Product
Introducing Manifest Alerts
Socket now detects supply chain risks in project manifests, starting with missing lockfiles that can make dependency installs non-reproducible.
By André Staltz, Trevor Norris - Jun 16, 2026
🚀. Socket Launch Week Day 2:Introducing Manifest Alerts.Learn more →
@jsxtools/rollup-plugin-copy
Advanced tools
@jsxtools/rollup-plugin-copy
@jsxtools/rollup-plugin-copy is a rollup plugin for copying files during the build process.
Installation
npm install @jsxtools/rollup-plugin-copy
Usage
import { rollupPluginCopy } from '@jsxtools/rollup-plugin-copy';
export default {
input: 'src/index.js',
output: {
file: 'dist/bundle.js',
format: 'es'
},
plugins: [
rollupPluginCopy({
rootDir: 'src',
distDir: 'dist',
include: ['src/**/*.css', 'src/**/*.png', 'src/**/*.svg'],
exclude: ['src/**/*.test.*']
})
]
};
Features
- Copies files from source to destination with glob pattern support.
- Only copies files that have changed using modification time and SHA-256 hash comparison.
- Maintains a cache to avoid unnecessary file operations.
- Handles file additions, changes, and deletions during development.
- Uses Copy-on-Write (CoW) optimization when available (APFS, Btrfs, XFS).
- Integrates with Rollup's asset system.
Configuration Options
cacheFile- Cache file for tracking changes (default:cpconfig.cpbuildinfo).include- Glob patterns for files to include (string or array).exclude- Glob patterns for files to exclude (string or array).distDir- Destination directory to copy files to (default:dist).workDir- Current working directory (default: current process directory).rootDir- Source directory to copy files from (default:src)
Examples
Copy CSS and Image Files
rollupPluginCopy({
rootDir: 'src',
distDir: 'dist',
include: [
'src/**/*.css',
'src/**/*.png',
'src/**/*.jpg',
'src/**/*.svg'
]
})
Copy with Exclusions
rollupPluginCopy({
rootDir: 'assets',
distDir: 'public',
include: ['assets/**/*'],
exclude: [
'assets/**/*.test.*',
'assets/**/.*'
]
})
Caching
The plugin maintains a cache file (default: cpconfig.cpbuildinfo) that tracks file modification times and SHA-256 hashes. This enables:
- Only changed files are copied (based on mtime comparison)
- Content verification using SHA-256 hashes when mtime differs
- Detection of removed files for cleanup
- Minimal file system operations during development
- Incremental builds with accurate change detection
API
The plugin exports both the main plugin and a separate API:
rollupPluginCopy()- The main Rollup pluginCopyAPI- Available via@jsxtools/rollup-plugin-copy/api
import { CopyAPI } from '@jsxtools/rollup-plugin-copy/api';
const copyApi = new CopyAPI();
copyApi.init({
rootDir: 'src',
distDir: 'dist',
include: ['src/**/*.css']
});
Peer Dependencies
rollup^4.6.0
License
MIT-0
FAQs
A Rollup plugin for copying files during the build process.
We found that @jsxtools/rollup-plugin-copy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 06 Oct 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
GlassWASM: WebAssembly Malware Found in Trojanized Open VSX Extensions
The trojanized extensions use TinyGo-compiled WebAssembly and Solana transaction memos to resolve command-and-control infrastructure.
By Joseph Edwards - Jun 15, 2026
Security News
US Government Forces Anthropic to Pull Claude Fable Days After Launch
Anthropic says the directive cited national security concerns over a narrow jailbreak, but offered no specific technical details.
By Sarah Gooding - Jun 13, 2026