Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
google-closure-compiler
Advanced tools
Check, compile, optimize and compress Javascript with Closure-Compiler
Check, compile, optimize and compress Javascript with Closure-Compiler
This repository tracks issues related to the publication to npmjs.org and associated plugins. Any bugs not related to the plugins themselves should be reported to the main repository.
Note that the installed binary is not actually JavaScript, but native binary or Java jar file depending on the local system.
If you are new to Closure-Compiler, make sure to read and understand the compilation levels as the compiler works very differently depending on the compilation level selected.
For help or questions with the compiler, the best resource is Stack Overflow. Posts there are monitored by multiple Closure Compiler team members.
You may also post in the Closure Compiler Discuss Google Group.
Please don't cross post to both Stack Overflow and Closure Compiler Discuss.
The compiler is distributed as a Java jar or as Mac OS, Linux and Windows native binaries.
On Linux, Mac OS and Windows, optional dependencies will install a native binary of the compiler. Native binaries offer faster compile times without requiring Java to be installed and available. Compilations with a very large number of source files may be slightly slower than the java version.
Requires java to be installed and in the path. Using the java version typically results in faster compilation times.
The simplest way to invoke the compiler (e.g. if you're just trying it out) is with npx
:
npx google-closure-compiler --js=my_program.js --js_output_file=out.js
The npx version will attempt to detect the best platform to use. You can also specify the platform
with the special --platform
flag.
npm install --save google-closure-compiler
See the full list of compiler flags.
The build tool plugins take options objects. The option parameters map directly to the compiler flags without the leading '--' characters. You may also use camelCase option names.
Values are either strings or booleans. Options which have multiple values can be arrays.
{
js: ['/file-one.js', '/file-two.js'],
compilation_level: 'ADVANCED',
js_output_file: 'out.js',
debug: true
}
For the java version, some shells (particularly windows) try to do expansion on globs rather than passing the string on to the compiler. To prevent this it is necessary to quote certain arguments:
{
js: '"my/quoted/glob/**.js"',
compilation_level: 'ADVANCED',
js_output_file: 'out.js',
debug: true
}
The compiler package also includes build tool plugins for Grunt and Gulp. There is also an official webpack plugin.
Additionally, community members have created plugins leveraging this library.
Override the path before first use.
const Compiler = require('google-closure-compiler');
Compiler.prototype.javaPath = '/node_modules/MODULE_NAME/jre/jre1.8.0_131.jre/Contents/Home/bin/java';
const compiler = new Compiler({args});
Note: nailgun users are encouraged to try the native binary versions where available.
This gets around the long startup time of Google Closure Compiler using Nailgun, which runs a single java process in the background and keeps all of the classes loaded.
First you need to install closure-gun by running the following command.
npm install closure-gun
Then point the package to use closure-gun rather than the JDK.
const compilerPackage = require('google-closure-compiler');
compilerPackage.compiler.JAR_PATH = undefined;
compilerPackage.compiler.prototype.javaPath = './node_modules/.bin/closure-gun'
Note that when using gulp, Only invocations without gulp.src work with nailgun.
A low-level node class is included to facilitate spawning the compiler jar as a process from Node. In addition, it exposes a static property with the path to the compiler jar file.
const ClosureCompiler = require('google-closure-compiler').compiler;
console.log(ClosureCompiler.COMPILER_PATH); // absolute path to the compiler jar
console.log(ClosureCompiler.CONTRIB_PATH); // absolute path to the contrib folder which contain externs
const closureCompiler = new ClosureCompiler({
js: 'file-one.js',
compilation_level: 'ADVANCED'
});
const compilerProcess = closureCompiler.run((exitCode, stdOut, stdErr) => {
//compilation complete
});
Copyright 2015 The Closure Compiler Authors
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Closure Compiler release notes can be found on the main repository wiki.
FAQs
Check, compile, optimize and compress Javascript with Closure-Compiler
The npm package google-closure-compiler receives a total of 0 weekly downloads. As such, google-closure-compiler popularity was classified as not popular.
We found that google-closure-compiler demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.