Security News
Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm
Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.
By Philipp Burckhardt - Nov 14, 2025
craco-babel-loader
Advanced tools
craco-babel-loader
Rewire `babel-loader` loader in your `create-react-app` project using `craco`.
This is a port of react-app-rewire-babel-loader to CRACO instead of react-app-rewired. react-app-rewired was not being updated for version 2 of CRA, and I wanted to use the rewired babel loader with a solution designed for CRA 2.
Rewire
babel-loaderloader in yourcreate-react-appproject usingCRACO.
Say there is an awesome library you found on npm that you want to use within your un-ejected create-react-app project, but unfortunately, it's published in ES6+ (since node_modules doesn't go through babel-loader), so you cannot really use it. It's also effective for working with monorepos which was my original use case.
However, with CRACO and this library, craco-babel-loader, you can use that awesome library you've found.
See below for usage.
Install
$ yarn add craco-babel-loader
# npm v5+
$ npm install craco-babel-loader
# before npm v5
$ npm install --save craco-babel-loader
Usage
// crago.config.js
// see: https://github.com/sharegate/craco
const path = require("path");
const fs = require("fs");
const rewireBabelLoader = require("craco-babel-loader");
// helpers
const appDirectory = fs.realpathSync(process.cwd());
const resolveApp = relativePath => path.resolve(appDirectory, relativePath);
module.exports = {
plugins: [
//This is a craco plugin: https://github.com/sharegate/craco/blob/master/packages/craco/README.md#configuration-overview
{ plugin: rewireBabelLoader,
options: {
includes: [resolveApp("node_modules/isemail")], //put things you want to include in array here
excludes: [/(node_modules|bower_components)/] //things you want to exclude here
//you can omit include or exclude if you only want to use one option
}
}
]
}
Development
node.jsandnpm. See: https://github.com/creationix/nvm#installationyarn. See: https://yarnpkg.com/en/docs/installnpmdependencies. Run:yarn install
Chores
- Lint:
yarn run lint - Prettier:
yarn run pretty - Test:
yarn run test - Pre-publish:
yarn run prepublish - Build:
yarn run build
License
MIT.
FAQs
Rewire `babel-loader` loader in your `create-react-app` project using `craco`.
The npm package craco-babel-loader receives a total of 13,237 weekly downloads. As such, craco-babel-loader popularity was classified as popular.
We found that craco-babel-loader demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 25 Nov 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PyPI Expands Trusted Publishing to GitLab Self-Managed as Adoption Passes 25 Percent
PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads
By Sarah Gooding - Nov 14, 2025
Research
/Security News
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.
By Kirill Boychenko - Nov 12, 2025