This module loads NPM modules (CommonJS) as AMD modules.
Unlike RequireJS, which requires a monolithic compile step and returns a single bundle, this loader loads each file separately. This makes development/debugging easier, because your modules are not all munged together.
// Dynamic loading - location is arbitrary
app.use('/amidala/', amd.dynamic());
<script src="/amidala/"></script>
<script>
require('uri-templates', function (UriTemplate) {
...
});
</script>
By default, the AMD loader script figures out where to load modules from by inspecting its own URL. This only works if you're loading it from a <script> tag in the page, otherwise you need to provide the .url option.
In the browser: the initial loading library supplies define() or require() functions, following the AMD spec. When a dependency is needed, a <script> element is added to the page that defines it.
On the server: when an AMD dependency is requested by the browser, the corresponding NPM/CommonJS dependency is located, and modified (with some small wrapper code) so that it works as an AMD module.
Absolute and relative paths to modules are always disallowed.
This means that (by default) the only files this module loader will return will be from dependencies from node_modules/.
However, using the .alias option it is possible to redirect modules to another location. If you write an entry .alias that redirects to a folder, this gives users access to all suitable files in that folder, so make sure nothing sensitive is in there (even in hidden files/folders).
.urlThis is the URL at which this loader is accessible in the browser.
By default, this is guessed, but this will only work if the module is loaded via a <script> element in the HTML source.
.aliasWith this option, you can alias modules (or folders) to alternative locations, e.g.:
amd.dynamic({
alias: {
"ui-components": __dirname + "/ui"
}
})
These aliases include submodules - so with the above, a call to require(['ui-components/xyz'], ...) will resolve to ..../ui/xyz instead.
You can provide an array for each alias:
amd.dynamic({
alias: {
"./": [__dirname + '/static/amd/', __dirname + '/shared']
}
})
Aliases are checked longest-first. You can use the empty string ("") to catch all modules not otherwise matched:
amd.dynamic({
alias: {
"": __dirname + '/public/bower_components'
"fs": "level-fs-browser"
}
})
Relative modules are not allowed - however, we can rewrite these modules using .alias:
amd.dynamic({
alias: {
"./shared": __dirname + "/shared"
}
});
This can be useful if you don't want to mess with the global namespace (e.g. occupying the global shared module).
However (as the security note above mentions), if the target is a directory then this gives users access to all files in that directory.
FAQs
Use both AMD/CommonJS modules in the browser/Node, with dynamic loading for browser
The npm package amidala receives a total of 0 weekly downloads. As such, amidala popularity was classified as not popular.
We found that amidala demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
Research
Security News
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.
Security News
Company News
Socket is joining TC54 to help develop standards for software supply chain security, contributing to the evolution of SBOMs, CycloneDX, and Package URL specifications.