npmpackage.info

Gathering detailed insights and metrics for @jamesernator/rollup-pluginutils

The total size of the npm registry is estimated to be over 4 terabytes. This includes all the packages, versions, and metadata stored in the registry.

@jamesernator/rollup-pluginutils

This package has moved and is now available at @rollup/pluginutils / https://github.com/rollup/plugins

2.3.2

TypeScript

1,799

1.4

Installations

npm install @jamesernator/rollup-pluginutils

Score

69.6

Supply Chain

94.7

Quality

71.5

Maintenance

Vulnerability

100

License

Pull Requests

Open

0

Total

45

Closed

10

Merged

35

Issues

Open

0

Total

24

Closed

24

Releases

Unable to fetch releases

Contributors

View all 23 contributors

Developer

rollup

Module System

BETA

CommonJS

Statistics

45 Stars

138 Commits

17 Forks

16 Watching

4 Branches

23 Contributors

Updated on 28 Feb 2024

Languages

TypeScript (85.33%)

JavaScript (14.67%)

Total Downloads

Cumulative downloads

Total Downloads

1,799

Last day

-75%

Compared to previous day

Last week

-40%

Compared to previous week

Last month

122.2%

Compared to previous month

Last year

-32.1%

260

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

estree-walker micromatch

Dev Dependencies

eslint husky lint-staged mocha rollup rollup-plugin-buble

Versions

Moved

This package has moved and is now available at @rollup/pluginutils. Please update your dependencies. This repository is no longer maintained.

rollup-pluginutils

A set of functions commonly used by Rollup plugins.

Installation

1npm install --save rollup-pluginutils

Usage

addExtension

1import { addExtension } from 'rollup-pluginutils';
2
3export default function myPlugin ( options = {} ) {
4  return {
5    resolveId ( code, id ) {
6      // only adds an extension if there isn't one already
7      id = addExtension( id ); // `foo` -> `foo.js`, `foo.js -> foo.js`
8      id = addExtension( id, '.myext' ); // `foo` -> `foo.myext`, `foo.js -> `foo.js`
9    }
10  };
11}

attachScopes

This function attaches Scope objects to the relevant nodes of an AST. Each Scope object has a scope.contains(name) method that returns true if a given name is defined in the current scope or a parent scope.

See rollup-plugin-inject or rollup-plugin-commonjs for an example of usage.

1import { attachScopes } from 'rollup-pluginutils';
2import { walk } from 'estree-walker';
3
4export default function myPlugin ( options = {} ) {
5  return {
6    transform ( code ) {
7      const ast = this.parse( code );
8
9      let scope = attachScopes( ast, 'scope' );
10
11      walk( ast, {
12        enter ( node ) {
13          if ( node.scope ) scope = node.scope;
14
15          if ( !scope.contains( 'foo' ) ) {
16            // `foo` is not defined, so if we encounter it,
17            // we assume it's a global
18          }
19        },
20        leave ( node ) {
21          if ( node.scope ) scope = scope.parent;
22        }
23      });
24    }
25  };
26}

createFilter

1import { createFilter } from 'rollup-pluginutils';
2
3export default function myPlugin ( options = {} ) {
4  // `options.include` and `options.exclude` can each be a minimatch
5  // pattern, or an array of minimatch patterns, relative to process.cwd()
6  var filter = createFilter( options.include, options.exclude );
7
8  return {
9    transform ( code, id ) {
10      // if `options.include` is omitted or has zero length, filter
11      // will return `true` by default. Otherwise, an ID must match
12      // one or more of the minimatch patterns, and must not match
13      // any of the `options.exclude` patterns.
14      if ( !filter( id ) ) return;
15
16      // proceed with the transformation...
17    }
18  };
19}

If you want to resolve the patterns against a directory other than process.cwd(), you can additionally pass a resolve option:

1var filter = createFilter( options.include, options.exclude, {resolve: '/my/base/dir'} )

If resolve is a string, then this value will be used as the base directory. Relative paths will be resolved against process.cwd() first. If resolve is false, then the patterns will not be resolved against any directory. This can be useful if you want to create a filter for virtual module names.

makeLegalIdentifier

1import { makeLegalIdentifier } from 'rollup-pluginutils';
2
3makeLegalIdentifier( 'foo-bar' ); // 'foo_bar'
4makeLegalIdentifier( 'typeof' ); // '_typeof'

dataToEsm

Helper for treeshakable data imports

1import { dataToEsm } from 'rollup-pluginutils';
2
3const esModuleSource = dataToEsm({
4  custom: 'data',
5  to: ['treeshake']
6}, {
7  compact: false,
8  indent: '\t',
9  preferConst: false,
10  objectShorthand: false,
11  namedExports: true
12});
13/*
14Outputs the string ES module source:
15  export const custom = 'data';
16  export const to = ['treeshake'];
17  export default { custom, to };
18*/

extractAssignedNames

Extract the names of all assignment targets from patterns.

1import { extractAssignedNames } from 'rollup-pluginutils';
2import { walk } from 'estree-walker';
3
4export default function myPlugin ( options = {} ) {
5  return {
6    transform ( code ) {
7      const ast = this.parse( code );
8
9      walk( ast, {
10        enter ( node ) {
11          if ( node.type === 'VariableDeclarator' ) {
12          	const declaredNames = extractAssignedNames(node.id);
13          	// do something with the declared names
14          	// e.g. for `const {x, y: z} = ... => declaredNames = ['x', 'z']
15          }
16        }
17      });
18    }
19  };
20}

License

MIT

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

1

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

Security-Policy

Determines if the project has published a security policy.

0

License

Determines if the project has defined a license.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

51 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-6chw-6frg-f759
Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3
Warn: Project is vulnerable to: MAL-2023-462
Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9
Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f
Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p
Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p
Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6
Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj
Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp

Score

1.4

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More