Security News
Supply Chain Attack Detected in @solana/web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
By Sarah Gooding - Dec 03, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
fis-prepackager-m2c
Advanced tools
fis-prepackager-m2c
##安装与使用
1.全局安装
npm install fis-prepackager -g
2.开启和配置插件
在fis-conf.js中使用如下代码:
fis.config.merge('modules.prepackager','m2c');
fis.config.merge('settings.prepackager.m2c',{
options: {
ns: 'sm',
readcss: true,
exclude: ['**/vue.js']
},
tmpl: {
js: '<script type="text/javascript" src="{0}"></script>',
css: '<link rel="stylesheet" type="text/css" href="{0}">'
}
});
settings说明
options:常用的一些设置主要有:
1、ns:命名空间,模块化代码转成闭包后使用的命名空间,默认'alp'。
2、readcss:主要针对出现在js中的require('./xx.css')处理方式,默认true。true:读取css文件的内容并写入到js中;false:不读取css文件的内容,而是分析依赖。
3、exclude:排除一些已存在的使用require关键字的文件,比如用webpack或browerify打包的文件。
4、readcssInHtml:出现在html中的script标签中的css是否可读,同readcss
在项目中使用
1.按nodejs的开发方式写js
f.js内容
var t = '马云'
module.exports.obj = {
a:t
}
a-object.js内容
var f = require('./f.js');
module.exports = {
sayName: function(name) {
console.log(name);
console.log(f.obj.a);
}
}
在script标签中加data-main作为标识
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<script type="text/javascript" data-main>
var a = require('./a-object.js');
a.sayName('您好');
</script>
</body>
</html>
2.执行fis release -d output
文件结果
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<script type="text/javascript" src="f.js"></script>
<script type="text/javascript" src="a-object.js"></script>
<script type = "text/javascript">
window.sm = window.sm || {};
(function (sm, a_object_js) {
var a = a_object_js;
a.sayName('你好');
}(sm, sm.a_object_js));
</script>
</body>
</html>
f.js
window.sm = window.sm || {};
(function (sm) {
var t = '马云'
sm.obj = { a: t };
}(sm));
a-object.js
window.sm = window.sm || {};
(function (sm) {
var f = sm;
sm.a_object_js = {
sayName: function (name) {
console.log(name);
console.log(f.obj.a);
}
};
}(sm));
FAQs
This package is no longer supported and has been deprecated. To avoid malicious use, npm is hanging on to the package name.
The npm package fis-prepackager-m2c receives a total of 0 weekly downloads. As such, fis-prepackager-m2c popularity was classified as not popular.
We found that fis-prepackager-m2c demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 11 Nov 2015
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024