Webpack hot reloading you can attach to your own server
Installations
npm install @gatsbyjs/webpack-hot-middleware
Score
99.4
Supply Chain
99.1
Quality
82.1
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Developer
gatsbyjs
Developer Guide
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
14.17.5
NPM Version
6.14.14
Statistics
3 Stars
349 Commits
4 Forks
3 Watching
2 Branches
Updated on 22 Apr 2024
Bundle Size
2.20 kB
Minified
1.10 kB
Minified + Gzipped
Languages
JavaScript (98.02%)
HTML (1.98%)
Total Downloads
Cumulative downloads
Total Downloads
44,841,102
Last day
-3.3%
37,032
Compared to previous day
Last week
0.1%
210,221
Compared to previous week
Last month
0.3%
900,749
Compared to previous month
Last year
-13.5%
11,925,159
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
THIS IS A FORK TO BE COMPATIBLE WITH WEBPACK 5 & FAST REFRESH
Webpack Hot Middleware
Webpack hot reloading using only webpack-dev-middleware. This allows you to add hot reloading into an existing server without webpack-dev-server.
This module is only concerned with the mechanisms to connect a browser client to a webpack server & receive updates. It will subscribe to changes from the server and execute those changes using webpack's HMR API. Actually making your application capable of using hot reloading to make seamless changes is out of scope, and usually handled by another library.
If you're using React then some common options are react-transform-hmr and react-hot-loader.
Installation & Usage
See example/ for an example of usage.
First, install the npm module.
1npm install --save-dev webpack-hot-middleware
Next, enable hot reloading in your webpack config:
-
Add the following plugins to the
plugins
array:1plugins: [ 2 // OccurrenceOrderPlugin is needed for webpack 1.x only 3 new webpack.optimize.OccurrenceOrderPlugin(), 4 new webpack.HotModuleReplacementPlugin(), 5 // Use NoErrorsPlugin for webpack 1.x 6 new webpack.NoEmitOnErrorsPlugin() 7]
Occurence ensures consistent build hashes, hot module replacement is somewhat self-explanatory, no errors is used to handle errors more cleanly.
-
Add
'webpack-hot-middleware/client'
into theentry
array. This connects to the server to receive notifications when the bundle rebuilds and then updates your client bundle accordingly.
Now add the middleware into your server:
-
Add
webpack-dev-middleware
the usual way1var webpack = require('webpack'); 2var webpackConfig = require('./webpack.config'); 3var compiler = webpack(webpackConfig); 4 5app.use(require("webpack-dev-middleware")(compiler, { 6 noInfo: true, publicPath: webpackConfig.output.publicPath 7}));
-
Add
webpack-hot-middleware
attached to the same compiler instance1app.use(require("webpack-hot-middleware")(compiler));
And you're all set!
Changelog
2.0.0
Breaking Change
As of version 2.0.0, all client functionality has been rolled into this module. This means that you should remove any reference to webpack/hot/dev-server
or webpack/hot/only-dev-server
from your webpack config. Instead, use the reload
config option to control this behaviour.
This was done to allow full control over the client receiving updates, which is now able to output full module names in the console when applying changes.
Documentation
More to come soon, you'll have to mostly rely on the example for now.
Config
Client
Configuration options can be passed to the client by adding querystring parameters to the path in the webpack config.
1'webpack-hot-middleware/client?path=/__what&timeout=2000&overlay=false'
- path - The path which the middleware is serving the event stream on
- name - Bundle name, specifically for multi-compiler mode
- timeout - The time to wait after a disconnection before attempting to reconnect
- overlay - Set to
false
to disable the DOM-based client-side overlay. - reload - Set to
true
to auto-reload the page when webpack gets stuck. - noInfo - Set to
true
to disable informational console logging. - quiet - Set to
true
to disable all console logging. - dynamicPublicPath - Set to
true
to use webpackpublicPath
as prefix ofpath
. (We can set__webpack_public_path__
dynamically at runtime in the entry point, see note of output.publicPath) - autoConnect - Set to
false
to use to prevent a connection being automatically opened from the client to the webpack back-end - ideal if you need to modify the options using thesetOptionsAndConnect
function - ansiColors - An object to customize the client overlay colors as mentioned in the ansi-html package.
- overlayStyles - An object to let you override or add new inline styles to the client overlay div.
- overlayWarnings - Set to
true
to enable client overlay on warnings in addition to errors.
Note: Since the
ansiColors
andoverlayStyles
options are passed via query string, you'll need to uri encode your stringified options like below:
1var ansiColors = { 2 red: '00FF00' // note the lack of "#" 3}; 4var overlayStyles = { 5 color: '#FF0000' // note the inclusion of "#" (these options would be the equivalent of div.style[option] = value) 6}; 7var hotMiddlewareScript = 'webpack-hot-middleware/client?path=/__webpack_hmr&timeout=20000&reload=true&ansiColors=' + encodeURIComponent(JSON.stringify(ansiColors)) + '&overlayStyles=' + encodeURIComponent(JSON.stringify(overlayStyles));
Middleware
Configuration options can be passed to the middleware by passing a second argument.
1app.use(require("webpack-hot-middleware")(compiler, { 2 log: false, 3 path: "/__what", 4 heartbeat: 2000 5}));
- log - A function used to log lines, pass
false
to disable. Defaults toconsole.log
- path - The path which the middleware will serve the event stream on, must match the client setting
- heartbeat - How often to send heartbeat updates to the client to keep the connection alive. Should be less than the client's
timeout
setting - usually set to half its value.
How it Works
The middleware installs itself as a webpack plugin, and listens for compiler events.
Each connected client gets a Server Sent Events connection, the server will publish notifications to connected clients on compiler events.
When the client receives a message, it will check to see if the local code is up to date. If it isn't up to date, it will trigger webpack hot module reloading.
Multi-compiler mode
If you're using multi-compiler mode (exporting an array of config in webpack.config.js
), set name
parameters to make sure bundles don't process each other's updates. For example:
// webpack.config.js
module.exports = [
{
name: 'mobile',
entry: {
vendor: 'vendor.js',
main: ['webpack-hot-middleware/client?name=mobile', 'mobile.js']
}
},
{
name: 'desktop',
entry: {
vendor: 'vendor.js',
main: ['webpack-hot-middleware/client?name=desktop', 'desktop.js']
}
}
]
Other Frameworks
Hapi
Use the hapi-webpack-plugin.
Koa
koa-webpack-middleware wraps this module for use with Koa 1.x
koa-webpack can be used for Koa 2.x
Troubleshooting
Use on browsers without EventSource
If you want to use this module with browsers that don't support eventsource, you'll need to use a polyfill. See issue #11
Not receiving updates in client when using Gzip
This is because gzip generally buffers the response, but the Server Sent Events event-stream expects to be able to send data to the client immediately. You should make sure gzipping isn't being applied to the event-stream. See issue #10.
Use with auto-restarting servers
This module expects to remain running while you make changes to your webpack bundle, if you use a process manager like nodemon then you will likely see very slow changes on the client side. If you want to reload the server component, either use a separate process, or find a way to reload your server routes without restarting the whole process. See https://github.com/glenjamin/ultimate-hot-reloading-example for an example of one way to do this.
Use with multiple entry points in webpack
If you want to use multiple entry points in your webpack config you need to include the hot middleware client in each entry point. This ensures that each entry point file knows how to handle hot updates. See the examples folder README for an example.
1entry: { 2 vendor: ['jquery', 'webpack-hot-middleware/client'], 3 index: ['./src/index', 'webpack-hot-middleware/client'] 4}
License
See LICENSE file.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 1/28 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 3 are checked with a SAST tool
Reason
80 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-6chw-6frg-f759
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-whgm-jr23-g3j9
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
- Warn: Project is vulnerable to: GHSA-c6rq-rjc2-86v2
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-h452-7996-h45h
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-vh7m-p724-62c2
- Warn: Project is vulnerable to: GHSA-r9p9-mrjm-926w
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3
- Warn: Project is vulnerable to: MAL-2023-462
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-q42p-pg8m-cqh6
- Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9
- Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f
- Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p
- Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
- Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
- Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
- Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546
- Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
- Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
- Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-7wpw-2hjm-89gp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-fhjf-83wg-r2j9
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-h9rv-jmmf-4pgx
- Warn: Project is vulnerable to: GHSA-hxcc-f52p-wc94
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp
- Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr
- Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
- Warn: Project is vulnerable to: GHSA-j44m-qm6p-hp7m
- Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
- Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
- Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
- Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
- Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Score
1.7
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to @gatsbyjs/webpack-hot-middleware
webpack-hot-middleware
Webpack hot reloading you can attach to your own server
webpack-dev-middleware
A development middleware for webpack
@types/webpack-hot-middleware
TypeScript definitions for webpack-hot-middleware
webpack-hot-server-middleware
Hot updates Webpack bundles on the server