Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
common-shakeify
Advanced tools
browserify tree shaking plugin using @indutny's common-shake
Comments out unused exports from CommonJS modules.
With input files:
// math.js
exports.min = function (a, b) { return a < b ? a : b }
exports.max = function (a, b) { return a < b ? b : a }
// app.js
var math = require('./math')
console.log(math.max(10, 20))
This plugin will rewrite the files to:
// math.js
/* common-shake removed: exports.min = */ void function (a, b) { return a < b ? a : b }
exports.max = function (a, b) { return a < b ? b : a }
// app.js
var math = require('./math')
console.log(math.max(10, 20))
Use a minifier on the output to remove the exports entirely.
npm install --save-dev common-shakeify
With the browserify cli:
browserify -p common-shakeify /my/app.js > bundle.js
# Minify
uglify-js bundle.js --compress > bundle.min.js
With the browserify Node API:
var commonShake = require('common-shakeify')
var b = browserify({ entries: '/my/app.js' })
.plugin(commonShake, { /* options */ })
.bundle()
// Minify & save
var uglify = require('minify-stream')
b
.pipe(uglify())
.pipe(fs.createWriteStream('bundle.min.js'))
Note that using a minifier transform like uglifyify doesn't eliminate the commented-out exports. Transforms run before common-shakeify, so you have to use a minifier on the final bundle to remove the unused exports.
verbose
, v
When true, print messages to stderr when exports are deleted, or the tree-shaker bails out on a module.
Default false.
The verbose
flag only works when no custom handlers are passed, so if you're using eg. a custom onExportDelete
you have to print these messages manually.
$ browserify -p [ common-shakeify -v ] app.js > bundle.js
common-shake: removed `decode` in node_modules/vlq/dist/vlq.js:10:7
common-shake: bailed out: `module.exports` assignment in node_modules/process-nextick-args/index.js:20:3
onExportDelete(filename, exportName)
Handler called for every exported identifier that is being removed.
filename
is the path to the file that exports the identifier. exportName
is the name of the identifier.
onModuleBailout(module, reasons)
Handler called when a module cannot be tree-shaked for some reason.
module
is the Module object from common-shake.
reasons
is an array of reasons that caused this module to be deoptimised.
onGlobalBailout(reasons)
Handler called when tree-shaking is skipped entirely, usually because there is a dynamic require
call in the source.
reasons
is an array of reasons for skipping tree-shaking.
0.5.0
@goto-bus-stop/common-shake
, which supports dependent use tracking. (#14)FAQs
browserify tree shaking plugin using @indutny common-shake
The npm package common-shakeify receives a total of 9,998 weekly downloads. As such, common-shakeify popularity was classified as popular.
We found that common-shakeify demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 39 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
Security News
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
Security News
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.