Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@rollup/pluginutils
Advanced tools
The @rollup/pluginutils package provides a suite of utility functions commonly used by Rollup plugins. These utilities help with tasks such as filtering files to be included in the bundle, creating minimatch instances, and handling module IDs.
createFilter
createFilter allows you to create a filter function that can be used to determine whether a file should be included or excluded based on the provided include and exclude patterns.
import { createFilter } from '@rollup/pluginutils';
const filter = createFilter(include, exclude);
if (filter(somePath)) {
// Handle the file
}
dataToEsm
dataToEsm converts a JSON object to an ES module string, which can be useful for injecting configuration or other data into your bundle.
import { dataToEsm } from '@rollup/pluginutils';
const data = { foo: 'bar' };
const esModule = dataToEsm(data);
// esModule is now a string of ESM code representing the data
addExtension
addExtension ensures that a file path has the specified extension. If it already has the extension, it returns the path unchanged.
import { addExtension } from '@rollup/pluginutils';
const filename = addExtension('myfile', '.js');
// filename is now 'myfile.js'
Micromatch is a glob matching library that can be used to create filter functions similar to the createFilter utility in @rollup/pluginutils. It offers more extensive globbing capabilities but does not provide the other utilities found in @rollup/pluginutils.
Magic-string is a library for generating source maps and manipulating strings, which can be useful for plugin authors who need to modify code and track changes. While it doesn't offer the same utilities as @rollup/pluginutils, it is often used in conjunction with it for source map generation.
A set of utility functions commonly used by 🍣 Rollup plugins.
This plugin requires an LTS Node version (v8.0.0+) and Rollup v1.20.0+.
Using npm:
npm install @rollup/pluginutils --save-dev
import utils from '@rollup/pluginutils';
//...
Available utility functions are listed below:
Note: Parameter names immediately followed by a ?
indicate that the parameter is optional.
Adds an extension to a module ID if one does not exist.
Parameters: (filename: String, ext?: String)
Returns: String
import { addExtension } from '@rollup/pluginutils';
export default function myPlugin(options = {}) {
return {
resolveId(code, id) {
// only adds an extension if there isn't one already
id = addExtension(id); // `foo` -> `foo.js`, `foo.js -> foo.js`
id = addExtension(id, '.myext'); // `foo` -> `foo.myext`, `foo.js -> `foo.js`
}
};
}
Attaches Scope
objects to the relevant nodes of an AST. Each Scope
object has a scope.contains(name)
method that returns true
if a given name is defined in the current scope or a parent scope.
Parameters: (ast: Node, propertyName?: String)
Returns: Object
See rollup-plugin-inject or rollup-plugin-commonjs for an example of usage.
import { attachScopes } from '@rollup/pluginutils';
import { walk } from 'estree-walker';
export default function myPlugin(options = {}) {
return {
transform(code) {
const ast = this.parse(code);
let scope = attachScopes(ast, 'scope');
walk(ast, {
enter(node) {
if (node.scope) scope = node.scope;
if (!scope.contains('foo')) {
// `foo` is not defined, so if we encounter it,
// we assume it's a global
}
},
leave(node) {
if (node.scope) scope = scope.parent;
}
});
}
};
}
Constructs a filter function which can be used to determine whether or not certain modules should be operated upon.
Parameters: (include?: <minmatch>, exclude?: <minmatch>, options?: Object)
Returns: String
include
and exclude
Type: String | Array[String|RegExp]
A valid minimatch
pattern, or array of patterns. If options.include
is omitted or has zero length, filter will return true
by default. Otherwise, an ID must match one or more of the minimatch
patterns, and must not match any of the options.exclude
patterns.
options
resolve
Type: String | Boolean | null
Optionally resolves the patterns against a directory other than process.cwd()
. If a String
is specified, then the value will be used as the base directory. Relative paths will be resolved against process.cwd()
first. If false
, then the patterns will not be resolved against any directory. This can be useful if you want to create a filter for virtual module names.
import { createFilter } from '@rollup/pluginutils';
export default function myPlugin(options = {}) {
// assume that the myPlugin accepts options of `options.include` and `options.exclude`
var filter = createFilter(options.include, options.exclude, {
resolve: '/my/base/dir'
});
return {
transform(code, id) {
if (!filter(id)) return;
// proceed with the transformation...
}
};
}
Transforms objects into tree-shakable ES Module imports.
Parameters: (data: Object)
Returns: String
data
Type: Object
An object to transform into an ES module.
import { dataToEsm } from '@rollup/pluginutils';
const esModuleSource = dataToEsm(
{
custom: 'data',
to: ['treeshake']
},
{
compact: false,
indent: '\t',
preferConst: false,
objectShorthand: false,
namedExports: true
}
);
/*
Outputs the string ES module source:
export const custom = 'data';
export const to = ['treeshake'];
export default { custom, to };
*/
Extracts the names of all assignment targets based upon specified patterns.
Parameters: (param: Node)
Returns: Array[String]
param
Type: Node
An acorn
AST Node.
import { extractAssignedNames } from '@rollup/pluginutils';
import { walk } from 'estree-walker';
export default function myPlugin(options = {}) {
return {
transform(code) {
const ast = this.parse(code);
walk(ast, {
enter(node) {
if (node.type === 'VariableDeclarator') {
const declaredNames = extractAssignedNames(node.id);
// do something with the declared names
// e.g. for `const {x, y: z} = ... => declaredNames = ['x', 'z']
}
}
});
}
};
}
Constructs a bundle-safe identifier from a String
.
Parameters: (str: String)
Returns: String
import { makeLegalIdentifier } from '@rollup/pluginutils';
makeLegalIdentifier('foo-bar'); // 'foo_bar'
makeLegalIdentifier('typeof'); // '_typeof'
FAQs
A set of utility functions commonly used by Rollup plugins
The npm package @rollup/pluginutils receives a total of 9,871,585 weekly downloads. As such, @rollup/pluginutils popularity was classified as popular.
We found that @rollup/pluginutils demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.