Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
babel-plugin-import-bee
Advanced tools
babel-plugin-import-bee
1. 能力及特性
当你的项目只用到了部分组件,你想要更小的打包体积的时候,我们提供了按需加载的能力。
import { Button } from 'tinper-bee'; // 这样会把整个组件库全部打包加载进来
// 转换为:
import Button from 'tinper-bee/lib/Button'; // 单独使用组件,按需使用
2. 安装与配置
通过npm下载安装插件
npm install babel-plugin-import-bee -D
使用
1. 一般项目使用
编辑.babelrc文件,添加下面的配置:
{
"plugins": [
["import-bee", {
"libraryName": "tinper-bee",
"libraryDirectory": "lib"
}]
]
}
2. UCF-WEB 使用
编辑ucf.config添加如下配置:
babel_plugins: [
[require.resolve("babel-plugin-import-bee"),
{
"libraryName": "tinper-bee",
"libraryDirectory": "lib"
}]
]
3. 注意事项说明
- 本插件不能与
CommonChunk、cacheGroups一起使用,会造成体积更大,原因是优化提取代码后,会把组件库一起优化进去,导致两头都在优化代码会产生冲突重复。 - 多页面入口不适用,会导致
vendor失效后,每一个entry会有一份node_modules的第三方代码+按需组件的代码,冗余过多,体积大。 - 适合普通SPA项目使用。
注意:插件目前是不支持vendor,CommonChunk插件和本插件不能同时使用,否则会出现vendor过大重复的问题,同时也不适合多页面程序,会导致构建体积过大重复的问题,切记。
Keywords
FAQs
Tinper-bee modular import plugin for babel.
We found that babel-plugin-import-bee demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 14 open source maintainers collaborating on the project.
Package last updated on 16 Apr 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025