Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
svg-sprite-loader
Advanced tools
svg-sprite-loader is a Webpack loader that optimizes SVG files by creating SVG sprites. This allows for efficient use of SVGs in web applications by reducing the number of HTTP requests and improving performance.
Basic Usage
This configuration sets up svg-sprite-loader to process SVG files and generate symbols with IDs based on the file name.
module.exports = {
module: {
rules: [
{
test: /\.svg$/,
loader: 'svg-sprite-loader',
options: {
symbolId: 'icon-[name]'
}
}
]
}
};
Custom Sprite Filename
This configuration extracts the SVGs into a single sprite file named 'custom-sprite.svg'.
module.exports = {
module: {
rules: [
{
test: /\.svg$/,
loader: 'svg-sprite-loader',
options: {
extract: true,
spriteFilename: 'custom-sprite.svg'
}
}
]
}
};
Using with SVGO
This configuration uses svg-sprite-loader in combination with svgo-loader to optimize SVG files before creating the sprite.
module.exports = {
module: {
rules: [
{
test: /\.svg$/,
use: [
'svg-sprite-loader',
{
loader: 'svgo-loader',
options: {
plugins: [
{ removeTitle: true },
{ convertColors: { shorthex: false } },
{ convertPathData: false }
]
}
}
]
}
]
}
};
svg-sprite is a standalone tool for creating SVG sprites. It offers a wide range of configuration options and can be used outside of Webpack. Compared to svg-sprite-loader, it is more flexible but requires additional setup to integrate with build systems.
svgstore is a Node.js library for creating SVG sprites. It is simpler and more lightweight compared to svg-sprite-loader, but it does not integrate directly with Webpack, requiring additional steps to use in a Webpack-based project.
gulp-svg-sprite is a Gulp plugin for creating SVG sprites. It is similar in functionality to svg-sprite-loader but is designed to work within a Gulp build process rather than Webpack.
Webpack loader for creating SVG sprites.
:tada: 2.0 is out, please read the migration guide & overview.
:warning: For old v0.x versions see the README in the v0 branch.
<svg><use xlink:href="#id"></use></svg>
.npm install svg-sprite-loader -D
# via yarn
yarn add svg-sprite-loader -D
// webpack 1
{
test: /\.svg$/,
loader: 'svg-sprite-loader',
query: { ... }
}
// webpack 1 multiple loaders
{
test: /\.svg$/,
loaders: [
`svg-sprite-loader?${JSON.stringify({ ... })}`,
'svg-fill-loader',
'svgo-loader'
]
}
// webpack >= 2
{
test: /\.svg$/,
loader: 'svg-sprite-loader',
options: { ... }
}
// webpack >= 2 multiple loaders
{
test: /\.svg$/,
use: [
{ loader: 'svg-sprite-loader', options: { ... } },
'svg-fill-loader',
'svgo-loader'
]
}
symbolId
(default [name]
)How <symbol>
id
attribute should be named. All patterns from loader-utils#interpolateName
are supported.
symbolRegExp
(default ''
)Passed to the symbolId interpolator to support the [N] pattern in the loader-utils name interpolator
esModule
(default true
, autoconfigured)Generated export format:
true
loader will produce export default ...
.false
the result is module.exports = ...
.By default depends on used webpack version: true
for webpack >= 2, false
otherwise.
When you require an image, loader transforms it to SVG <symbol>
, adds it to the special sprite storage and returns class instance
that represents symbol. It contains id
, viewBox
and content
fields and can later be used for referencing the sprite image, e.g:
import twitterLogo from './logos/twitter.svg';
// twitterLogo === SpriteSymbol<id: string, viewBox: string, content: string>
const rendered = `
<svg viewBox="${twitterLogo.viewBox}">
<use xlink:href="#${twitterLogo.id}" />
</svg>`;
When browser event DOMContentLoaded
is fired, sprite will be automatically rendered and injected in the document.body
.
If custom behaviour is needed (e.g. a different mounting target) default sprite module could be overridden via spriteModule
option. Check example below.
spriteModule
(autoconfigured)Path to sprite module that will be compiled and executed at runtime.
By default it depends on target
webpack config option:
svg-sprite-loader/runtime/browser-sprite.build
for 'web' target.svg-sprite-loader/runtime/sprite.build
for other targets.If you need custom behavior, use this option to specify a path of your sprite implementation module.
Path will be resolved relative to the current webpack build folder, e.g. utils/sprite.js
placed in current project dir should be written as ./utils/sprite
.
Example of sprite with custom mounting target (copypasted from browser-sprite):
import BrowserSprite from 'svg-baker-runtime/src/browser-sprite';
import domready from 'domready';
const sprite = new BrowserSprite();
domready(() => sprite.mount('#my-custom-mounting-target'));
export default sprite; // don't forget to export!
It's highly recommended to extend default sprite classes:
symbolModule
(autoconfigured)Same as spriteModule
, but for sprite symbol. By default also depends on target
webpack config option:
svg-sprite-loader/runtime/browser-symbol.build
for 'web' target.svg-sprite-loader/runtime/symbol.build
for other targets.runtimeGenerator
(default generator)Path to node.js script that generates client runtime. Use this option if you need to produce your own runtime, e.g. React component configured with imported symbol. Example.
runtimeCompat
(default false
, deprecated)Should runtime be compatible with earlier v0.x loader versions. This option will be removed in the next major version release.
runtimeOptions
Arbitrary data passed to runtime generator. Reserved for future use when other runtime generators will be created.
In the extract mode loader should be configured with plugin, otherwise an error is thrown. Example:
// webpack.config.js
const SpriteLoaderPlugin = require('svg-sprite-loader/plugin');
...
{
plugins: [
new SpriteLoaderPlugin()
]
}
extract
(default false
, autoconfigured)Switches loader to the extract mode. Enabled automatically for images imported from css/scss/sass/less/styl/html files.
spriteFilename
(type string|Function<string>
,default sprite.svg
)Filename of extracted sprite. Multiple sprites can be generated by specifying different loader rules restricted with include
option or
by providing custom function which recieves SVG file absolute path, e.g.:
{
test: /\.svg$/,
loader: 'svg-sprite-loader',
options: {
extract: true,
spriteFilename: svgPath => `sprite${svgPath.substr(-4)}`
}
}
[hash]
in sprite filename will be replaced by it's content hash.
It is also possible to generate sprite for each chunk by using [chunkname]
pattern in spriteFilename option. This is experimental feature, use it with caution!
You can render plain sprite in extract mode without styles and usages. Pass plainSprite: true
option to plugin constructor:
{
plugins: [
new SpriteLoaderPlugin({ plainSprite: true })
]
}
Sprite <svg>
tag attributes can be specified via spriteAttrs
plugin option:
{
plugins: [
new SpriteLoaderPlugin({
plainSprite: true,
spriteAttrs: {
id: 'my-custom-sprite-id'
}
})
]
}
See examples folder.
See CONTRIBUTING.md.
See LICENSE
Huge thanks for all this people.
FAQs
Webpack loader for creating SVG sprites
The npm package svg-sprite-loader receives a total of 188,719 weekly downloads. As such, svg-sprite-loader popularity was classified as popular.
We found that svg-sprite-loader demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.