Security News
Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm
Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.
By Philipp Burckhardt - Nov 14, 2025
@vue-bridge/vite-plugin
Advanced tools
@vue-bridge/vite-plugin
A Vite plugin that make building for Vue 2 and Vue 3 easier.
https://vue-bridge-docs.netlify.app/reference/vite-plugin
Features - Overview
For more details, visit the References Docs
Version-specific imports
import { versionSpecificUtility } from 'vue-bridge:./my-utility.js'
// compiled for Vue2: resolves to
import { versionSpecificUtility } from './my-utility.vue2.js'
// compiled for Vue3: resolves to
import { versionSpecificUtility } from './my-utility.vue3.js'
Version-specific Style blocks
Some Vue-specific styling syntax differs between versions.
With version-specific style blocks, you can cover both bases. Only the styles for the version you compile for will remain in the bundled output.
<style v3 scoped>
/* Deep Selectors for content in child components*/
.wrapper :v-deep(.class-in-child-component) {
border-color: green;
}
/* Slotted Selectors for content in slots */
.wrapper :slotted(.class-in-slot-content) {
margin-top: 20px;
}
</style>
<style v2 scoped>
/* Im Vue 2, there's only a deep selector, and its syntax is a bit different */
.wrapper::v-deep .class-in-child-component {
border-color: red;
}
.wrapper::v-deep .class-in-slot-content {
margin-top: 20px;
}
</style>
Enforce absolute paths for project dependencies
This feature is for a specific build setup: When you have the /src folder of your lib symlinked into another package, which (usually) holds the Vue 2 related packages, you have to use absolute paths for these imports. Otherwise, Vite would resolve them relative to the real file location in the original /src folder, not relative to the location of the symlink.
This option reads all dependencies from the local package.json and resolves them to their absolute path in the local node:modules folder.
This way, all of the dependencies are resolved as we need them to when we want to use this "external" /src as the source of our local package.
Usage
import vue from '@vitejs/plugin-vue'
//or for Vue 2
// import { createVuePlugin as vue } from 'vite-plugin-vue2'
export default defineConfig({
plugins: [
vue(),
vueBridge({
vueVersion: '3' // or '2'
localizeDeps: true
})
]
})
Options
interface VueBridgePluginOptions {
vueVersion: '2' | '3'
localizeDeps?: true | string[]
rootDir?: string
//TODO:
disableVersionedStyleBlocks?: true
disableVirtualImports?: true
}
vueVersion
localizeDeps
rootDir
disableVersionedStyleBlocks
disableVirtualImports
FAQs
A Vite Plugin to build Vue libraries for both Vue 2 and Vue 3
We found that @vue-bridge/vite-plugin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 24 Jul 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PyPI Expands Trusted Publishing to GitLab Self-Managed as Adoption Passes 25 Percent
PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads
By Sarah Gooding - Nov 14, 2025
Research
/Security News
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.
By Kirill Boychenko - Nov 12, 2025