Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@craco/craco
Advanced tools
Create React App Configuration Override, an easy and comprehensible configuration layer for create-react-app v2.
@craco/craco is a configuration layer for Create React App (CRA) that allows you to customize the default CRA configuration without ejecting. It provides a way to override the Webpack configuration, Babel configuration, and other settings in a more flexible and maintainable way.
Webpack Configuration Override
This feature allows you to override the default Webpack configuration provided by Create React App. In this example, the CracoLessPlugin is used to customize the primary color in a LESS file.
const CracoLessPlugin = require('craco-less');
module.exports = {
plugins: [
{
plugin: CracoLessPlugin,
options: {
lessLoaderOptions: {
lessOptions: {
modifyVars: { '@primary-color': '#1DA57A' },
javascriptEnabled: true,
},
},
},
},
],
};
Babel Configuration Override
This feature allows you to override the default Babel configuration. In this example, the Babel plugin for decorators is added to the configuration.
module.exports = {
babel: {
plugins: [
['@babel/plugin-proposal-decorators', { legacy: true }],
],
},
};
ESLint Configuration Override
This feature allows you to override the default ESLint configuration. In this example, the 'no-console' rule is turned off.
module.exports = {
eslint: {
enable: true,
mode: 'extends',
configure: {
rules: {
'no-console': 'off',
},
},
},
};
customize-cra is another package that allows you to override the default Create React App configuration without ejecting. It provides a set of utilities to customize Webpack, Babel, and other configurations. Compared to @craco/craco, customize-cra is more focused on providing utility functions for common customizations, whereas @craco/craco offers a more structured plugin system.
react-app-rewired is a package that lets you override the Create React App configuration without ejecting. It allows you to modify the Webpack configuration and other settings by providing a config-overrides.js file. Compared to @craco/craco, react-app-rewired is simpler but less flexible, as it does not offer a plugin system.
Create React App Configuration Override is an easy and comprehensible configuration layer for create-react-app v2.
Get all the benefits of create-react-app and customization without using 'eject' by adding a single craco.config.js
file at the root of your application and customize your eslint, babel, postcss configurations and many more.
All you have to do is create your app using create-react-app and customize the configuration with a craco.config.js
file.
craco
.Acknowledgements:
We are grateful to @timarney the creator of react-app-rewired for his original idea.
Also, please note that the configuration style of this plugin has been greatly influenced by the way Vue CLI does it.
Please Note:
By doing this you're breaking the "guarantees" that CRA provides. That is to say you now "own" the configs. No support will be provided. Proceed with caution.
Install the plugin from npm:
$ npm install @craco/craco --save-dev
Create a craco.config.js
file in the root directory:
my-app
├── node_modules
├── craco.config.js
└── package.json
Export your configuration as an object literal:
/* craco.config.js */
module.exports = {
...
}
or a function:
/* craco.config.js */
module.exports = function({ env, paths }) {
return {
...
};
}
Update the existing calls to react-scripts
in the scripts
section of your package.json
file to use the craco
CLI:
/* package.json */
"scripts": {
- "start": "react-scripts start",
+ "start": "craco start",
- "build": "react-scripts build",
+ "build": "craco build"
- "build": "react-scripts test",
+ "build": "craco test"
}
Start your app for development:
$ npm start
Or build your app:
$ npm run build
When you execute craco start
or craco build
a few options are available.
To change the location of the configuration file:
"scripts": {
"start": "craco --config config/craco-config-with-custom-name.js"
}
To use a custom version of the react-scripts
packages:
"scripts": {
"start": "craco --react-scripts react-scripts-ts"
}
To activate verbose logging:
"scripts": {
"start": "craco --verbose"
}
When the property mode is available there are 2 possible values:
extends
: the provided configuration will extends the CRA settings (default mode)file
: the CRA settings will be reseted and you will provide an official configuration file for the plugin (postcss, eslint) that will supersede any settings.const { paths, when, whenDev, whenProd, whenTest, ESLINT_MODES, POSTCSS_MODES } = require("craco");
module.exports = {
style: {
modules: {
localIdentName: ""
},
css: {
loaderOptions: { /* Any css-loader configuration options: https://github.com/webpack-contrib/css-loader. */ },
loaderOptions: (cssLoaderOptions, { env, paths }) => { return cssLoaderOptions; }
},
sass: {
loaderOptions: { /* Any sass-loader configuration options: https://github.com/webpack-contrib/sass-loader. */ },
loaderOptions: (sassLoaderOptions, { env, paths }) => { return sassLoaderOptions; }
},
postcss: {
mode: "extends" /* (default value) */ || "file",
plugins: [],
loaderOptions: { /* Any postcss-loader configuration options: https://github.com/postcss/postcss-loader. */ },
loaderOptions: (postcssLoaderOptions, { env, paths }) => { return postcssLoaderOptions; }
}
},
eslint: {
enable: true,
mode: "extends" /* (default value) */ || "file",
configure: { /* Any eslint configuration options: https://eslint.org/docs/user-guide/configuring */ },
configure: (eslintConfig, { env, paths }) => { return eslintConfig; },
loaderOptions: { /* Any eslint-loader configuration options: https://github.com/webpack-contrib/eslint-loader. */ },
loaderOptions: (eslintOptions, { env, paths }) => { return eslintOptions; }
},
babel: {
presets: [],
plugins: [],
loaderOptions: { /* Any babel-loader configuration options: https://github.com/babel/babel-loader. */ },
loaderOptions: (babelLoaderOptions, { env, paths }) => { return babelLoaderOptions; }
},
webpack: {
alias: {},
plugins: [],
configure: { /* Any eslint-loader configuration options: https://github.com/webpack-contrib/eslint-loader. */ },
configure: (webpackConfig, { env, paths }) => { return webpackConfig; }
},
jest: {
babel: {
addPresets: true, // (default value)
addPlugins: true // (default value)
},
configure: { /* Any Jest configuration options: https://jestjs.io/docs/en/configuration. */ },
configure: (jestConfig, { env, paths, resolve, rootDir }) => { return jestConfig; }
},
devServer: { /* Any devServer configuration options: https://webpack.js.org/configuration/dev-server/#devserver. */ },
devServer: (devServerConfig, { env, paths, proxy, allowedHost }) => { return devServerConfig; },
plugins: [
{
plugin: {
overrideCracoConfig: ({ cracoConfig, pluginOptions, context: { env, paths } }) => { return cracoConfig; },
overrideWebpackConfig: ({ webpackConfig, cracoConfig, pluginOptions, context: { env, paths } }) => { return webpackConfig; },
overrideJestConfig: ({ jestConfig, cracoConfig, pluginOptions, context: { env, paths, resolve, rootDir } }) => { return jestConfig };
},
options: {}
}
]
};
There are 3 functions available to a plugin:
overrideCracoConfig
: Let a plugin customize the config object before it's process by craco
.overrideWebpackConfig
: Let a plugin customize the webpack
config that will be used by CRA.overrideJestConfig
: Let a plugin customize the Jest
config that will be used by CRA.Important:
Every functions must return the updated config object.
The function overrideCracoConfig
let a plugin override the config object before it's process by craco
.
If a plugin define the function, it will be called with the config object read from the craco.config.js
file provided by the consumer.
The function must return a valid config object, otherwise craco
will throw an error.
The function will be called with a single object argument having the following structure:
{
cracoConfig: "The config object read from the craco.config.js file provided by the consumer",
pluginOptions: "The plugin options provided by the consumer",
context: {
env: "The current NODE_ENV (development, production, etc..)",
paths: "An object that contains all the paths used by CRA"
}
}
Plugin:
/* craco-plugin-log-craco-config.js */
module.exports = {
overrideCracoConfig: ({ cracoConfig, pluginOptions, context: { env, paths } }) => {
if (pluginOptions.preText) {
console.log(pluginOptions.preText);
}
console.log(JSON.stringify(craconfig, null, 4));
// Always return the config object.
return cracoConfig;
}
};
Registration (in a craco.config.js
file):
const logCracoConfigPlugin = require("./craco-plugin-log-craco-config");
module.exports = {
...
plugins: [
{ plugin: logCracoConfigPlugin, options: { preText: "Will log the craco config:" } }
]
};
The function overrideWebpackConfig
let a plugin override the webpack
config object after it's been customized by craco
.
The function must return a valid config object, otherwise craco
will throw an error.
The function will be called with a single object argument having the following structure:
{
webpackConfig: "The webpack config object already customized by craco",
cracoConfig: "The configuration object read from the craco.config.js file provided by the consumer",
pluginOptions: "The plugin options provided by the consumer",
context: {
env: "The current NODE_ENV (development, production, etc..)",
paths: "An object that contains all the paths used by CRA"
}
}
Plugin:
/* craco-plugin-log-webpack-config.js */
module.exports = {
overrideWebpackConfig: ({ webpackConfig, cracoConfig, pluginOptions, context: { env, paths } }) => {
if (pluginOptions.preText) {
console.log(pluginOptions.preText);
}
console.log(JSON.stringify(webpackConfig, null, 4));
// Always return the config object.
return webpackConfig;
}
};
Registration (in a craco.config.js
file):
const logWebpackConfigPlugin = require("./craco-plugin-log-webpack-config");
module.exports = {
...
plugins: [
{ plugin: logWebpackConfigPlugin, options: { preText: "Will log the webpack config:" } }
]
};
The function overrideJestConfig
let a plugin override the Jest
config object after it's been customized by craco
.
The function must return a valid config object, otherwise craco
will throw an error.
The function will be called with a single object argument having the following structure:
{
jestConfig: "The Jest config object already customized by craco",
cracoConfig: "The configuration object read from the craco.config.js file provided by the consumer",
pluginOptions: "The plugin options provided by the consumer",
context: {
env: "The current NODE_ENV (development, production, etc..)",
paths: "An object that contains all the paths used by CRA",
resolve: "Provided by CRA",
rootDir: "Provided by CRA"
}
}
Plugin:
/* craco-plugin-log-jest-config.js */
module.exports = {
overrideJestConfig: ({ jestConfig, cracoConfig, pluginOptions, context: { env, paths, resolve, rootDir } }) => {
if (pluginOptions.preText) {
console.log(pluginOptions.preText);
}
console.log(JSON.stringify(jestConfig, null, 4));
// Always return the config object.
return jestConfig;
}
};
Registration (in a craco.config.js
file):
const logJestConfigPlugin = require("./craco-plugin-log-jest-config");
module.exports = {
...
plugins: [
{ plugin: logJestConfigPlugin, options: { preText: "Will log the Jest config:" } }
]
};
A few utility functions are provided by craco
to develop a plugin:
const { getLoader, getLoaders, removeLoader, loaderByName } = require("craco");
Retrieve the first loader that match the specified criteria from the webpack config.
Returns:
{
isFound: true | false,
match: {
loader,
parent,
index
}
}
Usage:
const { getLoader, loaderByName } = require("craco");
const { isFound, match } = getLoader(webpackConfig, loaderByName("eslint-loader"));
if (isFound) {
// do stuff...
}
Retrieve all the loaders that match the specified criteria from the webpack config.
Returns:
{
hasFoundAny: true | false,
matches: [
{
loader,
parent,
index
}
]
}
Usage:
const { getLoaders, loaderByName } = require("craco");
const { hasFoundAny, matches } = getLoaders(webpackConfig, loaderByName("babel-loader"));
if (hasFoundAny) {
matches.forEach(x => {
// do stuff...
});
}
Remove the first loader that match the specified criteria from the webpack config.
Usage:
const { removeLoader, loaderByName } = require("craco");
removeLoader(webpackConfig, loaderByName("eslint-loader"));
@timarney for having created react-app-rewired.
Copyright © 2018, Groupe Sharegate inc. This code is licensed under the Apache License, Version 2.0. You may obtain a copy of this license at https://github.com/sharegate/craco/blob/master/LICENSE.
FAQs
Create React App Configuration Override, an easy and comprehensible configuration layer for create-react-app.
We found that @craco/craco demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.