Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Watchify is a browserify plugin that enables fast incremental bundling. It watches your files and updates the bundle whenever any of the source files change, making it ideal for development environments where quick feedback is essential.
Incremental Bundling
This feature allows you to set up a watch on your files so that any changes trigger a rebundling process. The code sample demonstrates how to use watchify with browserify to watch for changes in 'main.js' and update 'bundle.js' accordingly.
const watchify = require('watchify');
const browserify = require('browserify');
const fs = require('fs');
const b = browserify({
entries: ['main.js'],
cache: {},
packageCache: {},
plugin: [watchify]
});
b.on('update', bundle);
bundle();
function bundle() {
b.bundle().pipe(fs.createWriteStream('bundle.js'));
}
Custom Watch Options
Watchify allows you to customize the watch options, such as setting a delay before rebundling. The code sample shows how to set a custom delay of 1000 milliseconds before the rebundling process starts.
const watchify = require('watchify');
const browserify = require('browserify');
const fs = require('fs');
const customOpts = {
entries: ['main.js'],
cache: {},
packageCache: {},
plugin: [watchify],
delay: 1000 // Custom delay before rebundling
};
const b = browserify(customOpts);
b.on('update', bundle);
bundle();
function bundle() {
b.bundle().pipe(fs.createWriteStream('bundle.js'));
}
Gulp-watch is a file watcher specifically designed for use with Gulp. It allows you to watch files and run Gulp tasks when changes are detected. Unlike watchify, which is tightly integrated with browserify, gulp-watch is more general-purpose and can be used with any Gulp task.
Chokidar is a highly efficient file watcher that can be used to watch files and directories for changes. It is more flexible than watchify as it is not tied to any specific bundler and can be used in a variety of scenarios. However, it requires more setup to achieve the same functionality as watchify when used with browserify.
Webpack is a powerful module bundler that includes built-in file watching capabilities. It can be configured to watch files and recompile the bundle when changes are detected. While it offers more features and flexibility compared to watchify, it also comes with a steeper learning curve.
watch mode for browserify builds
Update any source file and your browserify bundle will be recompiled on the spot.
Use watchify
with all the same arguments as browserify
except that
-o
is mandatory:
$ watchify main.js -o static/bundle.js
Now as you update files, static/bundle.js
will be automatically re-compiled on
the fly.
You can use -v
to get more verbose output to show when a file was written:
$ watchify browser.js -d -o static/bundle.js -v
610598 bytes written to static/bundle.js
610606 bytes written to static/bundle.js
610597 bytes written to static/bundle.js
610606 bytes written to static/bundle.js
610597 bytes written to static/bundle.js
610597 bytes written to static/bundle.js
All the bundle options are the same as the browserify command except for -v
.
var watchify = require('watchify')
Create a browserify bundle w
from opts
.
w
is exactly like a browserify bundle except that caches file contents and
emits an 'update'
event when a file changes. You should call w.bundle()
after the 'update'
event fires to generate a new bundle. Calling w.bundle()
extra times past the first time will be much faster due to caching.
When the bundle changes, emit the array of bundle ids
that changed.
With npm do:
$ npm install -g watchify
to get the watchify command and:
$ npm install watchify
to get just the library.
MIT
FAQs
watch mode for browserify builds
The npm package watchify receives a total of 276,156 weekly downloads. As such, watchify popularity was classified as popular.
We found that watchify demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 41 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.