Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@web/dev-server-core
Advanced tools
@web/dev-server-core is a core library for creating a modern web development server. It provides a flexible and extensible platform for serving web applications, with support for modern web features like ES modules, hot module replacement (HMR), and middleware.
Basic Server Setup
This code demonstrates how to set up a basic development server using @web/dev-server-core. The server will serve files from the './public' directory on port 8080.
const { startDevServer } = require('@web/dev-server-core');
const config = {
port: 8080,
rootDir: './public',
};
startDevServer({ config }).then(server => {
console.log(`Server running at http://localhost:${config.port}`);
});
Middleware Support
This example shows how to add middleware to the development server. The middleware logs each request URL to the console.
const { startDevServer } = require('@web/dev-server-core');
const config = {
port: 8080,
rootDir: './public',
middleware: [
(ctx, next) => {
console.log(`Request: ${ctx.url}`);
return next();
}
]
};
startDevServer({ config }).then(server => {
console.log(`Server running at http://localhost:${config.port}`);
});
Hot Module Replacement (HMR)
This code demonstrates how to enable Hot Module Replacement (HMR) in the development server. HMR allows modules to be updated in the browser without a full page reload.
const { startDevServer } = require('@web/dev-server-core');
const config = {
port: 8080,
rootDir: './public',
watch: true,
hmr: true
};
startDevServer({ config }).then(server => {
console.log(`Server running with HMR at http://localhost:${config.port}`);
});
webpack-dev-server is a development server that provides live reloading and HMR for webpack projects. It is tightly integrated with webpack and offers a range of features for development, including middleware support and proxying. Compared to @web/dev-server-core, webpack-dev-server is more focused on webpack-specific workflows.
Vite is a modern development server and build tool that offers fast development and optimized production builds. It supports ES modules, HMR, and a plugin system. Vite is designed to be framework-agnostic and provides a faster development experience compared to traditional bundlers. It offers similar functionalities to @web/dev-server-core but with a focus on speed and simplicity.
Parcel is a web application bundler that offers zero configuration and fast performance. It includes a development server with HMR and supports a wide range of file types out of the box. Parcel aims to provide an easy-to-use development experience with minimal setup, making it a good alternative to @web/dev-server-core for developers looking for simplicity.
Core library powering the web server of @web/test-runner and @web/dev-server
See our website for full documentation.
FAQs
Web dev server core
The npm package @web/dev-server-core receives a total of 76,809 weekly downloads. As such, @web/dev-server-core popularity was classified as popular.
We found that @web/dev-server-core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.