Product
Announcing Socket Certified Patches: One-Click Fixes for Vulnerable Dependencies
A safer, faster way to eliminate vulnerabilities without updating dependencies
By Mikola Lysenko, Jordan Harband, Jonah Ghebremichael - Nov 18, 2025
🚀 DAY 2 OF LAUNCH WEEK: Announcing Socket Certified Patches: One-Click Fixes for Vulnerable Dependencies.Learn more →
@embroider/addon-dev
Advanced tools
@embroider/addon-dev
Utilities for working on v2 addons.
For a guide on porting a V1 addon to V2, see https://github.com/embroider-build/embroider/blob/main/docs/porting-addons-to-v2.md
Rollup Utilities
@embroider/addon-dev/rollup exports utilities for building addons with rollup. To use them:
-
Add the following
devDependenciesto your addon:- @embroider/addon-dev
- rollup
- @babel/core
- @rollup/plugin-babel
-
Copy the
./sample-rollup.config.jsin this repo to your ownrollup.config.js. -
Copy the
./sample-babel.config.jsonin this repo to your ownbabel.config.json.
addon-dev command
The addon-dev command helps with common tasks in v2 addons.
- linking up a test application that is embedded within your addon's repo
- synchronizing
devDependenciesfrom an embedded test application out into your addon's actual package.json
(You can avoid the need for both of these if you keep your addon and its test app as separate packages in a monorepo instead.)
Contributing
See the top-level CONTRIBUTING.md in this monorepo.
License
This project is licensed under the MIT License.
FAQs
Utilities for addon authors
We found that @embroider/addon-dev demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 9 open source maintainers collaborating on the project.
Package last updated on 05 Mar 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Reachability for Ruby Now in Beta
Reachability analysis for Ruby is now in beta, helping teams identify which vulnerabilities are truly exploitable in their applications.
By Oskar Haarklou Veileborg - Nov 17, 2025
Research
/Security News
npm Malware Campaign Uses Adspect Cloaking to Deliver Malicious Redirects
Malicious npm packages use Adspect cloaking and fake CAPTCHAs to fingerprint visitors and redirect victims to crypto-themed scam sites.
By Olivia Brown - Nov 17, 2025