webpack-hot-middleware - npm Package Compare versions

Comparing version 2.18.0 to 2.18.1

client.js

@@ -14,2 +14,3 @@ /*eslint-env browser*/
 if (__resourceQuery) {
+  var path = require('path-browserify');
   var querystring = require('querystring');
@@ -32,3 +33,3 @@ var overrides = querystring.parse(__resourceQuery.slice(1));
   if (overrides.dynamicPublicPath) {
-    options.path = __webpack_public_path__ + options.path;
+    options.path = path.join(__webpack_public_path__, options.path);
   }
@@ -35,0 +36,0 @@ }

middleware.js

@@ -58,3 +58,6 @@ module.exports = webpackHotMiddleware;
         'Cache-Control': 'no-cache, no-transform',
-        'Connection': 'keep-alive'
+        'Connection': 'keep-alive',
+        // While behind nginx, event stream should not be buffered:
+        // http://nginx.org/docs/http/ngx_http_proxy_module.html#proxy_buffering
+        'X-Accel-Buffering': 'no'
       });
@@ -61,0 +64,0 @@ res.write('\n');

package.json

 {
   "name": "webpack-hot-middleware",
-  "version": "2.18.0",
+  "version": "2.18.1",
   "description": "Webpack hot reloading you can attach to your own server",
@@ -29,2 +29,3 @@ "keywords": [
     "html-entities": "^1.2.0",
+    "path-browserify": "0.0.0",
     "querystring": "^0.2.0",
@@ -31,0 +32,0 @@ "strip-ansi": "^3.0.0"

README.md

 # Webpack Hot Middleware
 
-Webpack hot reloading using only [webpack-dev-middleware](http://webpack.github.io/docs/webpack-dev-middleware.html). This allows you to add hot reloading into an existing server without [webpack-dev-server](http://webpack.github.io/docs/webpack-dev-server.html).
+Webpack hot reloading using only [webpack-dev-middleware](https://webpack.js.org/guides/development/#webpack-dev-middleware). This allows you to add hot reloading into an existing server without [webpack-dev-server](https://webpack.js.org/configuration/dev-server/).
 
-This module is **only** concerned with the mechanisms to connect a browser client to a webpack server & receive updates. It will subscribe to changes from the server and execute those changes using [webpack's HMR API](http://webpack.github.io/docs/hot-module-replacement-with-webpack.html). Actually making your application capable of using hot reloading to make seamless changes is out of scope, and usually handled by another library.
+This module is **only** concerned with the mechanisms to connect a browser client to a webpack server & receive updates. It will subscribe to changes from the server and execute those changes using [webpack's HMR API](https://webpack.js.org/concepts/hot-module-replacement/). Actually making your application capable of using hot reloading to make seamless changes is out of scope, and usually handled by another library.
 
@@ -91,3 +91,3 @@ If you're using React then some common options are [react-transform-hmr](https://github.com/gaearon/react-transform-hmr/) and [react-hot-loader](https://github.com/gaearon/react-hot-loader).
 * **quiet** - Set to `true` to disable all console logging.
-* **dynamicPublicPath** - Set to `true` to use webpack `publicPath` as prefix of `path`. (We can set `__webpack_public_path__` dynamically at runtime in the entry point, see note of [output.publicPath](https://webpack.github.io/docs/configuration.html#output-publicpath))
+* **dynamicPublicPath** - Set to `true` to use webpack `publicPath` as prefix of `path`. (We can set `__webpack_public_path__` dynamically at runtime in the entry point, see note of [output.publicPath](https://webpack.js.org/configuration/output/#output-publicpath))
 
@@ -168,3 +168,3 @@ #### Middleware
 
-If you want to use [multiple entry points in your webpack config](https://webpack.github.io/docs/multiple-entry-points.html) you need to include the hot middleware client in each entry point. This ensures that each entry point file knows how to handle hot updates. See the [examples folder README](example/README.md) for an example.
+If you want to use [multiple entry points in your webpack config](https://webpack.js.org/concepts/output/#multiple-entry-points) you need to include the hot middleware client in each entry point. This ensures that each entry point file knows how to handle hot updates. See the [examples folder README](example/README.md) for an example.
 
@@ -171,0 +171,0 @@ ```js

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Improved metrics

Total package byte prevSize

109270

increased by139.19%

Number of low supply chain risk alerts

0

decreased by-100%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dependency count

5

increased by25%

Number of package files

19

decreased by-20.83%

Lines of code

912

decreased by-12.39%

Number of medium maintenance alerts

1

increased byInfinity%

Dependency changes

• + Addedpath-browserify@0.0.0

• + Addedpath-browserify@0.0.0(transitive)