allows you to disable log to terminal.
type: boolean
default: true
License
MIT © Bogdan Chadkin
FAQs
fork with update to use Webpack v5, as needed with Node.js 17 ref: [webpack/webpack#14532 (comment 985083189)](https://github.com/webpack/webpack/issues/14532#issuecomment-985083189)
The npm package @brodybits/rollup-plugin-size-snapshot receives a total of 158 weekly downloads. As such, @brodybits/rollup-plugin-size-snapshot popularity was classified as not popular.
We found that @brodybits/rollup-plugin-size-snapshot demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 05 Sep 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Announcing Socket Fix 2.0
Socket Fix 2.0 brings targeted CVE remediation, smarter upgrade planning, and broader ecosystem support to help developers get to zero alerts.
By Martin Torp, John-David Dalton, Jeppe Fredsgaard Blaabjerg, Benjamin Barslev, Oskar Haarklou Veileborg - Sep 10, 2025
Security News
Feross on Risky Business Weekly Podcast: npm’s Ongoing Supply Chain Attacks
Socket CEO Feross Aboukhadijeh joins Risky Business Weekly to unpack recent npm phishing attacks, their limited impact, and the risks if attackers get smarter.
By Sarah Gooding - Sep 10, 2025