Security News
cURL Project and Go Security Teams Reject CVSS as Broken
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
@statoscope/cli
Advanced tools
This package supplies Statoscope as CLI tool
npm i @statoscope/cli -g
statoscope [command] [...args]
Validate or compare webpack stats.
validate [...args]
--input
(-i
) - path to a stats.json--reference
(-r
) - path to a stats-file to compare with (optional)--config
(-c
) - path to statoscope config (by default {pwd}/statoscope.config.js
has used)--warn-as-error
(-w
) - treat warnings as errorsExample:
npm install --save-dev @statoscope/stats-validator-plugin-webpack @statoscope/stats-validator-reporter-console @statoscope/stats-validator-reporter-stats-report
statoscope.config.js
module.exports = {
validate: {
// add webpack plugin with rules
plugins: ['@statoscope/webpack'],
reporters: [
// console-reporter to output results into console (enabled by default)
'@statoscope/console',
// reporter that generates UI-report with validation-results
['@statoscope/stats-report', {open: true}],
],
// rules to validate your stats (use all of them or only specific rules)
rules: {
// ensures that the build time has not exceeded the limit (10 sec)
'@statoscope/webpack/build-time-limits': ['error', 10000],
// ensures that bundle doesn't use specified packages
'@statoscope/webpack/restricted-packages': ['error', ['lodash', 'browserify-crypto']],
// ensures that bundle hasn't package duplicates
'@statoscope/webpack/no-packages-dups': ['error'],
// ensure that the download time of entrypoints is not over the limit (3 sec)
'@statoscope/webpack/entry-download-time-limits': ['error', { global: { maxDownloadTime: 3000 } }],
// ensure that the download size of entrypoints is not over the limit (3 mb)
'@statoscope/webpack/entry-download-size-limits': ['error', { global: { maxSize: 3 * 1024 * 1024 } }],
// diff download size of entrypoints between input and reference stats. Fails if size diff is over the limit (3 kb)
'@statoscope/webpack/diff-entry-download-size-limits': [
'error',
{ global: { maxSizeDiff: 3*1024 } },
],
// compares usage of specified packages usage between input and reference stats. Fails if rxjs usage has increased
'@statoscope/webpack/diff-deprecated-packages': ['error', ['rxjs']],
}
}
}
statoscope validate --input path/to/stats.json
Learn more on @staoscope/stats-validator and @statoscope/stats-validator-plugin-webpack
Create example statoscope.config.js.
init [...args]
--output
(-o
) - config file path (./statoscope.config.js
by default)Example:
statoscope init
Creates statoscope.config.js
in a current directory
statoscope init -o some/path/server.statoscope.config.js
Creates server.statoscope.config.js
in some/path/
Generate custom validator plugin/rule/reporter
create [...args]
--output
(-o
) - config file path (./statoscope.config.js
by default)
--entity
(-e
) - Entity to generate (plugin
, rule
or reporter
)
--output
(-o
) - Path to generated code (./
by default)
--type
(-t
) - Output type (js
(default) or ts
)
--module
(-m
) - Output modules type (commonjs
(default) or esm
)
Example:
statoscope create rule -t ts -o ./my-custom-statoscope-rules
Creates custom rule for stats validator in my-custom-statoscope-rules
directory
Start HTTP-server and serve JSON-stats as HTML report
serve input [...args]
--input
(-i
) - path to one or more webpack stats--reference
(-r
) - path to a stats-file to compare with (optional). When used, only first file from input
will be used--host
(-h
) - server host--port
(-p
) - server port--open
(-o
) - open browser after server startExample:
statoscope serve path/to/stats.json -o
Start server and open browser.
Generate HTML report from JSON-stats.
generate input output [...args]
--input
(-i
) - path to one or more webpack stats--reference
(-r
) - path to a stats-file to compare with (optional). When used, only first file from input
will be used--output
(-t
) - path to generated HTML--open
(-o
) - open browser after generateExample:
statoscope generate path/to/stats.json path/to/report.html -o
Create statoscope report, save it to path/to/report.html
and open
Executes jora-query on stats-file.
query [...args]
--input
(-i
) - path to one or more webpack stats--query
(-q
) - jora-queryAlso, jora-query could be passed through stdin
Example:
statoscope query --input path/to/stats.json --query 'compilations.modules.size()' > output.txt
# or
echo 'compilations.modules.size()' | statoscope query --input path/to/stats.json > output.txt
Inject specified custom reports into stats.
inject-report [...args]
--input
(-i
) - path to one or more webpack stats--report
(-r
) - path to one or more json with reportsReport could be passed as a single report or an array with reports
Raw JSON could be passed through stdin
Example:
my-reports.json:
[
{
"id": "foo",
"data": [1, 2, 3],
"view": ["struct"]
},
{
"id": "bar",
"data": [4, 5, 6],
"view": ["list"]
}
]
statoscope inject-report --input path/to/stats.json --report path/to/my-reports.json > output.json
# or
cat path/to/my-reports.json | statoscope inject-report --input path/to/stats.json > output.json
If you are an engineer or a company that is interested in Statoscope improvements, you could support Statoscope by financial contribution at OpenCollective.
FAQs
Statoscope CLI tools
The npm package @statoscope/cli receives a total of 12,636 weekly downloads. As such, @statoscope/cli popularity was classified as popular.
We found that @statoscope/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.
Security News
Biden's executive order pushes for AI-driven cybersecurity, software supply chain transparency, and stronger protections for federal and open source systems.