fontmin-webpack - npm Package Compare versions

Comparing version 3.1.0 to 3.2.0

lib/index.js

 const fs = require('fs')
 const path = require('path')
+const crypto = require('crypto')
 const log = require('debug')('fontmin-webpack')
@@ -30,2 +31,3 @@
         skippedFilesRegex: null,
+        appendHash: false,
       },
@@ -193,2 +195,3 @@ options,
     const skippedFiles = this._options.skippedFilesRegex
+    const appendHash = this._options.appendHash
     const fontFiles = this.findFontFiles(compilation)
@@ -224,3 +227,10 @@ const glyphsInCss = this.findUnicodeGlyphs(compilation)
             if (file.buffer.length > file.minified.length) {
-              compilation.assets[file.asset] = new RawSource(file.minified)
+              if (appendHash) {
+                const newAssetName = this.appendMinifiedFileHash(file)
+                compilation.assets[newAssetName] = new RawSource(file.minified)
+                this.hashifyFontReferences(file.asset, newAssetName, compilation.assets)
+                delete compilation.assets[file.asset]
+              } else {
+                compilation.assets[file.asset] = new RawSource(file.minified)
+              }
             }
@@ -232,2 +242,20 @@ })
 
+  appendMinifiedFileHash(file) {
+    const fileHash = crypto.createHash('md5').update(file.minified).digest('hex')
+    return file.asset.split('.').join(`-${fileHash}.`)
+  }
+
+  hashifyFontReferences(oldAssetName, newAssetName, assets) {
+    Object.keys(assets).forEach(
+      asset => {
+        const oldAssetNameRegex = new RegExp(oldAssetName.replace('.', '\\.'), 'g')
+        const assetSource = assets[asset].source().toString()
+
+        if (assetSource.match(oldAssetNameRegex)) {
+          assets[asset] = new RawSource(assetSource.replace(oldAssetNameRegex, newAssetName))
+        }
+      }
+    )
+  }
+
   apply(compiler) {
@@ -234,0 +262,0 @@ compiler.hooks.thisCompilation.tap('FontminPlugin', compilation => {

package.json

 {
   "name": "fontmin-webpack",
-  "version": "3.1.0",
+  "version": "3.2.0",
   "description": "Minifies icon fonts to just what is used.",
@@ -5,0 +5,0 @@ "main": "./lib/index.js",

test/index.test.js

@@ -242,2 +242,17 @@ const fs = require('fs')
   })
+
+  describe('FontAwesome with appendHash option', () => {
+    it('should run successfully', function (done) {
+      this.timeout(60000)
+      const plugin = new Plugin({appendHash: true})
+      const config = _.cloneDeep(baseConfig)
+      testWithConfig(_.assign(config, {plugins: [plugin]}), done)
+    })
+
+    it('should append the hash to the ends of all refrences in all assets', () => {
+      const out = fs.readFileSync(DIST_FOLDER + '/out.js').toString()
+      fontStats.forEach(file => expect(out.match(file.filename)).to.be.ok)
+      fontStats.forEach(file => expect(out.match(file.filename.replace(/-([a-z]|[0-9])+\./, '.'))).to.not.be.ok)
+    })
+  })
 })

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 4 instances in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

51522

increased by105.25%

Number of package files

21

increased by50%

Lines of code

551

increased by7.41%

Worsened metrics

Number of medium supply chain risk alerts

4

increased byInfinity%

No dependency changes