Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
apostrophe-browserify
Advanced tools
A convenience module for using browserify with frontend code in Apostrophe.
This module is for Apostrophe 0.5 only, not the 2.x stable release.
Even with 0.5, it requires the server to run browserify and babel, which slows things down needlessly. Just create your own gulp workflow in development which generates an output file that is pushed as an asset to Apostrophe in the usual way.
This Apostrophe 2 module enables you to bundle your frontend code using browserify
while taking advantage of automatic minification and Apostrophe's asset pipeline.
When using the development
option watchify
will run, recompiling your assets any time they are saved.
To use it, run npm install apostrophe-browserify --save
and add it to your app.js
configuration:
{
...
'apostrophe-browserify': {
// files are specified relative to the project directory (app.js)
files: [ './public/js/modules/_site.js' ]
}
...
}
Apostrophe will save your bundled file to the public/js/
directory. By default it creates _site-compiled.js
, however the filename can be configured using the outputFile
option.
You specify your input files using the files
option. You may specify more than one. Your input files may use the require
statement, much as they can in node apps, as described in the browserify
documentation.
{
'apostrophe-browserify': {
// The files to compile. All files in the array are
// compiled to a single output file.
files: [ './public/js/modules/_site.js' ],
// The filename of your bundled file.
// Defaults to '_site-compiled.js'.
outputFile: '_site-compiled.js',
// When this is true `watchify` will recompile your
// assets any time they are saved. Defaults to `false`.
development: false,
// When this is true and `development` is also true
// watchify will log a message in the console each
// time your bundle is recompiled. Defaults to `true`.
verbose: true,
// When this is true and `development` is also true
// your operating system will generate a notification
// when watchify's build fails. Defaults to `false`.
notifications: false,
// When this is true, browserify will run a simple babel
// transform on your files using the es2015 preset. You // can read about what is included with that here:
// http://babeljs.io/docs/plugins/preset-es2015/
es2015: true,
// When this option is true, you are able to write JSX
// React within your browserify-compiled files through
// the reactify transform.
react: true,
// When this option is true, you are able to use a small
// subset of node's fs module: readFileSync, readFile,
// readdirSync, and readdir.
// https://github.com/substack/brfs
brfs: true,
// Pass additional options into browserify if
// necessary. Overrides any module-level options.
browserifyOptions: {
}
}
}
Make sure you add public/js/_site-compiled.js
to your .gitignore
and deployment/rsync_exclude.txt
files.
When minify
is true, which it should be for all production Apostrophe sites, the output file will not be recompiled, even on startup, unless it does not exist yet. Together with the apostrophe:generation
task, this prevents race conditions in a multicore Apostrophe production environment.
0.5.8
: added native notifications when build fails, improved error logging. Updated styling of console logs to be a little clearer.
0.5.6
: added source mapping and timestamp logging on recompile when in development
mode.
0.5.5
: no need to manually add the output file to your assets. Behaves properly in a multicore environment as long as minify
is true. Documentation updated. The basedir
option has been removed, as this module is currently only intended for project-level code, but more thought will be given to how this module could be used in conjunction with module-level code in the future.
FAQs
A convenience module for using browserify with frontend code in Apostrophe.
The npm package apostrophe-browserify receives a total of 1 weekly downloads. As such, apostrophe-browserify popularity was classified as not popular.
We found that apostrophe-browserify demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.