Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
0.15.1 (2024-12-18)
closeBundle
on cli and one-shot build
api (#3026) (2969a22)esm
(#3082) (d1cf2f8)keepNames
node binding (#3027) (176666f), closes #2985names
/ originalFileNames
support (#3024) (daa17ff), closes #2496build
API write to disk by default (#3019) (a83297c)require
by OutputOptiond#polyfillRequire: 'false'
(#3091) (b12b20a)checks
to inputOptions
(#3052) (711c16c), closes /github.com/rolldown/rolldown/blob/225f6a41679fff165eff297ba21578a72b4d88eb/packages/rolldown/tests/fixtures/onwarn/_config.ts#L8SourceMap::toUrl
/SourceMap::toString
(#3064) (1f21417)stringify: 'auto'
(#3103) (0ad8217)resolve.dedupe
(#3061) (2ec340e)import.meta.dirname|filename
in cjs (#3053) (22747a3)serde
feature (#3140) (1265c2c)AppendOnlyVec
from reference_needed_symbols
(#3164) (ff1ed90)forbid-const-assign
should considering all write scenario (#2715) (015d4f1)new URL(..., import.met.url)
with webpack (#2738) (2b4f224)chunk.imports
and more (#3008) (9e58163), closes /github.com/vitejs/vite/blob/8f0a9dcff112c866d9aa911647fd3cf9adc50bf1/packages/vite/src/node/plugins/css.ts#L1011-L1029 /github.com/vitejs/vite/blob/8f0a9dcff112c866d9aa911647fd3cf9adc50bf1/playground/html/tests/html.spec.ts#L186-L188import(...)
should have the same result as esm output (#2999) (d42ea8a)__toESM
reference for external import wrapper (#2911) (aaa96db)export
keyword in cjs output (#2807) (80daf63)__require
(#2675) (0f44c14)EcmaView
of css module (#2631) (4c1a715)output.format
did not support topLevelAwait
(#2629) (db018fa), closes /github.com/evanw/esbuild/commit/5fe21253ee75fb4c5ea395a0877b2a5ab51c3575#diff-f312cd3ffe8d88cf424d3f0bd04b41e5b0ad36e549874b5688028bf9091a61f5L2238\0
in JsChangedOutputs.chunks
(#3006) (3f476c3)chunk.modules
object key (#2991) (0628d1b)new URL(...)
(#2747) (e2c4e6a), closes #2741 #2744inlineDynamicImports
on js side (#2834) (1ae6760).cts
and .mts
imports cjs (#2770) (a44c472)total order
(#2621) (8daf1a0)chunk.modules
after generateBundle
mutation (#2993) (4d0092f)inlineDynamicImports
is enabled (#2865) (9f9d29a), closes #2833experimental.viteMode
(#2849) (bf06e41)new URL(..., import.meta.url)
support (#2710) (7c6cbb2)defineConfig
overload (#2689) (51ba546)treeshake.moduleSideEffects
(#2695) (66e8088)advancedChunks
enabled (#2620) (78945df)-o
for file
option. (#2632) (cbfe498)new URL
to asset behavior by default (#2953) (e126911)import()
destructing binding pattern (#2722) (ad0940a)ImportExpression
(#2723) (d5e797b)inlineDynamicImports
automatically if format is iffe
or umd
(#2808) (172a5a1), closes #2792cssEntryFileNames
and cssChunkFileNames
options in js side (#2623) (6f1cfaf), closes #2618require
if format: 'esm'
and platform: 'node'
(#2920) (f1bd92f)NormalizedOutputOptions
(#2907) (62a9ed2), closes #2867 #2906NormalizedInputOptions#input
(#2894) (5150802)NormalizedOutputOptions#format
(#2900) (b5df408)OutputOptions#comments
option (#2644) (3912c3a)build
API (#3011) (bf8c326)write
for build
API (#3014) (745d904)build
API (#3015) (b1c9cf2)new URL('./foo', import.meta.url)
import (#2753) (1839fd3), closes #2745createIdResolver
(#2869) (d6cedcb)import.meta.url
when platform: 'node'
and format: 'cjs'
(#2694) (3a1912b)replace
method (#2733) (915d2fa)configVariants
to allow to emit multiple output (#2785) (73fce89)comments
option (#2614) (a35faba)NormalizedOutputOptions
from rust to js (#2899) (ac28e50)NormalizedOutputOptions
in generateBundle
hook (#2902) (87f7277)NormalizedOutputOptions
in renderChunk
hook (#2909) (b6dc60a), closes #2902 #2906NormalizedOutputOptions
in writeBundle
hook (#2914) (3ec063f), closes #2906Comments::PreserveLegalComments
(#2615) (19de25e)node
if format is cjs
(#2837) (d7adf58)output.hashCharacters
(#2647) (a50a3b2), closes #2646RenderedModule.renderedLength
(#2697) (146ecd8), closes #2686output.globals
(#2818) (7383e19), closes /github.com/rolldown/rolldown/blob/ab438c355063765640db18cb03b8d08fa2eee39d/packages/rolldown/src/utils/normalize-output-options.ts#L46-L47BuildResult
for validate_options_for_multi_chunk_output
(#2800) (5fdd14e), closes #2565 /github.com/rolldown/rolldown/blob/d796b1efa9bd973b60e012ff5bccdb05ee157593/crates/rolldown/src/utils/chunk/validate_options_for_multi_chunk_output.rs#L3-L6satisfies
keyword for InputOptions
and OutputOptions
(#2611) (2863d64), closes #2568ReplaceGlobalDefinesConfig
(#2884) (5e804db), closes /github.com/rolldown/rolldown/blob/52e0d11c4e3b655f4d6e76226b2e70086d41de44/crates/rolldown/src/module_loader/module_loader.rs#L89-L96is_top_level
(#2803) (2be7882)join
method (#2766) (6264234)DashMap
s (#2971) (33beb44)HashMap
s (#2988) (ff1fc6c)FAQs
Fast JavaScript/TypeScript bundler in Rust with Rollup-compatible API.
The npm package rolldown receives a total of 1,869 weekly downloads. As such, rolldown popularity was classified as popular.
We found that rolldown demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.