Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@h4ad/node-modules-packer
Advanced tools
Use Cases | Usage | Examples | Headless | Benchmarks | Reference
This is a library to package all your node_modules and other files you want inside your project to a zip file.
It's like using npm prune --production
but without all the heavy I/O operations.
You can use this library to deploy applications in serverless environments, for example, without having to do
lots of crazy configurations with webpack, also this library allows you to minify all .js
files using esbuild
.
I personally created this library inspired by an internal library I created for my company to deploy our NestJS apps
for AWS Lambda.
With this guy I improve deployment time by up to 441% (284% minified) and reduce the bundle
size by up to ~40% (~55% minified) with the benefit that my Webstorm doesn't go crazy with dependency indexing
every time I deploy because I no longer need to run npm prune --production
just to get a descending build size.
Wait, you're asking me why I build and deploy the APIs on my computer instead of using CI/CD?
Well the answer is pretty simple, I want to be in control of these things
and we didn't have a CI/CD until a few months ago.
In which cases this library might suit you:
.js
files, see --minify
flag.dist
to build
.In which cases this library might not fit you:
First, install the library with global flag:
npm i -g @h4ad/node-modules-packer
Then, enter inside the project you want to pack and run:
node-modules-packer run ./
By default, this command will:
deploy.zip
.Include more files in the deploy.zip
:
node-modules-packer run ./ -i dist -i package.json -i package-lock.json
During including, if you need to remap, you can use :
between the paths:
node-modules-packer run ./ -i dist:build -i package.json:dist/package.json
Minify all .js
files to reduce the bundle size:
node-modules-packer run ./ -i dist --minify
All
.js
files are minified, including files and folders that you include with-i
flag.
If you want to preserve the class names, properties and other symbols, you can run with --minify-keep-names
:
node-modules-packer run ./ -i dist --minify --minify-keep-names
Exclude unwanted file extensions from node_modules:
# This will exclude all json files from `deploy.zip`.
node-modules-packer run ./ -e .json
Include development/peer/optional dependencies (why?):
node-modules-packer run ./ --dev
node-modules-packer run ./ --peer
node-modules-packer run ./ --optional
# or have all at once
node-modules-packer run ./ --dev --peer --optional
Disable default ignored extensions (too much or we ignore something you want?):
See the full list here. to know what you will leave inside your zip file if you run with this flag.
node-modules-packer run ./ --disable-default-ignore-file-ext
Ignore some node folders/paths that you know that should be OUT of your zip file:
node-modules-packer run ./ --ignore-node-path="typeorm/browser" --ignore-node-path="aws-sdk"
Or include some node folders/paths that you know that should be INSIDE of your zip file, this is particulary usefull if you have some dependency with some misconfiguration of their dependencies.
# the path will be concatenated with `node_modules`, so this became
# `node_modules/some-dependency-you-want`
node-modules-packer run ./ --include-node-path="some-dependency-you-want"
We don't include sub-dependencies of these folders, so if that dependency has another dependency, that dependency might be outside your zip.
You can change the output path and the output filename with:
node-modules-packer run ./ --output-path ./deploy --output-file result.zip
You can use this library in headless mode, for example, for cases where there is a lot of customization.
import Run from '@h4ad/node-modules-packer/lib/commands/run';
// this is my configuration to deploy my NestJS APIs
// to AWS Lambda
const result = await Run.headless({
dir: './',
ignoreNodePath: ['typeorm/browser', 'aws-crt/dist/bin', 'aws-crt/dist.browser', 'sqlite3', 'aws-sdk'],
include: ['dist', 'ormconfig.js'],
outputPath: './deploy',
outputFile: 'deploy.zip',
minify: true,
minifyKeepNames: true,
});
console.log(result.size);
console.log(result.file);
console.log(result.path);
See here more about.
node-modules-packer autocomplete [SHELL]
node-modules-packer commands
node-modules-packer help [COMMAND]
node-modules-packer plugins
node-modules-packer plugins:install PLUGIN...
node-modules-packer plugins:inspect PLUGIN...
node-modules-packer plugins:install PLUGIN...
node-modules-packer plugins:link PLUGIN
node-modules-packer plugins:uninstall PLUGIN...
node-modules-packer plugins:uninstall PLUGIN...
node-modules-packer plugins:uninstall PLUGIN...
node-modules-packer plugins:update
node-modules-packer run [DIR]
node-modules-packer version
node-modules-packer autocomplete [SHELL]
display autocomplete installation instructions
USAGE
$ node-modules-packer autocomplete [SHELL] [-r]
ARGUMENTS
SHELL shell type
FLAGS
-r, --refresh-cache Refresh cache (ignores displaying instructions)
DESCRIPTION
display autocomplete installation instructions
EXAMPLES
$ node-modules-packer autocomplete
$ node-modules-packer autocomplete bash
$ node-modules-packer autocomplete zsh
$ node-modules-packer autocomplete --refresh-cache
See code: @oclif/plugin-autocomplete
node-modules-packer commands
list all the commands
USAGE
$ node-modules-packer commands [--json] [-h] [--hidden] [--tree] [--columns <value> | -x] [--sort <value>]
[--filter <value>] [--output csv|json|yaml | | [--csv | --no-truncate]] [--no-header | ]
FLAGS
-h, --help Show CLI help.
-x, --extended show extra columns
--columns=<value> only show provided columns (comma-separated)
--csv output is csv format [alias: --output=csv]
--filter=<value> filter property by partial string matching, ex: name=foo
--hidden show hidden commands
--no-header hide table header from output
--no-truncate do not truncate output to fit screen
--output=<option> output in a more machine friendly format
<options: csv|json|yaml>
--sort=<value> property to sort by (prepend '-' for descending)
--tree show tree of commands
GLOBAL FLAGS
--json Format output as json.
DESCRIPTION
list all the commands
See code: @oclif/plugin-commands
node-modules-packer help [COMMAND]
Display help for node-modules-packer.
USAGE
$ node-modules-packer help [COMMAND] [-n]
ARGUMENTS
COMMAND Command to show help for.
FLAGS
-n, --nested-commands Include all nested commands in the output.
DESCRIPTION
Display help for node-modules-packer.
See code: @oclif/plugin-help
node-modules-packer plugins
List installed plugins.
USAGE
$ node-modules-packer plugins [--core]
FLAGS
--core Show core plugins.
DESCRIPTION
List installed plugins.
EXAMPLES
$ node-modules-packer plugins
See code: @oclif/plugin-plugins
node-modules-packer plugins:install PLUGIN...
Installs a plugin into the CLI.
USAGE
$ node-modules-packer plugins:install PLUGIN...
ARGUMENTS
PLUGIN Plugin to install.
FLAGS
-f, --force Run yarn install with force flag.
-h, --help Show CLI help.
-v, --verbose
DESCRIPTION
Installs a plugin into the CLI.
Can be installed from npm or a git url.
Installation of a user-installed plugin will override a core plugin.
e.g. If you have a core plugin that has a 'hello' command, installing a user-installed plugin with a 'hello' command
will override the core plugin implementation. This is useful if a user needs to update core plugin functionality in
the CLI without the need to patch and update the whole CLI.
ALIASES
$ node-modules-packer plugins:add
EXAMPLES
$ node-modules-packer plugins:install myplugin
$ node-modules-packer plugins:install https://github.com/someuser/someplugin
$ node-modules-packer plugins:install someuser/someplugin
node-modules-packer plugins:inspect PLUGIN...
Displays installation properties of a plugin.
USAGE
$ node-modules-packer plugins:inspect PLUGIN...
ARGUMENTS
PLUGIN [default: .] Plugin to inspect.
FLAGS
-h, --help Show CLI help.
-v, --verbose
DESCRIPTION
Displays installation properties of a plugin.
EXAMPLES
$ node-modules-packer plugins:inspect myplugin
See code: @oclif/plugin-plugins
node-modules-packer plugins:install PLUGIN...
Installs a plugin into the CLI.
USAGE
$ node-modules-packer plugins:install PLUGIN...
ARGUMENTS
PLUGIN Plugin to install.
FLAGS
-f, --force Run yarn install with force flag.
-h, --help Show CLI help.
-v, --verbose
DESCRIPTION
Installs a plugin into the CLI.
Can be installed from npm or a git url.
Installation of a user-installed plugin will override a core plugin.
e.g. If you have a core plugin that has a 'hello' command, installing a user-installed plugin with a 'hello' command
will override the core plugin implementation. This is useful if a user needs to update core plugin functionality in
the CLI without the need to patch and update the whole CLI.
ALIASES
$ node-modules-packer plugins:add
EXAMPLES
$ node-modules-packer plugins:install myplugin
$ node-modules-packer plugins:install https://github.com/someuser/someplugin
$ node-modules-packer plugins:install someuser/someplugin
See code: @oclif/plugin-plugins
node-modules-packer plugins:link PLUGIN
Links a plugin into the CLI for development.
USAGE
$ node-modules-packer plugins:link PLUGIN
ARGUMENTS
PATH [default: .] path to plugin
FLAGS
-h, --help Show CLI help.
-v, --verbose
DESCRIPTION
Links a plugin into the CLI for development.
Installation of a linked plugin will override a user-installed or core plugin.
e.g. If you have a user-installed or core plugin that has a 'hello' command, installing a linked plugin with a 'hello'
command will override the user-installed or core plugin implementation. This is useful for development work.
EXAMPLES
$ node-modules-packer plugins:link myplugin
See code: @oclif/plugin-plugins
node-modules-packer plugins:uninstall PLUGIN...
Removes a plugin from the CLI.
USAGE
$ node-modules-packer plugins:uninstall PLUGIN...
ARGUMENTS
PLUGIN plugin to uninstall
FLAGS
-h, --help Show CLI help.
-v, --verbose
DESCRIPTION
Removes a plugin from the CLI.
ALIASES
$ node-modules-packer plugins:unlink
$ node-modules-packer plugins:remove
node-modules-packer plugins:uninstall PLUGIN...
Removes a plugin from the CLI.
USAGE
$ node-modules-packer plugins:uninstall PLUGIN...
ARGUMENTS
PLUGIN plugin to uninstall
FLAGS
-h, --help Show CLI help.
-v, --verbose
DESCRIPTION
Removes a plugin from the CLI.
ALIASES
$ node-modules-packer plugins:unlink
$ node-modules-packer plugins:remove
See code: @oclif/plugin-plugins
node-modules-packer plugins:uninstall PLUGIN...
Removes a plugin from the CLI.
USAGE
$ node-modules-packer plugins:uninstall PLUGIN...
ARGUMENTS
PLUGIN plugin to uninstall
FLAGS
-h, --help Show CLI help.
-v, --verbose
DESCRIPTION
Removes a plugin from the CLI.
ALIASES
$ node-modules-packer plugins:unlink
$ node-modules-packer plugins:remove
node-modules-packer plugins:update
Update installed plugins.
USAGE
$ node-modules-packer plugins:update [-h] [-v]
FLAGS
-h, --help Show CLI help.
-v, --verbose
DESCRIPTION
Update installed plugins.
See code: @oclif/plugin-plugins
node-modules-packer run [DIR]
Pack files and node dependencies to zip file.
USAGE
$ node-modules-packer run [DIR] [--json] [-i <value>] [-e <value>] [--disable-default-ignore-file-ext]
[--include-node-path <value>] [--ignore-node-path <value>] [--prod] [--peer] [--dev] [--optional] [--output-path
<value>] [--output-file <value>] [--minify] [--minify-keep-names] [-q]
ARGUMENTS
DIR [default: ./] Project root directory
FLAGS
-e, --ignore-file-ext=<value>... Force ignore specific file extension.
-i, --include=package.json... Include more files during packing (eg: -i dist).
-q, --quiet Run without logging.
--[no-]dev Include development dependencies when pack node dependencies.
--[no-]disable-default-ignore-file-ext Disable including default ignored extensions that we consider as useless.
--ignore-node-path=typeorm/browser... Force exclude folders starting with specified path (eg: -n "typeorm/browser"
will exclude node_modules/typeorm/browser).
--include-node-path=dev-dependency... Force include folders starting with the specified path (eg --include-node-path
"dev-dependency" will include node_modules/dev-dependency), but you need to
MANUALLY add your sub-dependencies if dev-dependency has production
dependencies.
--[no-]minify Minify each .js file with esbuild.
--[no-]minify-keep-names Keep the names during minification.
--[no-]optional Include optional dependencies when pack node dependencies.
--output-file=<value> [default: deploy.zip] Specify output file name for the zip file.
--output-path=<value> [default: ./] Specify output path for the zip file.
--[no-]peer Include peer dependencies when pack node dependencies.
--[no-]prod Include production dependencies when pack node dependencies.
GLOBAL FLAGS
--json Format output as json.
DESCRIPTION
Pack files and node dependencies to zip file.
EXAMPLES
$ node-modules-packer run /project/path -i dist
See code: src/commands/run/index.ts
node-modules-packer version
USAGE
$ node-modules-packer version [--json] [--verbose]
FLAGS
--verbose Show additional information about the CLI.
GLOBAL FLAGS
--json Format output as json.
FLAG DESCRIPTIONS
--verbose Show additional information about the CLI.
Additionally shows the architecture, node version, operating system, and versions of plugins that the CLI is using.
See code: @oclif/plugin-version
See code: src/commands/run/index.ts
FAQs
🚀 Node Modules Packer
We found that @h4ad/node-modules-packer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.