Security News
Fluent Assertions Faces Backlash After Abandoning Open Source Licensing
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
@import-maps/generate
Advanced tools
Generate an import map based on your production dependencies
This will allow you to generate a flat import-map. It allows you to fix the "nested" npm problem for front end development.
Part of Open Web Components: guides, tools and libraries for modern web development and web components
::: warning Currently, only yarn.lock is supported :::
::: warning This is still in early beta (Windows paths are not supported yet) :::
importMap
property in package.jsonInstall:
yarn add --dev @import-maps/generate
You should generate the import map after you install dependencies by adding the script to your postinstall
hook in package.json
:
"scripts": {
"postinstall": "generate-import-map"
}
If you only want to try it out once to see what it will generate you can simply do so via:
npx @import-map/generate
## Configuration
You can add a importMap
key in your package.json
file to specify overrides, deletions or resolutions.
package.json
:
{
"name": "my-package",
"version": "0.0.0",
// ...
"importMap": {
"overrides": {
"imports": {},
"scopes": {}
},
"deletions": [],
"resolutions": {}
}
}
There may be times where you'll want to override certain imports. For example, if you're using the built-in std:kv-storage
module along with kv-storage-polyfill
for nonsupporting browsers, then kv-storage-polyfill
will be in your lockfile. The generated import map will look like this:
{
"imports": {
"kv-storage-polyfill": "/node_modules/kv-storage-polyfill/index.js",
"kv-storage-polyfill/": "/node_modules/kv-storage-polyfill/"
}
}
however what you actually want is to:
You can achieve that via an override in your package.json
's importMap
configuration:
{
"importMap": {
"overrides": {
"imports": {
"kv-storage-polyfill": ["std:kv-storage", "/node_modules/kv-storage-polyfill/index.js"]
}
},
"deletions": ["kv-storage-polyfill/"]
}
}
::: warning Note that if you apply overrides, you may also need to specify deletions for the generated package map in the import map. :::
Which will result in the following import map:
{
"imports": {
"std:kv-storage": ["std:kv-storage", "/node_modules/kv-storage-polyfill/index.js"]
}
}
Overrides may be useful for:
You can also override entire scopes:
{
"importMap": {
"overrides": {
"scopes": {
"lit-html/": "/path/to/lit-html/"
}
}
}
}
You can apply deletions to the generated import map by adding a deletions
property to your package.json:
package.json
:
{
"importMap": {
"deletions": {
"imports": ["kv-storage-polyfill"],
"scopes": ["kv-storage-polyfill/"]
}
}
}
There may be times where you have conflicting versions of the same package in your node_modules
. For example, one package may depend on lit-html@0.14.0
and another on lit-html@1.1.0
. In that case, the import map generator will prompt the user to pick a particular version to use canonically.
Alternatively, you can specify your own resolutions in your package.json.
package.json
:
{
"importMap": {
"resolutions": {
"lit-html": "1.1.0"
}
}
}
name | type | description |
---|---|---|
inject-to | string | Injects the import map to the specified html file |
FAQs
Generate an import map based on your production dependencies
The npm package @import-maps/generate receives a total of 9 weekly downloads. As such, @import-maps/generate popularity was classified as not popular.
We found that @import-maps/generate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.