![Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack](https://cdn.sanity.io/images/cgdhsj6q/production/6af25114feaaac7179b18127c83327568ff592d1-1024x1024.webp?w=800&fit=max&auto=format)
Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
lite-server
Advanced tools
Readme
Lightweight development only node server that serves a web app, opens it in the browser, refreshes when html or javascript change, injects CSS changes using sockets, and has a fallback page when a route is not found.
BrowserSync does most of what we want in a super fast lightweight development server. It serves the static content, detects changes, refreshes the browser, and offers many customizations.
When creating a SPA there are routes that are only known to the browser. For example, /customer/21
may be a client side route for an Angular app. If this route is entered manually or linked to directly as the entry point of the Angular app (aka a deep link) the static server will receive the request, because Angular is not loaded yet. The server will not find a match for the route and thus return a 404. The desired behavior in this case is to return the index.html
(or whatever starting page of the app we have defined). BrowserSync does not automatically allow for a fallback page. But it does allow for custom middleware. This is where lite-server
steps in.
lite-server
is a simple customized wrapper around BrowserSync to make it easy to serve SPAs.
The recommended installation method is a local NPM install for your project:
$ npm install lite-server --save-dev
...and add a "script" entry within your project's package.json
file:
# Inside package.json...
"scripts": {
"dev": "lite-server"
},
With the above script entry, you can then start lite-server
via:
$ npm run dev
Other options for running locally installed NPM binaries is discussed in this Stack Overflow question: How to use package installed locally in node_modules
lite-server can be also installed globally, if preferred:
$ npm install -g lite-server
# To run:
$ lite-server
The default behavior serves from the current folder, opens a browser, and applies a HTML5 route fallback to ./index.html
.
lite-server uses BrowserSync, and allows for configuration overrides via a local bs-config.json
or bs-config.js
file in your project.
You can provide custom path to your config file via -c
or --config=
run time options:
lite-server -c configs/my-bs-config.js
For example, to change the server port, watched file paths, and base directory for your project, create a bs-config.json
in your project's folder:
{
"port": 8000,
"files": ["./src/**/*.{html,htm,css,js}"],
"server": { "baseDir": "./src" }
}
A more complicated example with modifications to the server middleware can be done with a bs-config.js
file, which requires the module.exports = { ... };
syntax:
module.exports = {
server: {
middleware: {
// overrides the second middleware default with new settings
1: require('connect-history-api-fallback')({index: '/index.html', verbose: true})
}
}
};
NOTE: Keep in mind that when using middleware overrides the specific middleware module must be installed in your project. For the above example, you'll need to do:
$ npm install connect-history-api-fallback --save-dev
...otherwise you'll get an error similar to:
Error: Cannot find module 'connect-history-api-fallback'
Another example: To remove one of the default middlewares, such as connect-logger
, you can set it's array index to null
:
module.exports = {
server: {
middleware: {
0: null // removes default `connect-logger` middleware
}
}
};
A list of the entire set of BrowserSync options can be found in its docs: http://www.browsersync.io/docs/options/
CSS with Angular 2 is embedded thus even though BrowserSync detects the file change to CSS, it does not inject the file via sockets. As a workaround, injectChanges
defaults to false
.
Code released under the MIT license.
FAQs
Lightweight development node server for serving a web app, providing a fallback for browser history API, loading in the browser, and injecting scripts on the fly.
The npm package lite-server receives a total of 21,670 weekly downloads. As such, lite-server popularity was classified as popular.
We found that lite-server demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.