Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
rollup-plugin-alias
Advanced tools
rollup-plugin-alias
Define aliases when bundling packages with Rollup.
Let's take a simple import as an example:
import something from '../../../something';
something();
This probably doesn't look too bad on its own. But imagine this is not the only instance in your code base and after a refactor/restructuring this might fall over. With this plugin in place, you can alias ../../../something with something for readability. In case of a refactor only the alias would need to be changed instead of navigating through the code base and changing all imports.
import something from 'something';
something();
When we write tests, we may want an easier way to access the local library we are testing or mocking libraries. We may also define aliases to counteract "require hell" and get rid of all those ../../../ imports we may have in the process.
For Webpack users: This is a plugin to mimic the resolve.alias functionality in Rollup.
Installation
$ npm install rollup-plugin-alias
Usage
// rollup.config.js
import alias from 'rollup-plugin-alias';
export default {
input: './src/index.js',
plugins: [
alias({
resolve: ['.jsx', '.js'], //optional, by default this will just look for .js files or folders
entries:[
{find:'something', replacement: '../../../something'}, //the initial example
{find:'somelibrary-1.0.0', replacement: './mylocallibrary-1.5.0'}, //remap a library with a specific version
{find:/^i18n\!(.*)/, replacement: '$1.js'}, //remove something in front of the import and append an extension (e.g. loaders, for files that were previously transpiled via the AMD module, to properly handle them in rollup as internals now)
//for whatever reason, replace all .js extensions with .wasm
{find:/^(.*)\.js$/, replacement: '$1.wasm'}
]
})
],
};
// or with object syntax
export default {
input: './src/index.js',
plugins: [
alias({
resolve: ['.jsx', '.js'],
entries: {
something: '../../../something',
'somelibrary-1.0.0': './mylocallibrary-1.5.0',
}
})
],
};
The order of the entries is important, in that the first rules are applied first.
You can use either simple Strings or Regular Expressions to search in a more distinct and complex manner (e.g. to do partial replacements via subpattern-matching, see aboves example).
License
MIT, see LICENSE for more information
Keywords
FAQs
Resolves aliases with Rollup
The npm package rollup-plugin-alias receives a total of 35,022 weekly downloads. As such, rollup-plugin-alias popularity was classified as popular.
We found that rollup-plugin-alias demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 21 Oct 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024