Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
chocolatin
Advanced tools
WebPack is awesome : build JavaScript project, add super-power, import anything, anywhere.
But folks need to install a lot of package and messy configuration with object merging in different environment is a real problem for beginner who doesn't have time to learn WebPack.
Chocolatin help user to leverage friction with WebPack 2 configuration.
You need Node.js >= 6 and NPM >= 3.
Chocolatin need :
We will follow WebPack 2 road-map and update package as soon as possible.
So, install with NPM :
npm i chocolatin webpack@2.1.0-beta.25 webpack-dev-server@2.1.0-beta.5 --save-dev
Or with Yarn :
yarn add chocolatin webpack@2.1.0-beta.25 webpack-dev-server@2.1.0-beta.5 --dev
We will write real documentation/contribution guide later.
Basicly, you need to touch a new file and import Chocolatin module and export your configuration.
// build.js
'use strict';
const chocolatin = require('chocolatin');
module.exports = chocolatin.burn(
[/* Mixins */], [/* Loaders */], [/* Plugins */]
);
Then, simply run WebPack :
./node_modules/webpack/bin/webpack --config build.js
Chocolatin is an object with :
So, try to use destructuring :
// build.js
'use strict';
const {
burn,
mixins: { Input, Output, Target },
loaders: { EsLint },
plugins: { Clean, Define, ProgressBar, Minify },
} = require('chocolatin');
// Mixins, Loaders and Plugins
module.exports = burn(
[
Input({ index: ['./src/index.js'] }),
Output('./dist/'),
Target('node'),
],
[
EsLint(),
],
[
Clean(['./dist/']),
Define('production'),
ProgressBar(),
Minify(),
]
);
You can ship the "demo" directory for some example in different environment with Babel, TypeScript, Node.js, Angular 2, React, ...
If you need a web server, just start it via webpack-dev-server and add Server mixin + Hmr plugin, that's all.
You need Watch mixin.
They are functions who need to be call and return blueprint object.
Loader can take options.
At the moment, loader need to be manually install in your project, via npm or yarn.
They are functions who need to be call and return object who will be merge with base WebPack base configuration.
Mixin can take options.
They are functions who need to be call and return a WebPack plugin or nothing.
Plugin can take options.
FAQs
This package is no longer supported and has been deprecated. To avoid malicious use, npm is hanging on to the package name.
The npm package chocolatin receives a total of 8 weekly downloads. As such, chocolatin popularity was classified as not popular.
We found that chocolatin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.