Security News
The Changelog Podcast: Practical Steps to Stay Safe on npm
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.
By Sarah Gooding - Oct 31, 2025
🚀 DAY 5 OF LAUNCH WEEK: Introducing Socket Firewall Enterprise.Learn more →
miniapp-tools
Advanced tools
miniapp-tools
小程序打包、性能优化工具
注: 使用本打包工具所引起的bug问题本项目组不承担任何责任,请酌情使用。
现在只支持原生的小程序,暂时不支持taro等。
安装
npm i miniapp-tools -D
功能
1.执行代码依赖分析并摇树优化
在项目下新建一个js文件,填入以下内容,然后node它:
const { DependContainer } = require('./node_modules/miniapp-tools');
const path = require('path');
const options = {
sourceDir: path.join(__dirname, 'src'), // 源代码目录
targetDir: path.join(__dirname, 'refactor'), // 输出目录(不要把输出目录放在源代码目录中)
analyseDir: path.join(__dirname, 'analyse'), // 分析数据存放目录
isSplitNpm: true, // 是否分包
};
const instance = new DependContainer(options);
instance.init().catch(err => console.error(err));
执行完以上代码会生成以下目录:
- refactor目录,该目录是摇树后文件的所在目录
- analyse目录,用于查看依赖分析图表
分包是指在摇树优化的基础上,将仅在子包中使用的npm包移动到子包中以减少主包的大小
2.查看依赖分析图
npm i parcel-bundler -g // 若已安装不需要执行这一步
parcel ./analyse/index.html --open --out-dir analyse-dist
3.查看所有有大写标签的json文件
node node_modules/miniapp-tools/src/upperTags.js
4.代理所有setData函数查看运行时性能
node node_modules/miniapp-tools/src/perform.js
该命令会在src目录下生成performBehavior.test.js文件,可以修改该文件来
更改注入的behavior的行为。注意在执行该命令之前必须先执行第1步
以上命令可以写在package.json的script中,以便简化
Keywords
FAQs
The npm package miniapp-tools receives a total of 0 weekly downloads. As such, miniapp-tools popularity was classified as not popular.
We found that miniapp-tools demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 20 Aug 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Security Community Slams MIT-linked Report Claiming AI Powers 80% of Ransomware
Experts push back on new claims about AI-driven ransomware, warning that hype and sponsored research are distorting how the threat is understood.
By Sarah Gooding - Oct 30, 2025
Security News
Ruby Core Team Assumes Stewardship of RubyGems and Bundler, Former Maintainers Offer to Transfer All Rights to Matz
Ruby's creator Matz assumes control of RubyGems and Bundler repositories while former maintainers agree to step back and transfer all rights to end the dispute.
By Sarah Gooding - Oct 29, 2025