Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
The easiest way to compile JavaScript, HTML and CSS.
We want people to have fun building things for the web. There should be no hurdles between a great idea, and your first prototype. And once you're ready, it should be easy to package it up and share it online. That's Bankai: a tool that helps you build for the web. No configuration, and no hassle - that's our promise.
If this is your first time building something for the web, take a look at choojs/create-choo-app to help get a project setup from scratch :sparkles:.
$ bankai <command> [entry] [options]
Commands:
build compile all files to dist/
inspect inspect the bundle dependencies
start start a development server
Options:
-d, --debug output lots of logs
-h, --help print usage
-q, --quiet don't output any logs
-v, --version print version
Examples:
Start a development server
$ bankai start index.js
Visualize all dependencies in your project
$ bankai inspect index.js
Compile all files in the project to disk
$ bankai build index.js
Running into trouble? Feel free to file an issue:
https://github.com/choojs/bankai/issues/new
Do you enjoy using this software? Become a backer:
https://opencollective.com/choo
When you first open up your application in a browser, you'll probably see a warning page about HTTPS connections being untrusted. No worries, this is entirely expected behavior. Follow the instructions below to solve this for your browser.
localhost
, we must sign a TLS certificate
locally. This is better known as a "self-signed certificate". Browsers
actively check for certificates from uknown providers, and warn you (for good
reason!) In our case, however, it's safe to ignore.
HTTPS is needed for an increasing amount of APIs to work in the browser. For example if you want to test HTTP/2 connections or use parts of the storage API, you have no choice but to use an HTTPS connection on localhost. That's why we try and make this work as efficiently, and securely as possible.
We generate a unique certificate for each Bankai installation. This means that you'll only need to trust an HTTPS certificate for Bankai once. This should be secure from remote attackers, because unless they have successfully acquired access to your machine's filesystem, they won't be able to replicate the certificate.
A wild security screen appears!. Click on "advanced".
Bankai applies lots of optimizations to projects. Generally you won't need to care how we do this: it's lots of glue code, and not necessarily pretty. But it can be useful to know which optimizations we apply. This is a list:
require('assert')
statements from the code.
Only applied for production builds.choo
HTML code so it run significantly faster in the
browser.fs.readFile()
. Useful to ship assets
in the browser.require('split-require')
function.bundle.js
.<head>
of the document. This means that every page will be able to render
after the first roundtrip, which makes for super snappy pages.defer
attribute.preload
attribute.preload
attribute.manifest.json
so the application can be
installed on mobile.manifest.json
so the
navigator bar on mobile is styled on brand.manifest.json
.The Bankai CLI doesn't take any flags, other than to manipulate how we log to
the console. Configuring Bankai is done by modifying package.json
.
Bankai is built on three technologies: browserify
,
sheetify
, and documentify
. Because these can be
configured inside package.json
it means that Bankai itself can be configured
from there too. Also if people ever decide to switch from the command line to
JavaScript, no extra configuration is needed.
{
"name": "my-app",
"browserify": {
"transform": [
"some-browserify-transform"
]
},
"sheetify": {
"transform": [
"some-sheetify-transform"
]
},
"documentify": {
"transform": [
"some-documentify-transform"
]
}
}
Bankai can be hooked up directly to an HTTP server, which is useful when working on full stack code.
var bankai = require('bankai/http')
var http = require('http')
var path = require('path')
var compiler = bankai(path.join(__dirname, 'example'))
var server = http.createServer(function (req, res) {
compiler(req, res, function () {
res.statusCode = 404
res.end('not found')
})
})
server.listen(8080, function () {
console.log('listening on port 8080')
})
Not all browsers support all of the Web Platform's features. So in order to use newer features on older browsers, we have to find a solution. The best solution out there at the moment is Babel.
Babel is a plugin-based JavaScript compiler. It takes
JavaScript in, and outputs JavaScript based for the platforms you've decided to
target. In Bankai we target the last 2 versions of FireFox, Chrome and Edge,
and every other browser that's used by more than 1% of people on earth. This
includes IE11. And if you have different opinions on which browsers to use,
Bankai respects .babelrc
files.
Some newer JavaScript features require loading an extra library; async/await
being the clearest example. To enable this features, the babel-polyfill
library needs to be included in your application's root (e.g. index.js
).
require('babel-polyfill')
We don't include this file by default in Bankai, because it has a significant
size overhead. Once Babel includes only the language features you're using,
we'll work to include babel-polyfill
by default.
compiler.on('error', callback(error))
Whenever an internal error occurs.
compiler.on('change', callback(nodeName, edgeName, state))
Whenever a change in the internal graph occurs.
compiler = bankai(entry, [opts])
Create a new bankai instance. Takes either an entry file location, or an array of files.
compiler.documents(routename, [opts], done(err, buffer))
Output an HTML bundle for a route. Routes are determined based on the project's
router. Pass '/'
to get the default route.
<head>
of the body as window.initialState
.compiler.scripts(filename, done(err, buffer))
Pass in a filename and output a JS bundle.
compiler.assets(assetName, done(err, buffer))
Output any other file besides JS, CSS or HTML.
compiler.styles(name, done(err, buffer))
Output a CSS bundle.
compiler.manifest(done(err, buffer))
Output a manifest.json
.
compiler.serviceWorker(done(err, buffer))
Output a service worker.
compiler.close()
Close all file watchers.
Apache License 2.0
FAQs
The easiest way to compile JavaScript, HTML and CSS
The npm package bankai receives a total of 102 weekly downloads. As such, bankai popularity was classified as not popular.
We found that bankai demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 28 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.