Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@condenast/bundlesize

Package Overview
Dependencies
Maintainers
233
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@condenast/bundlesize

Keep your library size in check

0.18.1
latest
Source
npmnpm
Version published
Maintainers
233
Created
Source



Keep your bundle size in check

 

Build Status NPM Version NPM Downloads  

minimal setup

npm install bundlesize --save-dev

 

usage

Add it to your scripts in package.json

"scripts": {
  "test": "bundlesize"
}

 

Or you can use npx with NPM 5.2+.

npx bundlesize

configuration

 

1) Add the path and maxSize in your package.json.

By default the gzipped size is tested. You can use the compression option to change this. (gzip, brotli, or none).

{
  "name": "your cool library",
  "version": "1.1.2",
  "bundlesize": [
    {
      "path": "./dist.js",
      "maxSize": "3 kB"
    }
  ]
}

bundlesize also supports glob patterns

Example:

"bundlesize": [
  {
    "path": "./dist/vendor-*.js",
    "maxSize": "3 kB"
  },
  {
    "path": "./dist/chunk-*.js",
    "maxSize": "3 kB"
  }
]

This makes it great for using with applications that are bundled with another tool. It will match multiple files if necessary and create a new row for each file.

 

2) build status

build status

Currently works for Travis CI, CircleCI, Wercker, and Drone.

  • Authorize bundlesize for status access, copy the token provided.
  • Add this token as BUNDLESIZE_GITHUB_TOKEN as environment parameter in your CIs project settings.

(Ask me for help if you're stuck)

 

CLI

example usage:

bundlesize -f "dist/*.js" -s 20kB

For more granular configuration, we recommend configuring it in the package.json (documented above).

 

like it?

:star: this repo

 

how to contribute?

 

Featured on Totally tooling tips and Chrome Dev Summit!!

 

who uses bundlesize?

 

TODO

  • Work with other CI tools
  • Automate setup (setting env_var)

 

similar projects

Contributors

This project exists thanks to all the people who contribute. [Contribute].

license

MIT © siddharthkp

Keywords

library
size
check
build
maxSize

FAQs

Package last updated on 12 Feb 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Risky Biz Podcast: Making Reachability Analysis Work in Real-World Codebases

Security News

Risky Biz Podcast: Making Reachability Analysis Work in Real-World Codebases

This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.

By Sarah Gooding  -  Aug 28, 2025
Nx npm Packages Compromised in Supply Chain Attack Weaponizing AI CLI Tools

Security News

/

Research

Nx npm Packages Compromised in Supply Chain Attack Weaponizing AI CLI Tools

Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.

By Sarah Gooding, Olivia Brown, Peter van der Zee  -  Aug 27, 2025
SocketSocket SOC 2 Logo

Product

About

Packages

Explore npm
Explore Cargo
Explore Go
Explore Maven
Explore NuGet
Explore PyPI
Explore Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc

U.S. Patent No. 12,346,443 & 12,314,394. Other pending.