dynamic-import-polyfill
Advanced tools
import() polyfillA fast, tiny polyfill for dynamic import() that works in all module-supporting browsers. The polyfill feature detects built-in import() support and defers to the native version if available. For browsers without module support, you can use the module/nomodule technique to generate a fully ES5-compatible bundle.
You can install this library from npm by running:
npm install dynamic-import-polyfill
To use the polyfill, just initialize it once, in your app's main entry point before dynamically importing any modules. If you have multiple entry points, just add it to the entry point that will be evaluated first.
import dynamicImportPolyfill from 'dynamic-import-polyfill';
// This needs to be done before any dynamic imports are used.
dynamicImportPolyfill.initialize({
modulePath: '/public', // Defaults to '.'
importFunctionName = '$$import' // Defaults to '__import__'
});
| Name | Type | Description |
|---|---|---|
modulePath | string |
A path for which all relative import URLs will resolve from. Default: This should be an absolute path to the directory where your production modules are deployed (e.g. |
importFunctionName | string |
The name of the dynamic import polyfill function added to the global scope. (Note: a name other than Default: If you're using a bundler that supports renaming |
This polyfill uses new Function() to feature detect dynamic import() support, and that detect will always fail if your Content Security Policy (CSP) does not allow 'unsafe-eval' (which most do not). This is generally fine, however, because the polyfill fallback will be used instead. Just be aware that such CSP policies will prevent the browser from using its native dynamic import(), even when supported.
In addition, this polyfill uses Blob URLs to load modules dynamically, and in order for this to work you must configure your Content Security Policy to allow Blob in your script-src settings.
Here's an example Content Security Policy that works (cross-browser) with this polyfill:
<meta http-equiv="Content-Security-Policy" content="script-src 'self' blob:">
rollup-native-modules-boilerplate features a complete example demonstrating how to use this polyfill with full, cross-browser support for legacy browsers. For more details on the techniques used in this demo, see Using Native JavaScript Modules in Production Today by @philipwalton.
This polyfill does not support import.meta, as it is generally not needed when using a bundler that outputs all your modules to the same directory. Bundlers can also resolve import.meta at build time, so oftentimes import.meta does not appear in the final module output.
If import.meta support is a requirement for your use case, es-module-shims by @guybedford may be an option.
This polyfill was inspired from prior work in this space by these projects:
0.1.1 (2019-08-27)
FAQs
A polyfill for the native import() in the browser
The npm package dynamic-import-polyfill receives a total of 15,530 weekly downloads. As such, dynamic-import-polyfill popularity was classified as popular.
We found that dynamic-import-polyfill demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.