Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
a local development server designed to work with browserify.
it:
node_modules/browserify
.index.html
for missing routes so you don't
need to even muck about with HTML to get startednpm install -g beefy
; and if you want to always have a browserify available
for beefy to use, npm install -g browserify
.
$ cd directory/you/want/served
$ beefy path/to/thing/you/want/browserified.js PORT -- [browserify args]
path/to/file.js
the path to the file you want browserified. can be just a normal node module.
you can also alias it: path/to/file.js:bundle.js
if you want -- so all requests
to bundle.js
will browserify path/to/file.js
. this is helpful for when you're
writing gh-pages
-style sites that already have an index.html, and expect the
bundle to be pregenerated and available at a certain path.
--browserify command
use command
instead of browserify
or ./node_modules/.bin/browserify
.
in theory, you could even get this working with r.js
, but that would probably
be scary and bats would fly out of it. but it's there if you need it!
--live
enable live reloading. this'll start up a sideband server and an fs
watch on
the current working directory -- if you save a file, your browser will refresh.
if you're not using the generated index file, put the following script tag above all of your other JS:
<script src="/-/live-reload.js"></script>
--cwd dir
serve files as if running from dir
.
--debug=false
turn off browserify source map output. by default, beefy automatically inserts
-d
into the browserify args -- this turns that behavior off.
--open
automatically discover a port and open it using your default browser.
beefy exports one function which returns a http server created from http.createServer()
cwd
(string) root folder beefy uses for serving content. this folder is also watched if the live_reload
parameter is set.browserify_path
(string) command to execute when browserifying the code. use 'browserify'
for standard behavior.browserify_args
(array of strings) arguments to the browserify command. use e.g. [ '-d' ]
for debug mode.entry_points
(object) dictionary for your entry points and corresponding file to browserify. see example below.live_reload
(boolean) enable live reload if setlog
(function) optional logging callback. see signature below.custom_handler
(function) optional custom request handler. return falsy in handler to delegate back to beefy.var beefy = require('beefy')
var entry_points = { 'bundle.js': 'path/to/some/js/file.js' }
var server = beefy('path/to/wwwroot', 'browserify', [ '-d' ], entry_points, true, log,
custom_handler)
server.listen(9966)
function log(code, time, bytesize, logged_pathname, color) {}
function custom_handler(req, resp) {
if (req.url == '/foo') {
// custom handling of '/foo'
resp.end('bar\n')
return true
}
// delegate back to beefy
}
the server object is patched with a reload()
method which allows you to reload clients programmatically:
var watchr = require('watchr')
watchr.watch({
path: '/some/other/path/not/watched/by/beefy'
, listener: function (event, file, stat_now, stat_then) {
// do stuff ..
server.reload()
}
})
by default, if you get a URL that doesn't exist (with an Accept
header that has html
in it someplace), you'll get the "fake index." this page is setup so that
it automatically includes both the live reload script (if it's enabled) and the
path you want browserified.
MIT
FAQs
local development server that aims to make using browserify fast and fun
The npm package beefy receives a total of 287 weekly downloads. As such, beefy popularity was classified as not popular.
We found that beefy demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.