
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
babel-plugin-import-bee
Advanced tools
当你的项目只用到了部分组件,你想要更小的打包体积的时候,我们提供了按需加载的能力。
import { Button } from 'tinper-bee'; // 这样会把整个组件库全部打包加载进来
// 转换为:
import Button from 'tinper-bee/lib/Button'; // 单独使用组件,按需使用
通过npm
下载安装插件
npm install babel-plugin-import-bee -D
编辑.babelrc
文件,添加下面的配置:
{
"plugins": [
["import-bee", {
"libraryName": "tinper-bee",
"libraryDirectory": "lib"
}]
]
}
编辑ucf.config
添加如下配置:
babel_plugins: [
[require.resolve("babel-plugin-import-bee"),
{
"libraryName": "tinper-bee",
"libraryDirectory": "lib"
}]
]
CommonChunk
、cacheGroups
一起使用,会造成体积更大,原因是优化提取代码后,会把组件库一起优化进去,导致两头都在优化代码会产生冲突重复。vendor
失效后,每一个entry
会有一份node_modules
的第三方代码+按需组件的代码,冗余过多,体积大。注意:插件目前是不支持vendor,CommonChunk插件和本插件不能同时使用,否则会出现vendor过大重复的问题,同时也不适合多页面程序,会导致构建体积过大重复的问题,切记。
FAQs
Tinper-bee modular import plugin for babel.
We found that babel-plugin-import-bee demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.