Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@rspack/cli
Advanced tools
@rspack/cli is a command-line interface for Rspack, a fast JavaScript bundler. It allows developers to bundle JavaScript applications efficiently, providing various features for configuration, optimization, and development workflows.
Bundling JavaScript
This command bundles the JavaScript files in your project according to the configuration specified in the rspack.config.js file.
npx rspack-cli build
Development Server
This command starts a development server with hot module replacement, allowing you to see changes in real-time as you develop your application.
npx rspack-cli serve
Custom Configuration
This command allows you to specify a custom configuration file for the bundling process, giving you flexibility in how your project is built.
npx rspack-cli build --config custom.config.js
webpack-cli is the official command-line interface for Webpack, a popular JavaScript module bundler. It offers similar functionalities to @rspack/cli, such as bundling, development server, and custom configurations. However, Webpack is more established and has a larger ecosystem.
Parcel is a zero-configuration web application bundler that offers fast performance and simplicity. Unlike @rspack/cli, Parcel aims to work out of the box without requiring extensive configuration, making it a good choice for smaller projects or quick prototypes.
Rollup is a module bundler for JavaScript that focuses on producing smaller, more efficient bundles. It is often used for library development due to its tree-shaking capabilities. While @rspack/cli is more general-purpose, Rollup excels in optimizing code for production.
Command-line interface for rspack.
See https://rspack.dev for details.
Rspack is MIT licensed.
FAQs
CLI for rspack
We found that @rspack/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.