New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

nupolyon

Package Overview
Dependencies
Maintainers
0
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

nupolyon

Auto-Inject polyfill

  • 0.2.2
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
159
decreased by-5.36%
Maintainers
0
Weekly downloads
 
Created
Source

Nupolyon

npm version npm downloads License

Auto-Inject polyfill from https://cdnjs.cloudflare.com/polyfill/

⚠️ WARNING

DON'T USE THIS MODULE, POLYFILL.IO HAS BEEN REPORTED INJECTING SOME MALICIOUS CODE. TEMPORARY WE MOVE THE URL TO CLOUDFLARE'S MIRROR.

https://www.bleepingcomputer.com/news/security/polyfillio-javascript-supply-chain-attack-impacts-over-100k-sites/

https://sansec.io/research/polyfill-supply-chain-attack

https://www.theregister.com/2024/06/25/polyfillio_china_crisis/

https://www.scmagazine.com/brief/over-100k-sites-hit-by-polyfill-io-supply-chain-attack

Features

See the detailed feature explanation here: #58 (comment)

Quick Setup

  1. Add nupolyon dependency to your project
npx nuxi@latest module add nupolyon
  1. Add nupolyon to the modules section of nuxt.config.ts
export default defineNuxtConfig({
  modules: [
    'nupolyon'
  ]
})

That's it! You can now use Nupolyon in your Nuxt app ✨

Configuration

export default defineNuxtConfig({
  modules: [
    'nupolyon'
  ],
  nupolyon: {
    // change host
    host: 'http://my-own-cdn.com/polyfill.min.js'
    // or enable self-host mode
    host: 'selfhost'

    // customize browserslist's target
    target: 'defaults'
  },
})

Development

# Install dependencies
npm install

# Generate type stubs
npm run dev:prepare

# Develop with the playground
npm run dev

# Build the playground
npm run dev:build

# Run ESLint
npm run lint

# Run Vitest
npm run test
npm run test:watch

# Release new version
npm run release

License

This project published under MIT License, see LICENSE for more details.

FAQs

Package last updated on 01 Jul 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

require(esm) Backported to Node.js 20, Paving the Way for ESM-Only Packages

Security News

require(esm) Backported to Node.js 20, Paving the Way for ESM-Only Packages

require(esm) backported to Node.js 20, easing the transition to ESM-only packages and reducing complexity for developers as Node 18 nears end-of-life.

By Sarah Gooding  -  Feb 13, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc