Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
rollup-plugin-output-manifest
Advanced tools
Rollup plugin for generating an chunk manifest. Inspired by webpack-manifest-plugin
npm install --save-dev rollup-plugin-output-manifest
In your rollup.config.js
import outputManifest from 'rollup-plugin-output-manifest';
// or const outputManifest = require('rollup-plugin-output-manifest').default;
export default {
// ...
plugins: [
// ...
outputManifest(),
],
};
This will generate a manifest.json
file in your root output directory with a mapping of all source file names to their corresponding output file, for example:
{
"index": "index-6492d26f.js"
}
import outputManifest from 'rollup-plugin-output-manifest';
export default {
// ...
plugins: [
// ...
outputManifest(options),
],
};
The type Bundle
is an union of OutputChunk and OutputAsset
type Bundle = OutputChunk | OutputAsset;
options.fileName
Type: String
Default: manifest.json
The manifest filename in your output directory.
options.nameSuffix
Type: String
Default: ''
The suffix for all keys in the manifest json object.
options.nameWithExt
Type: Boolean
Default: true
,
Set an ext for key which is same as the value in manifest json object. We add this option for support of assets which has different ext than the entry.
options.isMerge
Type: Boolean
Default: false
Merge the existing key/value pair in the target manifest file or just override it.
options.publicPath
Type: String
Default: outputOptions.dir || path.dirname(outputOptions.file)
A path prefix that will be added to values of the manifest.
options.publicSuffix
Type: String
A suffix that will be added to values of the manifest. Useful for adding a query string, for example.
options.basePath
Type: String
A path prefix for all keys. Useful for including your output path in the manifest.
options.filter
Type: (bundle: Bundle) => boolean
Filter out chunks.
options.map
Type: (bundle: Bundle) => Bundle
Modify chunk details before the manifest is created.
options.sort
Type: (bundleA: Bundle, bundleB: Bundle) => number
Sort chunk before they are passed to generate
.
options.keyValueDecorator
Type: (k: string, v: string, opt: OutputManifestParam) => {[k: string]: string}
You can set your own rule to set key/value.
options.generate
Type: (keyValueDecorator: KeyValueDecorator, seed: object, opt: OutputManifestParam) => (chunks: Bundle[]) => object
Default:
(keyValueDecorator: KeyValueDecorator, seed: object, opt: OutputManifestParam) => (chunks) =>
chunks.reduce(
(manifest, { name, fileName }) => ({
...manifest,
...keyValueDecorator(name, fileName, opt),
}),
seed
);
Create the manifest. It can return anything as long as it's serialisable by JSON.stringify
.
options.serialize
Type: (manifest: object) => string
Default: (manifest) => JSON.stringify(manifest, null, 2)
Output manifest file in different format then json (e.g. yaml).
$ git clone https://github.com/shuizhongyueming/rollup-plugin-output-manifest.git
$ cd packages/main
$ yarn install
$ yarn build # for build
$ yarn test # for test
MIT
FAQs
Rollup plugin for generating an chunk manifest
The npm package rollup-plugin-output-manifest receives a total of 4,058 weekly downloads. As such, rollup-plugin-output-manifest popularity was classified as popular.
We found that rollup-plugin-output-manifest demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.