webpack-dependency-size
Advanced tools
Webpack plugin to get an overview of bundled dependencies and their size.
npm i -D webpack-dependency-size
In your Webpack config:
// 1. Import plugin
const DependencySize = require('webpack-dependency-size');
module.exports = {
...,
plugins: [
// 2. Add to plugins array
new DependencySize()
]
};
Pass in an options object to configure:
new DependencySize({
// Options
gzip: true
})
outputPath (dependency-size.json) JSON output path relative to Webpack output directory (output.path)gzip (false) Calculate gzipped sizeindent (2 spaces) JSON output indentationtype File = {
filepath: string; // bundled-in file
size: string; // human-readable size
reasons: string[]; // request sources
};
type Report = {
dependencyPath: string; // bundled-in package (sorted by `size`)
size: string; // human-readable net import size from package
files: File[]; // specific files imported from the package (sorted by `size`)
}[];
Tip: If the output is too large, I recommend using fx to navigate the JSON
[
{
"dependencyPath": "./node_modules/axios",
"size": "40.15 KB",
"files": [
{
"filepath": "./node_modules/axios/lib/utils.js",
"size": "8.61 KB",
"reasons": [
"./node_modules/axios/lib/adapters/xhr.js",
...
]
},
...
]
},
{
"dependencyPath": "./node_modules/lodash",
"size": "25.37 KB",
"files": [
{
"filepath": "./node_modules/lodash/_deburrLetter.js",
"size": "3.33 KB",
"reasons": [
"./node_modules/lodash/deburr.js"
]
},
...
]
},
...
]
MIT
FAQs
Track/evaluate dependencies bundled into a Webpack build
We found that webpack-dependency-size demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub postponed a new billing model for self-hosted Actions after developer pushback, but moved forward with hosted runner price cuts on January 1.
Research
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
Security News
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.