html-webpack-plugin - npm Package Compare versions

Comparing version 5.5.0 to 5.5.1

lib/errors.js

 // @ts-nocheck
 'use strict';
-const PrettyError = require('pretty-error');
-const prettyError = new PrettyError();
-prettyError.withoutColors();
-prettyError.skipPackage('html-plugin-evaluation');
-prettyError.skipNodeFiles();
-prettyError.skip(function (traceLine) {
-  return traceLine.path === 'html-plugin-evaluation';
-});
 
+let prettyError;
+
+function getPrettyError () {
+  if (!prettyError) {
+    // lazily require to improve startup time since pretty-error is rather heavy package
+    const PrettyError = require('pretty-error');
+    prettyError = new PrettyError();
+    prettyError.withoutColors();
+    prettyError.skipPackage('html-plugin-evaluation');
+    prettyError.skipNodeFiles();
+    prettyError.skip(function (traceLine) {
+      return traceLine.path === 'html-plugin-evaluation';
+    });
+  }
+  return prettyError;
+}
+
 module.exports = function (err, context) {
@@ -22,3 +31,3 @@ return {
       try {
-        return prettyError.render(err).replace(/webpack:\/\/\/\./g, context);
+        return getPrettyError().render(err).replace(/webpack:\/\/\/\./g, context);
       } catch (e) {
@@ -25,0 +34,0 @@ // This can sometimes fail. We don't know why, but returning the

package.json

 {
   "name": "html-webpack-plugin",
-  "version": "5.5.0",
+  "version": "5.5.1",
   "license": "MIT",
@@ -46,4 +46,4 @@ "description": "Simplifies creation of HTML files to serve your webpack bundles",
     "style-loader": "2.0.0",
-    "typescript": "4.1.3",
-    "webpack": "5.24.3",
+    "typescript": "4.9.4",
+    "webpack": "^5.79.0",
     "webpack-cli": "4.5.0",
@@ -50,0 +50,0 @@ "webpack-recompilation-simulator": "3.2.0"

README.md

@@ -88,2 +88,3 @@ [![npm][npm]][npm-url]
  * [csp-html-webpack-plugin](https://github.com/slackhq/csp-html-webpack-plugin) to add [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) meta tags to the HTML output
+ * [strict-csp-html-webpack-plugin](https://github.com/google/strict-csp/tree/main/strict-csp-html-webpack-plugin) to add a [**strict** Content-Security-Policy (CSP)](https://web.dev) as a `meta` tag to the HTML output. A strict CSP is specifically efficient against XSS attacks.
  * [webpack-nomodule-plugin](https://github.com/swimmadude66/webpack-nomodule-plugin) allows you to add a `nomodule` attribute to specific injected scripts, which prevents the scripts from being loaded by newer browsers. Good for limiting loads of polyfills.
@@ -90,0 +91,0 @@ * [html-webpack-skip-assets-plugin](https://github.com/swimmadude66/html-webpack-skip-assets-plugin) Skip adding certain output files to the html file. Built as a drop-in replacement for [html-webpack-exclude-assets-plugin](https://www.npmjs.com/package/html-webpack-exclude-assets-plugin) and works with newer [html-webpack-plugin](https://github.com/jantimon/html-webpack-plugin) versions

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Lines of code

2235

increased by0.31%

Number of lines in readme file

669

increased by0.15%

Worsened metrics

Total package byte prevSize

116439

decreased by-23.36%

Number of package files

14

decreased by-6.67%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes