Security News
Crates.io Users Targeted by Phishing Emails
The Rust Security Response WG is warning of phishing emails from rustfoundation.dev targeting crates.io users.
By Sarah Gooding - Sep 12, 2025
@neodx/autobuild
Advanced tools
🛠️ autobuild - Zero configuration libraries builder
In early development
One command, one dependency and zero configuration to build your libraries.
Features
- Zero configuration with auto detection
- SWC additional configuration (
.swcrc) - Babel (
.babelrcor other formats) - we should replace (or add one more step?) swc with babel when we found.babelrc - CSS
- PostCSS (by default if we found
postcss.config.jsor any other pre-processor) - SCSS, LESS, Stylus
- Modules (
my-file.module.css) and global (any other) files
- PostCSS (by default if we found
- SWC additional configuration (
- Beautiful TypeScript support
- Builds clean TypeScript definitions
- Support configuration:
baseUrl, paths, externalHelpers, target, sourceMap, experimentalDecorators
- Multiple entries and outputs
- Different outputs:
CJS,ESM(.mjs),UMD - Single or multiple inputs: file, array, globs and all together
- Out-of-box split output on multiple entries
- wip
package.jsonupdate suggestion:exportsandtypesVersions
- Different outputs:
Installation and fast setup
Install autobuild with any package manager: yarn add -D @neodx/autobuild / npm i -D @neodx/autobuild.
Describe your package.json:
{
files: ['dist', 'README.md'],
scripts: {
build: 'autobuild src/index.ts'
}
}
And try to run our CLI: yarn autobuild
Known issues and limitations
Slow TypeScript definitions and CSS build time
We use rollup-plugin-dts and rollup-plugin-postcss,
both of them significant slow down the build time.
Probably, we will change our setup with other solutions or even with self-made plugins in future.
Limited CSS support - single file only, no imports in generated code
Unfortunately, currently we can't provide great CSS output :(
Supported features:
- CSS modules (
my-file.module.css), global styles - Scss, less, stylus
- PostCSS configuration
- Minification
Unsupported:
- Multiple entries - see our "advanced-mixed" example
- Import statements in built code, which is required for DX with multiple entries
Temporal milestones
-
[rejected]Replace postcss plugin with https://www.npmjs.com/package/rollup-plugin-styles - Add support for CSS splitting
- Research why swc remove
.scssextension - Fork
rollup-plugin-styles
FAQs
🛠️ autobuild - Zero configuration libraries builder
We found that @neodx/autobuild demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 21 May 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Custom Pull Request Alert Comment Headers
Socket now lets you customize pull request alert headers, helping security teams share clear guidance right in PRs to speed reviews and reduce back-and-forth.
By André Staltz - Sep 12, 2025
Product
Rust Support Now in Beta
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.
By Mikola Lysenko, Trevor Norris - Sep 11, 2025