Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
The unplugin npm package is a framework-agnostic plugin system designed to create plugins that work across different build tools like Webpack, Vite, Rollup, and more. It allows developers to write a plugin once and have it compatible with multiple build systems without the need to rewrite it for each one.
Virtual Modules
Create virtual modules that can be imported by your code. These modules don't exist on the filesystem but are created on the fly by the plugin.
unplugin.createPlugin({
resolveId(id) {
if (id === 'virtual-module') return id;
},
load(id) {
if (id === 'virtual-module') return 'export default "This is virtual!"';
}
});
Transformations
Apply custom transformations to your code. This can be used to modify the source code of files before they are bundled.
unplugin.createPlugin({
transform(code, id) {
if (id.endsWith('.custom')) {
return code.replace(/find/g, 'replace');
}
}
});
Custom Build Steps
Execute custom code at different stages of the build process. This can be used to perform tasks before or after the build.
unplugin.createPlugin({
buildStart() {
console.log('Build started!');
},
buildEnd() {
console.log('Build finished!');
}
});
A Rollup plugin that allows replacing strings in files while bundling. It's similar to unplugin's transformation feature but is specific to Rollup.
A Webpack plugin to add virtual modules to the module graph. It provides functionality similar to unplugin's virtual modules but is specific to Webpack.
A Vite-specific plugin to support Vue 2.x. It demonstrates how plugins can be tailored to specific build tools, whereas unplugin aims to be build-tool agnostic.
Experimental
Unified plugin system for Vite, Rollup, and Webpack
Rollup | Webpack |
---|---|
transform | ✅ |
resolveId | 🚧 |
load | ✅ |
import { createUnplugin } from 'unplugin'
const plugin = createUnplugin((options: UserOptions) => {
return {
name: 'my-first-unplugin',
// webpack's id filter is outside of loader logic,
// an additional hook is needed for better perf on webpack
transformInclude (id) {
return id.endsWith('.vue')
},
// just like rollup transform
transform (code) {
return code.replace(/<template>/, `<template><div>Injected</div>`)
},
// more hooks incoming
}
})
const rollupPlugin = plugin.rollup({ /* ...user options */ })
const webpackPlugin = plugin.webpack()
See vue2-script-setup-transform as an example.
FAQs
Unified plugin system for build tools
The npm package unplugin receives a total of 6,136,325 weekly downloads. As such, unplugin popularity was classified as popular.
We found that unplugin demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.