
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
arc-plugin-esbuild
Advanced tools
Bundles arc functions with esbuild, includes dependencies and tree shakes!
Arc serverless framework plugin for compiling your functions with ESBuild Bundler
npm i --save-dev arc-plugin-esbuild
After installing add @plugins
and @esbuild
pragmas to your app.arc
file:
app.arc
@app
myapp
@aws
runtime esbuild
@http
get /
@plugins
arc-plugin-esbuild
This plugin supports the following options under the @esbuild
pragma:
Option | Description | Example |
---|---|---|
buildDirectory | The directory to write the bundled files to. This directory will be used at deploy-time before bundling your functions for deployment. Defaults to .esbuild . If you use hydration it's recommended to set this to src and commingle your js and ts. | buildDirectory .esbuild |
external | esbuild package externals defaults to aws-sdk passed directly to esbuild | external '@prisma/client' aws-sdk |
baseRuntime | The lambda runtime we should target. Defaults to nodejs16.x | baseRuntime nodejs14.x |
configFile | A config file that is passed to esbuild. This allows for esbuild plugins. It should be a commonjs .js file as it will be required() . You can override everything so be careful. See our source for existing build options. | configFile .esbuildrc.js |
Custom runtimes do not support any shared code or hydration.
There is a sample application located under sample-app/
. cd
into that
directory, npm install
and you can run locally via arc sandbox
or deploy to
the internet via arc deploy
.
FAQs
Use Typescript and esbuild with arc.codes!
The npm package arc-plugin-esbuild receives a total of 0 weekly downloads. As such, arc-plugin-esbuild popularity was classified as not popular.
We found that arc-plugin-esbuild demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.