Security News
PyPI’s New Archival Feature Closes a Major Security Gap
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
By Sarah Gooding - Jan 30, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
- Maintainers
- 1
About tgext.minify
tgext.minify is a Turbogears 2 middleware that automatically minifies your javascript
and CSS and cache it. It's able to obfuscate your js too.
CSS minifier based on rCSSmin by André Malo.
JS minifier/obfuscator based on SlimIt <https://github.com/rspivak/slimit>_ by Ruslan Spivak
The middleware is based on tgext.scss <https://bitbucket.org/_amol_/tgext.scss>_ by Alessandro Molina
Installing
tgext.scss can be installed both from pypi or from bitbucket::
easy_install tgext.minify
should just work for most of the users
Enabling tgext.minify
If tgext.pluggable is available enabling tgext.minify is just a matter of appending to your config/app_cfg.py::
from tgext.pluggable import plug
plug(base_config, 'tgext.minify')
Otherwise manually using tgext.minify is really simple, you edit your config/middeware.py and just after
the #Wrap your base TurboGears 2 application with custom middleware here comment wrap
app with MinifyMiddleware::
from tgext.minify import MinifyMiddleware
make_base_app = base_config.setup_tg_wsgi_app(load_environment)
def make_app(global_conf, full_stack=True, **app_conf):
app = make_base_app(global_conf, full_stack=True, **app_conf)
# Wrap your base TurboGears 2 application with custom middleware here
app = MinifyMiddleware(app)
return app
Now you just have to put your beautiful .css and .js files inside public/ and they will be served as minified.
JS obfuscation
If you need to obfuscate your javascript, just add mangle_js = true to your development.ini.
If you want to obfuscate also the global scope, add mangle_js_toplevel = true. Keep in mind that
if you obfuscate your js, you have to join js files that depends on each other, or the namespace will
be messed up.
Performance boost
Here is the report of a benchmark made on paster serving bootstrap.css with and without the middleware and then bootstrap.min.js already minified (without using the middleware)::
$ /usr/sbin/ab -n 1000 http://localhost:8080/css/bootstrap.css
Requests per second: 1135.50 [#/sec] (mean)
$ /usr/sbin/ab -n 1000 http://localhost:8080/css/bootstrap.css
Requests per second: 714.99 [#/sec] (mean)
$ /usr/sbin/ab -n 1000 http://localhost:8080/css/bootstrap.min.css
Requests per second: 806.26 [#/sec] (mean)
In these case serving the unminified css using tgext.minify is even faster than directly serving the same css file as it is served from memory (due to caching performed by tgext.minify).
FAQs
CSS and JS minifier / obfuscator for TurboGears 2
We found that tgext.minify demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
North Korean APT Lazarus Targets Developers with Malicious npm Package
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.
By Kirill Boychenko, Peter van der Zee - Jan 29, 2025
Security News
CISA Brings KEV Data to GitHub
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
By Sarah Gooding - Jan 29, 2025