Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
enchilada 
serve up your javascript files all wrapped up using browserify. Yum!
with express/connect
var app = express();
// serves up all your javascript files, handling all require() calls
app.use(enchilada(__dirname + '/public'));
// fallback for other static resources
app.use(express.static(__dirname + '/public'));
Now just visit any .js url which maps to a path under /public and the packaged file will be served.
sourcemaps
Versions 0.7+ of enchilada do not bundle sourcemaps with your javascript files; instead sourceMapURL comment is used. This allows for specifying both the compress and debug options as true in production without impacting users but still benefiting from being able to obtain sourcemaps. Care should be taken to limit access to the mapfiles (served via the /path/to/original/js/script.map.json) usually with middleware before enchilada.
options
No one likes a stale enchilada. Out in the real world, you want to leverage browser caching for rarely changing files. Imagine that your project uses files like jquery or engine.io, these files don't change as much as your app code. It would be silly to keep sending them with every js file you serve up. Enchilada makes this easy to do.
Just add the proper ingredients and your enchilada will be served up as you requested.
app.use(enchilada({
src: __dirname + '/public', // location of your js files
cache: true || false, // default false (use true for production to disable file watching)
compress: true || false || { uglify options }, // default false
debug: true || false, // default false (enable sourcemap output with bundle)
watchCallback: function(filename) {}, // optional (use to do something clever, like tell client to reload the page)
routes: {
// key is the url route, value is either a file relative to src
'/js/jquery.js': './js/jquery.js',
// or a module installed via npm
'/js/engine.io.js': 'engine.io-client'
},
transforms: [ handleify, brfs ]
}));
Now just make sure you load the required scripts before any other js file that might use them.
<!-- load the scripts we know will be used by several files -->
<script src="/js/jquery.js"></script>
<script src="/js/engine.io.js"></script>
<!-- load other js files as you would before -->
<script src="/js/app.js"></script>
examples
See the examples directory for working code you can copy and paste.
install
Install with npm
npm install enchilada
FAQs
middleware for automatic javascript bundles
The npm package enchilada receives a total of 34 weekly downloads. As such, enchilada popularity was classified as not popular.
We found that enchilada demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 28 Sep 2014
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
38% of CISOs Fear They’re Not Moving Fast Enough on AI
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
By Sarah Gooding - Feb 04, 2025
Research
Security News
Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching for Persistence
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.
By Kirill Boychenko - Feb 04, 2025