
Research
/Security News
11 Malicious NuGet Tools Pose as Game Cheats to Drop a Windows Host-Surveillance Payload
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.
astro-partytown-resolveurl
Advanced tools
This Astro integration enables Partytown in your Astro project.
Partytown is a lazy-loaded library to help relocate resource intensive scripts into a web worker, and off of the main thread.
If you're using third-party scripts for things like analytics or ads, Partytown is a great way to make sure that they don't slow down your site.
The Astro Partytown integration installs Partytown for you and makes sure it's enabled on all of your pages.
The astro add command-line tool automates the installation for you. Run one of the following commands in a new terminal window. (If you aren't sure which package manager you're using, run the first command.) Then, follow the prompts, and type "y" in the terminal (meaning "yes") for each one.
# Using NPM
npx astro add partytown
# Using Yarn
yarn astro add partytown
# Using PNPM
pnpm astro add partytown
If you run into any issues, feel free to report them to us on GitHub and try the manual installation steps below.
First, install the @astrojs/partytown package using your package manager. If you're using npm or aren't sure, run this in the terminal:
npm install @astrojs/partytown
Then, apply this integration to your astro.config.* file using the integrations property:
astro.config.mjs
import { defineConfig } from 'astro/config';
import partytown from '@astrojs/partytown';
export default defineConfig({
// ...
integrations: [partytown()],
})
Partytown should be ready to go with zero config. If you have an existing 3rd party script on your site, try adding the type="text/partytown" attribute:
- <script src="fancy-analytics.js"></script>
+ <script type="text/partytown" src="fancy-analytics.js"></script>
If you open the "Network" tab from your browser's dev tools, you should see the partytown proxy intercepting this request.
To configure this integration, pass a 'config' object to the partytown() function call in astro.config.mjs.
astro.config.mjs
...
export default defineConfig({
integrations: [partytown({
config: {
//options go here
}
})]
});
This mirrors the Partytown config object, but only debug and forward are exposed by this integration.
Partytown ships with a debug mode; enable or disable it by passing true or false to config.debug. If debug mode is enabled, it will output detailed logs to the browser console.
If this option isn't set, debug mode will be on by default in dev or preview mode.
astro.config.mjs
export default defineConfig({
integrations: [partytown({
// Example: Disable debug mode.
config: { debug: false },
})
Third-party scripts typically add variables to the window object so that you can communicate with them throughout your site. But when a script is loaded in a web-worker, it doesn't have access to that global window object.
To solve this, Partytown can "patch" variables to the global window object and forward them to the appropriate script.
You can specify which variables to forward with the config.forward option. Read more in Partytown's documentation.
astro.config.mjs
export default defineConfig ({
integrations: [partytown({
// Example: Add dataLayer.push as a forwarding-event.
config: {
forward: ["dataLayer.push"]
},
})],
})
For help, check out the #support channel on Discord. Our friendly Support Squad members are here to help!
You can also check our Astro Integration Documentation for more on integrations.
This package is maintained by Astro's Core team. You're welcome to submit an issue or PR!
See CHANGELOG.md for a history of changes to this integration.
FAQs
Astro + Partytown integration
The npm package astro-partytown-resolveurl receives a total of 0 weekly downloads. As such, astro-partytown-resolveurl popularity was classified as not popular.
We found that astro-partytown-resolveurl demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.