Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Simple, clean, and automatic bundling of your Node modules and packages for use in the browser.
jsbundle takes your Node modules and makes them work in the browser.
It finds all require
calls in your code and includes the necessary module files. Then, it wraps all these modules using the Node variant of CommonJS module headers.
It handles node_modules
directories and package.json
files just like Node does.
It comes with a "Dev CDN" that will watch your files for changes and serve the latest jsbundled version of your code via local HTTP.
It has good error handling and will probably do what you want without any configuration.
npm install -g jsbundle
Or clone this repo, then from the repo dir, run:
npm link
npm install
From your Node package's directory, run:
jsbundle .
Just for fun, you can try it out with minification:
npm install -g uglify-js
jsbundle | uglifyjs --unsafe --lift-vars --consolidate-primitive-values
You can also pipe this to node:
jsbundle 2>/dev/null | uglifyjs --unsafe --lift-vars --consolidate-primitive-values | node
which should give you the exact same output as:
node .
[JSBUNDLE_ENV=<env>] jsbundle <node_package_dir> [--bundle-url=bundle_url]
Create a bundle from the node package contained in node_package_dir.
If the node_package_dir contains a "jsbundle.json", that file will be used to configure jsbundle's operation.
The entry file jsbundle will use to start bundling is one of (in decreasing order of precedence):
Specifying a bundle_url will override any bundle URL defined in the config file. This is useful for versioning/cache busting.
The JSBUNDLE_ENV environment variable determines how the config file is evaluated (see below).
This command is basically equivalent to running:
node <node_package_dir>
in the sense that when the resulting script is executed in the browser, the package at node_package_dir will be the first to execute.
For production deployment, you'll probably want to pipe the resulting output to the JavaScript minifier of your choice.
In any of your modules that are browser-only, you can easily add external dependencies that are guaranteed to be loaded before your code executes by using the module.externalDep
function.
module.externalDep('https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js');
Note that the URL you pass to this function must be a constant string.
Multiple calls to module.externalDep will load any given script URL only once. However, it only does naive string matching, so:
module.externalDep('https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js');
module.externalDep('https://AJAX.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js');
will load jQuery twice. To avoid bugs caused by typos, it's advisable to create a wrapper module around each external script you load and then load the wrapper module in the rest of your code. For example:
jquery.js:
module.externalDep('https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js');
module.exports = $.noConflict(true);
myscript.js:
var $ = require('./jquery');
// etc...
[JSBUNDLE_ENV=<env>] devcdn [port]
Start a "Dev CDN" bundle HTTP server.
The Dev CDN will run on the port specified in the config file, or 8081 if none is specified.
The Dev CDN finds all package.json files below the directory from which it is executed and can serve these as bundles. Bundle names are taken from the "name" field of the package.json file, with ".js" appended. node_modules directories are ignored. So, if you run the Dev CDN from a package directory with the "name" of example
and on the default port, you can request the bundled package at the URL: http://localhost:8081/example.js
.
You can specify the JSBUNDLE_ENV (see below) either via an environment variable or by passing a value to the --env flag. The JSBUNDLE_ENV will be used to evaluate and jsbundle.json files encountered in the served packages.
Test coverage is currently mediocre. You can run tests with:
npm test
All values passed to require in your code must be string literals. Otherwise, jsbundle wouldn't be able to reliably find all the modules to include in the bundled output.
The special variable __filename is equal to the module.id. If you specify the mangleNames option (see below), then the __filename will be the mangled numeric id of the module.
The special variable __dirname doesn't really make sense in the context of browser modules, so while the variable exists, its value is undefined.
{
"defaults": {
"mangleNames": false,
},
"production": {
"mangleNames" true
}
}
jsbundle uses the "defaults" configuration as a base, and then, depending on the value of the JSBUNDLE_ENV environment variable, overrides or adds more values.
In the example above, if the value of JSBUNDLE_ENV is "production", module names will be mangled.
See the included jsbundle.json for an annotated example of all configuration options.
FAQs
Simple, clean, and automatic bundling of your Node modules and packages for use in the browser.
The npm package jsbundle receives a total of 4 weekly downloads. As such, jsbundle popularity was classified as not popular.
We found that jsbundle demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.