Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
rollup-pluginutils
Advanced tools
The rollup-pluginutils package provides utility functions to help in the creation of Rollup plugins. It includes functions for filtering files, creating caches, and other common tasks needed when developing Rollup plugins.
createFilter
The createFilter function allows you to create a filter function based on include and exclude patterns. This is useful for determining which files should be processed by your plugin.
const { createFilter } = require('rollup-pluginutils');
const filter = createFilter(['**/*.js', '**/*.jsx'], 'node_modules/**');
console.log(filter('src/main.js')); // true
console.log(filter('node_modules/foo.js')); // false
dataToEsm
The dataToEsm function converts a JavaScript object into an ES module export. This is useful for embedding JSON or other data directly into your Rollup bundles.
const { dataToEsm } = require('rollup-pluginutils');
const data = { foo: 'bar' };
const esmCode = dataToEsm(data);
console.log(esmCode); // export default {"foo":"bar"};
attachScopes
The attachScopes function attaches scope information to an AST, which can be useful for analyzing and transforming code.
const { attachScopes } = require('rollup-pluginutils');
const acorn = require('acorn');
const ast = acorn.parse('const x = 1;');
const scope = attachScopes(ast, 'scope');
console.log(scope.contains('x')); // true
The rollup-plugin-includepaths package allows you to specify include paths for your Rollup bundles. It is similar to rollup-pluginutils' createFilter function but focuses specifically on resolving module paths.
The rollup-plugin-json package allows you to import JSON files into your Rollup bundles. It provides similar functionality to rollup-pluginutils' dataToEsm function but is specialized for JSON files.
The rollup-plugin-node-resolve package helps Rollup to find and bundle third-party dependencies in node_modules. While it doesn't directly overlap with rollup-pluginutils, it complements it by resolving module paths that can then be filtered or transformed using rollup-pluginutils.
A set of functions commonly used by Rollup plugins.
npm install --save rollup-pluginutils
import { addExtension } from 'rollup-pluginutils';
export default function myPlugin ( options = {} ) {
return {
resolveId ( code, id ) {
// only adds an extension if there isn't one already
id = addExtension( id ); // `foo` -> `foo.js`, `foo.js -> foo.js`
id = addExtension( id, '.myext' ); // `foo` -> `foo.myext`, `foo.js -> `foo.js`
}
};
}
This function attaches Scope
objects to the relevant nodes of an AST. Each Scope
object has a scope.contains(name)
method that returns true
if a given name is defined in the current scope or a parent scope.
See rollup-plugin-inject or rollup-plugin-commonjs for an example of usage.
import { attachScopes } from 'rollup-pluginutils';
import { parse } from 'acorn';
import { walk } from 'estree-walker';
export default function myPlugin ( options = {} ) {
return {
transform ( code ) {
const ast = parse( ast, {
ecmaVersion: 6,
sourceType: 'module'
});
let scope = attachScopes( ast, 'scope' );
walk( ast, {
enter ( node ) {
if ( node.scope ) scope = node.scope;
if ( !scope.contains( 'foo' ) ) {
// `foo` is not defined, so if we encounter it,
// we assume it's a global
}
},
leave ( node ) {
if ( node.scope ) scope = scope.parent;
}
});
}
};
}
import { createFilter } from 'rollup-pluginutils';
export default function myPlugin ( options = {} ) {
// `options.include` and `options.exclude` can each be a minimatch
// pattern, or an array of minimatch patterns, relative to process.cwd()
var filter = createFilter( options.include, options.exclude );
return {
transform ( code, id ) {
// if `options.include` is omitted or has zero length, filter
// will return `true` by default. Otherwise, an ID must match
// one or more of the minimatch patterns, and must not match
// any of the `options.exclude` patterns.
if ( !filter( id ) ) return;
// proceed with the transformation...
}
};
}
import { makeLegalIdentifier } from 'rollup-pluginutils';
makeLegalIdentifier( 'foo-bar' ); // 'foo_bar'
makeLegalIdentifier( 'typeof' ); // '_typeof'
MIT
1.3.1
2015-12-16
FAQs
Functionality commonly needed by Rollup plugins
The npm package rollup-pluginutils receives a total of 3,607,986 weekly downloads. As such, rollup-pluginutils popularity was classified as popular.
We found that rollup-pluginutils demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.