Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
webpack-ruleset
Advanced tools
WebpackRuleset is a slimmed down version of webpack/lib/RuleSet
for matching, modifying, and inserting rules in webpack config. Webpack's included RuleSet class normalizes it's rule set, which means the list of loaders returned is not the original rules from config. This class simulates what Webpack's RuleSet does, but keeps a reference to the original rules from config. This allows WebpackRuleset to be used to mutate a Webpack config in place.
npm install webpack-ruleset
A Webpack config rule can include a child lists of rules as either rules
or oneOf
attributes. WebpackRuleset will iterate over child rules simmilar to how Webpack iterates over rules when processing an imported resource.
forEach(action)
Iterates over all rules in the rule set. For oneOf
child rules, iteration continues until action
returns a truthy value.
Update a rule based on a filename that the rule would match.
const ruleSet = new WebpackRuleset(webpackConfig.module.rules);
ruleSet.forEach(rule => {
if (rule.loader.includes('babel-loader')) {
rule.options.babelrc = true;
return true;
}
return false;
});
forAll(action)
Iterates over all rules in the rule set. For oneOf
child rules, iteration continues regardless of what value action
returns.
const ruleSet = new WebpackRuleset(webpackConfig.module.rules);
const HASHED_NAME_RE = /\.?\-?\[(chunk|content)?hash(:\d*)?\]/;
ruleSet.forAll(rule => {
if (rule.options && rule.options.name && HASHED_NAME_RE.test(rule.options.name)) {
rule.options.name = formatPath(rule.options.name);
}
});
WebpackRuleset also includes a number of matcher methods. Matcher methods take a matcher as their first argument.
The matcher argument can be any of the following:
A function, which will be passed both the rule and Webpack "normalized" rule and should return true for a matching rule and false for a non-matching rule.
A resource path string to test rules against. examples: "/full/path/to/something.js" "src/styles.css" - resolved relative to process.cwd() ".css" - treated as "fake_file.css"
A string suffexed with "-loader". If the matcher is a string ending in "-loader", it will be matched against
An object with action
, loader
, or resource
and optional loaderType
('pre' or 'post') attributes. Specifying a matcher as an object allows you to specify wether you want to match pre or post loaders.
const action = '.js' // Matches loaders that would match files with the .js extension
const action = { // Matches pre-loaders that would match files with the .js extension
loaderType: 'pre',
resource: '.js',
}
forMatching(matcher, action)
Locate and execute the action on the first matching rule.
Iterates over all rules in the rule set. For oneOf
child rules, iteration continues until the matcher matches a rule.
Update a rule based on a filename that the rule would match.
const ruleSet = new WebpackRuleset(webpackConfig.module.rules);
ruleSet.forMatching('.js', jsRule => {
jsRule.options.babelrc = true;
});
Update a rule based on the loader name.
const ruleSet = new WebpackRuleset(webpackConfig.module.rules);
ruleSet.forMatching('css-loader', cssRule => {
cssRule.options.modules = true;
});
forAllMatching(matcher, action)
Locate and execute the action on all rules that match.
Iterates over all rules in the rule set. For oneOf
child rules, iteration continues, even after the matcher matches a rule.
When a oneOf
list of rules is encountered, forMatching
will call the given action on all matching rules in the oneOf
list.
const ruleSet = new WebpackRuleset(webpackConfig.module.rules);
const rulesWithHashedNames = r => r.options && r.options.name && isHashedName(r.options.name);
ruleSet.forAllMatching(rulesWithHashedNames, rule => {
rule.options.name = formatPath(rule.options.name);
});
filter(matcher)
Gathers matching rules into a flat array.
Iterates over all rules in the rule set. For oneOf
child rules, iteration continues until the matcher matches a rule.
const ruleSet = new WebpackRuleset(webpackConfig.module.rules);
const cssLoaders = ruleSet.filter('.css');
filterAll(matcher)
Gathers matching rules into a flat array.
Iterates over all rules in the rule set. For oneOf
child rules, iteration continues, even after the matcher matches a rule.
const ruleSet = new WebpackRuleset(webpackConfig.module.rules);
const cssLoaders = ruleSet.filterAll('.css');
getOneRule(matcher)
Locate a matching rule. Asserts that only one rule matches.
const ruleSet = new WebpackRuleset(webpackConfig.module.rules);
const jsRule = ruleSet.getOneRule('.js');
jsRule.options.babelrc = true;
insertRuleBeforeMatch(matcher, insert)
Inserts a new rule before the matching rule. Asserts that only one matching rule is found.
Accepts either a rule object or a function as the second argument. If the insert
argument is a function it is called with the matching rule and the parent of the matching rule as parents, otherwise it is inserted as the new rule.
function addCssModuleOption(loader) {
if (loader.loader && /css\-loader/.test(loader.loader)) {
return {...loader, options: {...loader.options, modules: true}};
}
return loader;
}
const ruleSet = new WebpackRuleset(webpackConfig.module.rules);
// Given a rule set containing a standard css loader, add a css modules rule, with
// css files suffixed with ".global.css" falling through to the existing, non-modules
// css loader.
ruleSet.insertRuleBeforeMatch('.css', globalCssRule => {
return Object.assign({},
globalCssRule,
{
loader: globalCssRule.loader && globalCssRule.loader.map(addCssModuleOption),
use: globalCssRule.use && globalCssRule.use.map(addCssModuleOption),
include: paths.appSrc,
exclude: /\.global\.css$/,
}
);
});
insertRuleAfterMatch(matcher, insert)
Same as insertRuleBeforeMatch
, except that the new rule is inserted after the matching rule.
FAQs
A class for working with webpack config rules.
The npm package webpack-ruleset receives a total of 22 weekly downloads. As such, webpack-ruleset popularity was classified as not popular.
We found that webpack-ruleset demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.