
Product
Introducing Tier 1 Reachability: Precision CVE Triage for Enterprise Teams
Socket’s new Tier 1 Reachability filters out up to 80% of irrelevant CVEs, so security teams can focus on the vulnerabilities that matter.
babel-plugin-evaluate
Advanced tools
A babel plugin to evaluate code at build-time.
I wanted to evaluate some functions and calculations in build process that didn't need to run at runtime, to remove the modules themselves from the bundle to reduce its size.
babel-plugin-preval and babel-plugin-codegen only supports CommonJS not ES Modules, and the evaluation does not run in a sandbox.
babel-plugin-polished only supports polished and only handles simple syntaxes.
babel-plugin-inline-constants only handles constants inlining.
npm install babel-plugin-evaluate
// babel.config.js
module.exports = {
plugins: [["babel-plugin-evaluate", { name: "polished" }]],
};
// App.js
import { rgba } from "polished";
const val = "blue";
const obj = {
color: "#123456",
red: "red",
};
const a = rgba(val, 0.5); // const a = "rgba(0,0,255,0.5)";
const b = rgba(obj["color"], 0.5); // const b = "rgba(18,52,86,0.5)";
const c = rgba(obj.red, 0.5); // const c = "rgba(255,0,0,0.5)";
// babel.config.js
module.exports = {
plugins: [["babel-plugin-evaluate", { name: /\/constants\// }]],
};
// constants/foo.js
export const foo = 2 * 7;
export const bar = "bar" + "baz";
// App.js
import { foo, bar } from "./constants/foo.js";
const fooVal = foo; // const fooVal = 14;
const barVal = bar; // const barVal = "barbaz";
All contributions are welcome. If you find a problem, feel free to create an issue or a PR.
npm install
.FAQs
A babel plugin to evaluate code at build-time.
The npm package babel-plugin-evaluate receives a total of 0 weekly downloads. As such, babel-plugin-evaluate popularity was classified as not popular.
We found that babel-plugin-evaluate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket’s new Tier 1 Reachability filters out up to 80% of irrelevant CVEs, so security teams can focus on the vulnerabilities that matter.
Research
/Security News
Ongoing npm supply chain attack spreads to DuckDB: multiple packages compromised with the same wallet-drainer malware.
Security News
The MCP Steering Committee has launched the official MCP Registry in preview, a central hub for discovering and publishing MCP servers.