You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 7-8.RSVP
Sign inDemoInstall


Package Overview
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies



The progressive JavaScript framework for building modern web UI.

Version published




Which dist file to use?

From CDN or without a Bundler

  • vue(.runtime).global(.prod).js:

    • For direct use via <script src="..."> in the browser. Exposes the Vue global.
    • Note that global builds are not UMD builds. They are built as IIFEs and is only meant for direct use via <script src="...">.
    • In-browser template compilation:
      • is the "full" build that includes both the compiler and the runtime so it supports compiling templates on the fly.
      • contains only the runtime and requires templates to be pre-compiled during a build step.
    • Inlines all Vue core internal packages - i.e. it's a single file with no dependencies on other files. This means you must import everything from this file and this file only to ensure you are getting the same instance of code.
    • Contains hard-coded prod/dev branches, and the prod build is pre-minified. Use the *.prod.js files for production.
  • vue(.runtime).esm-browser(.prod).js:

    • For usage via native ES modules imports (in browser via <script type="module">.
    • Shares the same runtime compilation, dependency inlining and hard-coded prod/dev behavior with the global build.

With a Bundler

  • vue(.runtime).esm-bundler.js:

    • For use with bundlers like webpack, rollup and parcel.
    • Leaves prod/dev branches with process.env.NODE_ENV guards (must be replaced by bundler)
    • Does not ship minified builds (to be done together with the rest of the code after bundling)
    • Imports dependencies (e.g. @vue/runtime-core, @vue/runtime-compiler)
      • Imported dependencies are also esm-bundler builds and will in turn import their dependencies (e.g. @vue/runtime-core imports @vue/reactivity)
      • This means you can install/import these deps individually without ending up with different instances of these dependencies, but you must make sure they all resolve to the same version.
    • In-browser template compilation:
      • vue.runtime.esm-bundler.js (default) is runtime only, and requires all templates to be pre-compiled. This is the default entry for bundlers (via module field in package.json) because when using a bundler templates are typically pre-compiled (e.g. in *.vue files).
      • vue.esm-bundler.js: includes the runtime compiler. Use this if you are using a bundler but still want runtime template compilation (e.g. in-DOM templates or templates via inline JavaScript strings). You will need to configure your bundler to alias vue to this file.
Bundler Build Feature Flags

Detailed Reference on

esm-bundler builds of Vue expose global feature flags that can be overwritten at compile time:


    • Default: true
    • Enable / disable Options API support

    • Default: false
    • Enable / disable devtools support in production

    • Default: false
    • Enable / disable detailed warnings for hydration mismatches in production

The build will work without configuring these flags, however it is strongly recommended to properly configure them in order to get proper tree-shaking in the final bundle.

For Server-Side Rendering

  • vue.cjs(.prod).js:
    • For use in Node.js server-side rendering via require().
    • If you bundle your app with webpack with target: 'node' and properly externalize vue, this is the build that will be loaded.
    • The dev/prod files are pre-built, but the appropriate file is automatically required based on process.env.NODE_ENV.



Package last updated on 14 Jul 2024

Did you know?


Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.


Related posts

SocketSocket SOC 2 Logo


  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog


Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc