Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
imagemin-brunch
Advanced tools
simple image minification for brunch
This is a super simple plug-and-play plugin that minifies your images with imagemin.
$ npm install --save-dev imagemin-brunch
$ brunch build --production
18:06:47 - info: compiled 6 files into 2 files, copied 14 in 2.3 sec
18:06:53 - info: minified 9 images to save 334 kB in 5.3 sec
This plugin detects images via file extensions, and supports the following:
.gif
.jpg
.jpeg
.jpe
.jif
.jfif
.jfi
.png
.svg
.svgz
The actual minification process is performed by the following imagemin plugins:
The plugins have their own configuration options, but imagemin-brunch currently just uses their defaults. I may expose their configuration objects and come up with a way for you to install and use your own plugins in the future.
Minifying images takes forever, so I made this plugin an optimizer. By default, this plugin will run whenever brunch is in production mode. Any of these commands should work to minify your images:
$ brunch b -p
$ brunch build -p
$ brunch b --production
$ brunch build --production
If you are using the default skeleton, npm run build
should also work.
FAQs
Simple image minification for brunch
The npm package imagemin-brunch receives a total of 10 weekly downloads. As such, imagemin-brunch popularity was classified as not popular.
We found that imagemin-brunch demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.