
Security News
Feross on Risky Business Weekly Podcast: npm’s Ongoing Supply Chain Attacks
Socket CEO Feross Aboukhadijeh joins Risky Business Weekly to unpack recent npm phishing attacks, their limited impact, and the risks if attackers get smarter.
arc-plugin-esbuild
Advanced tools
Bundles arc functions with esbuild, includes dependencies and tree shakes!
Arc serverless framework plugin for compiling your functions with ESBuild Bundler
npm i --save-dev arc-plugin-esbuild
After installing add @plugins
and @esbuild
pragmas to your app.arc
file:
app.arc
@app
myapp
@aws
runtime esbuild
@http
get /
@plugins
arc-plugin-esbuild
This plugin supports the following options under the @esbuild
pragma:
Option | Description | Example |
---|---|---|
buildDirectory | The directory to write the bundled files to. This directory will be used at deploy-time before bundling your functions for deployment. Defaults to .esbuild . If you use hydration it's recommended to set this to src and commingle your js and ts. | buildDirectory .esbuild |
external | esbuild package externals defaults to aws-sdk passed directly to esbuild | external '@prisma/client' aws-sdk |
baseRuntime | The lambda runtime we should target. Defaults to nodejs16.x | baseRuntime nodejs14.x |
configFile | A config file that is passed to esbuild. This allows for esbuild plugins. It should be a commonjs .js file as it will be required() . You can override everything so be careful. See our source for existing build options. | configFile .esbuildrc.js |
Custom runtimes do not support any shared code or hydration.
There is a sample application located under sample-app/
. cd
into that
directory, npm install
and you can run locally via arc sandbox
or deploy to
the internet via arc deploy
.
FAQs
Use Typescript and esbuild with arc.codes!
The npm package arc-plugin-esbuild receives a total of 0 weekly downloads. As such, arc-plugin-esbuild popularity was classified as not popular.
We found that arc-plugin-esbuild demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket CEO Feross Aboukhadijeh joins Risky Business Weekly to unpack recent npm phishing attacks, their limited impact, and the risks if attackers get smarter.
Product
Socket’s new Tier 1 Reachability filters out up to 80% of irrelevant CVEs, so security teams can focus on the vulnerabilities that matter.
Research
/Security News
Ongoing npm supply chain attack spreads to DuckDB: multiple packages compromised with the same wallet-drainer malware.