Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
@esbuild/linux-x64
Advanced tools
The @esbuild/linux-x64 npm package is a pre-compiled binary of esbuild for Linux x64 systems. Esbuild is an extremely fast JavaScript bundler and minifier. It compiles JavaScript and TypeScript code, bundling it together for use in the browser. It can also minify CSS. This package is specifically built to run on Linux x64 environments, providing a seamless experience for developers working on these systems.
JavaScript and TypeScript bundling
This feature allows you to bundle JavaScript and TypeScript files into a single file. The code sample demonstrates how to bundle an entry file named 'app.js' into an output file named 'out.js'.
require('esbuild').build({
entryPoints: ['app.js'],
bundle: true,
outfile: 'out.js',
}).catch(() => process.exit(1))
Minifying JavaScript
This feature enables the minification of JavaScript files to reduce their size for production. The code sample shows how to minify a JavaScript file named 'app.js' into a smaller file named 'out.min.js'.
require('esbuild').build({
entryPoints: ['app.js'],
minify: true,
outfile: 'out.min.js',
}).catch(() => process.exit(1))
CSS bundling and minification
Esbuild can also bundle and minify CSS files. This code sample demonstrates bundling and minifying a CSS file named 'app.css' into 'out.css'.
require('esbuild').build({
entryPoints: ['app.css'],
bundle: true,
minify: true,
outfile: 'out.css',
}).catch(() => process.exit(1))
Webpack is a powerful module bundler for JavaScript applications. It offers a wide range of plugins and loaders to transform and bundle assets. Compared to @esbuild/linux-x64, webpack is more configurable but generally slower in terms of build time.
Rollup is another JavaScript module bundler that focuses on producing smaller bundles by eliminating unused code. It is particularly well-suited for libraries. Rollup is more similar to esbuild in terms of speed but does not match esbuild's raw performance.
Parcel is a web application bundler that offers out-of-the-box support for many web development languages and frameworks. It is known for its zero-configuration approach. Parcel provides a good balance between speed and ease of use but is generally slower than esbuild.
This is the Linux 64-bit binary for esbuild, a JavaScript bundler and minifier. See https://github.com/evanw/esbuild for details.
0.22.0
This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild
in your package.json
file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.21.0
or ~0.21.0
. See npm's documentation about semver for more information.
Omit packages from bundles by default when targeting node (#1874, #2830, #2846, #2915, #3145, #3294, #3323, #3582, #3809, #3815)
This breaking change is an experiment. People are commonly confused when using esbuild to bundle code for node (i.e. for --platform=node
) because some packages may not be intended for bundlers, and may use node-specific features that don't work with a bundler. Even though esbuild's "getting started" instructions say to use --packages=external
to work around this problem, many people don't read the documentation and don't do this, and are then confused when it doesn't work. So arguably this is a bad default behavior for esbuild to have if people keep tripping over this.
With this release, esbuild will now omit packages from the bundle by default when the platform is node
(i.e. the previous behavior of --packages=external
is now the default in this case). Note that your dependencies must now be present on the file system when your bundle is run. If you don't want this behavior, you can do --packages=bundle
to allow packages to be included in the bundle (i.e. the previous default behavior). Note that --packages=bundle
doesn't mean all packages are bundled, just that packages are allowed to be bundled. You can still exclude individual packages from the bundle using --external:
even when --packages=bundle
is present.
The --packages=
setting considers all import paths that "look like" package imports in the original source code to be package imports. Specifically import paths that don't start with a path segment of /
or .
or ..
are considered to be package imports. The only two exceptions to this rule are subpath imports (which start with a #
character) and TypeScript path remappings via paths
and/or baseUrl
in tsconfig.json
(which are applied first).
Drop support for older platforms (#3802)
This release drops support for the following operating systems:
This is because the Go programming language dropped support for these operating system versions in Go 1.21, and this release updates esbuild from Go 1.20 to Go 1.22.
Note that this only affects the binary esbuild executables that are published to the esbuild
npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.21). That might look something like this:
git clone https://github.com/evanw/esbuild.git
cd esbuild
go build ./cmd/esbuild
./esbuild.exe --version
In addition, this release increases the minimum required node version for esbuild's JavaScript API from node 12 to node 18. Node 18 is the oldest version of node that is still being supported (see node's release schedule for more information). This increase is because of an incompatibility between the JavaScript that the Go compiler generates for the esbuild-wasm
package and versions of node before node 17.4 (specifically the crypto.getRandomValues
function).
Update await using
behavior to match TypeScript
TypeScript 5.5 subtly changes the way await using
behaves. This release updates esbuild to match these changes in TypeScript. You can read more about these changes in microsoft/TypeScript#58624.
Allow es2024
as a target environment
The ECMAScript 2024 specification was just approved, so it has been added to esbuild as a possible compilation target. You can read more about the features that it adds here: https://2ality.com/2024/06/ecmascript-2024.html. The only addition that's relevant for esbuild is the regular expression /v
flag. With --target=es2024
, regular expressions that use the /v
flag will now be passed through untransformed instead of being transformed into a call to new RegExp
.
Publish binaries for OpenBSD on 64-bit ARM (#3665, #3674)
With this release, you should now be able to install the esbuild
npm package in OpenBSD on 64-bit ARM, such as on an Apple device with an M1 chip.
This was contributed by @ikmckenz.
Publish binaries for WASI (WebAssembly System Interface) preview 1 (#3300, #3779)
The upcoming WASI (WebAssembly System Interface) standard is going to be a way to run WebAssembly outside of a JavaScript host environment. In this scenario you only need a .wasm
file without any supporting JavaScript code. Instead of JavaScript providing the APIs for the host environment, the WASI standard specifies a "system interface" that WebAssembly code can access directly (e.g. for file system access).
Development versions of the WASI specification are being released using preview numbers. The people behind WASI are currently working on preview 2 but the Go compiler has released support for preview 1, which from what I understand is now considered an unsupported legacy release. However, some people have requested that esbuild publish binary executables that support WASI preview 1 so they can experiment with them.
This release publishes esbuild precompiled for WASI preview 1 to the @esbuild/wasi-preview1
package on npm (specifically the file @esbuild/wasi-preview1/esbuild.wasm
). This binary executable has not been tested and won't be officially supported, as it's for an old preview release of a specification that has since moved in another direction. If it works for you, great! If not, then you'll likely have to wait for the ecosystem to evolve before using esbuild with WASI. For example, it sounds like perhaps WASI preview 1 doesn't include support for opening network sockets so esbuild's local development server is unlikely to work with WASI preview 1.
Warn about onResolve
plugins not setting a path (#3790)
Plugins that return values from onResolve
without resolving the path (i.e. without setting either path
or external: true
) will now cause a warning. This is because esbuild only uses return values from onResolve
if it successfully resolves the path, and it's not good for invalid input to be silently ignored.
Add a new Go API for running the CLI with plugins (#3539)
With esbuild's Go API, you can now call cli.RunWithPlugins(args, plugins)
to pass an array of esbuild plugins to be used during the build process. This allows you to create a CLI that behaves similarly to esbuild's CLI but with additional Go plugins enabled.
This was contributed by @edewit.
FAQs
The Linux 64-bit binary for esbuild, a JavaScript bundler.
The npm package @esbuild/linux-x64 receives a total of 25,021,683 weekly downloads. As such, @esbuild/linux-x64 popularity was classified as popular.
We found that @esbuild/linux-x64 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.