Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
gulp-recipe-pipemin-build
Advanced tools
Container for fast project compilation with hooks, based on gulp-pipemin.
deps: clean:dist
Build whole project into dist directory.
deps: build
Make zip package file ready for deployment.
Delete dist directory and its contents.
mandatory
flow: sources.index -> pipes.preBuild* -> pipemin -> merge with build -> pipes.postMerge* -> dest
Entry point html files (index.html) to be processed with gulp-pipemin.
example config:
sources.index = 'app/index.html';
mandatory
flow: sources.rawAssets -> pipes.asset* hook
Files that will be treated as assets for pipemin. Names of these files will be fed to glob paths in index.html. Superfluous files are left untouched, but will be loaded into memory during build.
example config:
sources.rawAssets = [
'app/bower_components/*/*.js',
'app/bower_components/*/{dist,min,release}/*.{js,css}', // most of the generic bower modules
sources.js, // include only when serving non-processed js files
sources.css // include only when serving non-processed css files
// do not include temp folder here
];
flow: sources.rawBuild -> pipes.build* hook
Files that will be added to final build bypassing pipemin.
alias: paths.dist
default: 'dist/'
Destination path for build task output directory.
alias: paths.package
default: 'package.zip'
Destination path for package task output file.
alias tasks.build
default 'build'
build task name.
alias tasks.package
default 'package'
package task name.
alias: tasks.cleanDist
default: 'clean:dist'
clean:dist task name.
alias: config.order.minify
default: 1000
Minification task order in build processing pipe.
type: source
flow: pipes.asset* -> pipemin's assetStream
Additional asset sources, good for injecting compiled files into index.html and minification process.
type: source
flow: pipes.build* -> pipes.postBuild* -> merge with pipemin's output -> pipes.postMerge* -> dest
Additional build output files, bypasses the pipemin and goes straight to postBuild step.
type: sequence
Do actions on index just before feeding it into pipemin.
type: sequence
Do actions on files from pipes.build*. Example usage in gulp-recipe-pipemin-rev.
type: sequence
Do actions on all built files before outputing them to dist.
type: sequence
Process js files gathered by pipemin from index.
type: sequence
Process css files gathered by pipemin from index.
type: sequence
Process index files after resolving assets by pipemin.
Sorts raw assets files by name and places into hook.
Minify Js with uglify.
Minify css with csso.
Minify html
FAQs
Receipe for fast build using pipemin
The npm package gulp-recipe-pipemin-build receives a total of 3 weekly downloads. As such, gulp-recipe-pipemin-build popularity was classified as not popular.
We found that gulp-recipe-pipemin-build demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.