Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
@rollup/plugin-node-resolve
Advanced tools
The @rollup/plugin-node-resolve package is a plugin for Rollup that allows it to resolve node_modules on your behalf, similar to how Node.js would work. It helps in bundling packages with Rollup by locating and bundling third-party dependencies from the node_modules directory.
Resolving modules from node_modules
Automatically resolves modules from the node_modules directory, allowing you to import dependencies in your project.
import resolve from '@rollup/plugin-node-resolve';
export default {
plugins: [
resolve()
]
};
Custom resolution for specific modules
Allows you to specify custom resolution options for modules, such as looking in different directories.
import resolve from '@rollup/plugin-node-resolve';
export default {
plugins: [
resolve({
customResolveOptions: {
moduleDirectory: 'custom_modules'
}
})
]
};
Browser field support for package.json
Respects the 'browser' field in package.json when bundling packages, which can specify alternative files to load for certain environments.
import resolve from '@rollup/plugin-node-resolve';
export default {
plugins: [
resolve({
browser: true
})
]
};
Main fields configuration
Allows configuration of which fields in package.json files it should look at when trying to resolve an import.
import resolve from '@rollup/plugin-node-resolve';
export default {
plugins: [
resolve({
mainFields: ['module', 'main']
})
]
};
Webpack is a powerful module bundler that comes with its own resolution mechanism similar to @rollup/plugin-node-resolve. It resolves modules by default and can be configured extensively via its configuration file.
Browserify is another bundler that allows you to require('modules') in the browser by bundling up all of your dependencies. It also has a resolution mechanism similar to Node.js, much like @rollup/plugin-node-resolve.
Parcel is a web application bundler that has zero configuration by default and includes a powerful module resolution system that works out of the box, similar to @rollup/plugin-node-resolve.
🍣 A Rollup plugin which locates modules using the Node resolution algorithm, for using third party modules in node_modules
This plugin requires an LTS Node version (v8.0.0+) and Rollup v1.20.0+.
Using npm:
npm install @rollup/plugin-node-resolve --save-dev
Create a rollup.config.js
configuration file and import the plugin:
import resolve from '@rollup/plugin-node-resolve';
export default {
input: 'src/index.js',
output: {
dir: 'output',
format: 'cjs'
},
plugins: [resolve()]
};
Then call rollup
either via the CLI or the API.
mainFields
Type: Array[...String]
Default: ['module', 'main']
Valid values: ['browser', 'jsnext', 'module', 'main']
Specifies the properties to scan within a package.json
, used to determine the bundle entry point. The order of property names is significant, as the first-found property is used as the resolved entry point. If the array contains 'browser'
, key/values specified in the package.json
browser
property will be used.
module
DEPRECATED: use "mainFields" instead
Use pkg.module
field for ES6 module if possible. This option takes precedence over both "jsnext" and "main" in the list if such are present.
jsnext
DEPRECATED: use "mainFields" instead
Use pkg['jsnext:main']
if possible, legacy field pointing to ES6 module in third-party libraries, deprecated in favor of pkg.module
, see: https://github.com/rollup/rollup/wiki/pkg.module. This option takes precedence over "main" in the list if such is present.
main
DEPRECATED: use "mainFields" instead
Use pkg.main
field or index.js, even if it's not an ES6 module (needs to be converted from CommonJS to ES6), see https://github.com/rollup/rollup-plugin-commonjs.
browser
Type: Boolean
Default: false
If true
, instructs the plugin to use the "browser"
property in package.json
files to specify alternative files to load for bundling. This is useful when bundling for a browser environment. Alternatively, a value of 'browser'
can be added to the mainFields
option. If false
, any "browser"
properties in package files will be ignored. This option takes precedence over mainFields
.
extensions
Type: Array[...String]
Default: ['.mjs', '.js', '.json', '.node']
Resolve extensions other than .js in the order specified.
preferBuiltins
Type: Boolean
Default: true
Whether to prefer built-in modules (e.g. fs
, path
) or local ones with the same names
jail
Type: String
Default: '/'
Lock the module search in this path (like a chroot). Modules defined outside this path will be marked as external.
only
Type: Array[...String|RegExp]
Default: null
Example: only: ['some_module', /^@some_scope\/.*$/]
modulesOnly
Type: Boolean
Default: false
If true, inspect resolved files to check that they are ES2015 modules.
dedupe
Type: Array[...String]
Default: []
Force resolving for these modules to root's node_modules that helps to prevent bundling the same package multiple times if package is imported from dependencies.
dedupe: [ 'react', 'react-dom' ]
customResolveOptions
Type: Boolean
Default: null
Any additional options that should be passed through to node-resolve.
customResolveOptions: {
moduleDirectory: 'js_modules'
}
rootDir
Type: String
Default: process.cwd()
Root directory to resolve modules from. Used when resolving entrypoint imports, and when resolving deduplicated modules. Useful when executing rollup in a package of a monorepository.
// Set the root directory to be the parent folder
rootDir: path.join(process.cwd(), '..')
Since most packages in your node_modules folder are probably legacy CommonJS rather than JavaScript modules, you may need to use @rollup/plugin-commonjs:
// rollup.config.js
import resolve from '@rollup/plugin-node-resolve';
import commonjs from '@rollup/plugin-commonjs';
export default {
input: 'main.js',
output: {
file: 'bundle.js',
format: 'iife',
name: 'MyModule'
},
plugins: [resolve(), commonjs()]
};
fs
)This plugin won't resolve any builtins (e.g. fs
). If you need to resolve builtins you can install local modules and set preferBuiltins
to false
, or install a plugin like rollup-plugin-node-builtins which provides stubbed versions of these methods.
If you want to silence warnings about builtins, you can add the list of builtins to the externals
option; like so:
import resolve from '@rollup/plugin-node-resolve';
import builtins from 'builtin-modules'
export default ({
input: ...,
plugins: [resolve()],
external: builtins,
output: ...
})
FAQs
Locate and bundle third-party dependencies in node_modules
The npm package @rollup/plugin-node-resolve receives a total of 4,396,254 weekly downloads. As such, @rollup/plugin-node-resolve popularity was classified as popular.
We found that @rollup/plugin-node-resolve demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.