Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
rollup-plugin-url-resolve
Advanced tools
The goal of this plugin is to avoid the need to use npm
or yarn
clients to explicitly install your dependencies from the registry before you bundle. Instead of specifying your dependencies in package.json
, you specify them in your source code as URLs in import
statements. Then Rollup dynamically fetches and includes those dependencies when you bundle.
For example, you could put the following in your rollup.config.js
:
import urlResolve from 'rollup-plugin-url-resolve';
export default {
// ...
plugins: [urlResolve()]
};
Then, in your source files, you can do stuff like this:
import * as d3 from 'https://unpkg.com/d3?module';
Run rollup
, and you're done. No more npm install
! :) Well, at least not for your app's dependencies.
Currently, the following URL protocols are supported:
https:
and http:
file:
data:
It might help to think about this plugin as an alternative to rollup-plugin-node-resolve
, but for any URL, not just stuff you've already installed in node_modules
.
The urlResolve
function accepts all the same options as make-fetch-happen
. They are used when we need to fetch
a module from a remote URL. One option that is particularly useful is cacheManager
, which can be used to cache the results of fetch
operations on disk. This can make your builds a lot faster if many of your URLs point to remote servers.
import urlResolve from 'rollup-plugin-url-resolve';
export default {
// ...
plugins: [
urlResolve({
// Caches the results of all fetch operations
// in a local directory named ".cache"
cacheManager: '.cache'
})
]
};
There are various other options as well, including support for retrying failed requests and proxy servers. Please see the list of options for more information.
You could also try using a URL that returns CommonJS, though you won't get the benefit of tree-shaking that using JavaScript modules provides. Still, it can be a useful stopgap until a package you need starts publishing JavaScript modules.
If you do this, you'll probably want to use rollup-plugin-commonjs
on those URLs in your Rollup config, just like you would normally do for stuff in node_modules
:
import commonjs from 'rollup-plugin-commonjs';
import urlResolve from 'rollup-plugin-url-resolve';
export default {
// ...
plugins: [
urlResolve(),
commonjs({
// Treat unpkg URLs as CommonJS
include: /^https:\/\/unpkg\.com/,
// ...except for unpkg ?module URLs
exclude: /^https:\/\/unpkg\.com.*?\?.*?\bmodule\b/
})
]
};
FAQs
Use URLs in your Rollup imports
The npm package rollup-plugin-url-resolve receives a total of 122 weekly downloads. As such, rollup-plugin-url-resolve popularity was classified as not popular.
We found that rollup-plugin-url-resolve demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.