Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@roots/bud-api
Advanced tools
bud.js core module
Install @roots/bud-api to your project.
Yarn:
yarn add @roots/bud-api --dev
npm:
npm install @roots/bud-api --save-dev
For full documentation refer to bud.js.org/docs.
Include static assets in your compilation even if they aren't referenced in scripts or stylesheets.
bud.compilePaths is used to specify directories which should be treated as source directories.
If you have errors which say something along the lines of You may need an appropriate loader to handle this file type, currently no loaders are configured to process this file.
, this is probably the function you want to use to fix that!
By default, bud.js treats code outside of the @src
directory (likely modules downloaded via npm or yarn) as code that has already been bundled by some other means. This is a huge performance boost for your project! If that code was already compiled by the package author it would be a waste of time and energy to compile it again.
However, some authors may publish uncompiled source code with the expectation that you will transpile it as part of your build process. This function simplifies the process of configuring bud.js to handle these cases.
bud.config allows you to extend or modify the default Webpack configuration for your project.
bud.copyDir copies a directory to the @dist directory.
bud.copyFile copies a file to the @dist directory.
bud.define replaces variables in your application code and html templates at compile time.
bud.entry is used to specify and group assets to include in the compilation.
If no entrypoint is provided bud.js will attempt to compile src/index.js to dist/main.js.
bud.html is used to configure your application's HTML wrapper.
bud.provide makes a variable or module available throughout the entire application.
bud.proxy is a method that configures a proxy server for your development environment. This is useful when you need to proxy requests to a backend server, such as a WordPress site.
If you only need to modify the URL of the proxy server you should consider using bud.setProxyUrl and bud.setPublicProxyUrl.
bud.serve is used to configure the development server.
You don't need to call this function unless you want to change the default server configuration.
If you only need to modify the URL of the dev server you should consider using bud.setUrl and bud.setPublicUrl
bud.setProxyUrl is used to specify the URL of the proxy target.
bud.setPublicProxyUrl is used to specify the site-accessible URL for the proxy server (if it differs from the internal URL).
For example: a dockerized app that has a service which needs to be accessible from the host at http://example.test
but serves over http://0.0.0.0
.
bud.setUrl is used to specify the URL for the dev server.
bud.setPublicUrl is used to specify the site-accessible URL for the dev server (if it differs from the internal URL).
For example: a dockerized app that needs to be accessible from the host at http://example.test
but serves over http://0.0.0.0:8080
.
bud.watch is used to specify files which will trigger a full browser reload when changed.
Contributions are welcome from everyone.
We have contribution guidelines to help you get started.
@roots/bud-api is licensed under MIT.
Keep track of development and community news.
bud.js is an open source project and completely free to use.
However, the amount of effort needed to maintain and develop new features and projects within the Roots ecosystem is not sustainable without proper financial backing. If you have the capability, please consider sponsoring Roots.
FAQs
bud.js core module
The npm package @roots/bud-api receives a total of 8,584 weekly downloads. As such, @roots/bud-api popularity was classified as popular.
We found that @roots/bud-api demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.