Gathering detailed insights and metrics for @rollup/plugin-esm-shim
NPM was acquired by GitHub in March 2020.
Gathering detailed insights and metrics for @rollup/plugin-esm-shim
NPM was acquired by GitHub in March 2020.
npm install @rollup/plugin-esm-shim
52.2
Supply Chain
84.3
Quality
82
Maintenance
100
Vulnerability
99.6
License
3,647 Stars
1,192 Commits
591 Forks
36 Watching
4 Branches
262 Contributors
Updated on 23 Nov 2024
JavaScript (75.24%)
TypeScript (24.75%)
Shell (0.01%)
Cumulative downloads
Total Downloads
Last day
744.2%
650
Compared to previous day
Last week
20.2%
5,319
Compared to previous week
Last month
115.2%
14,638
Compared to previous month
Last year
1,091.8%
89,220
Compared to previous year
🍣 The one-stop shop for official Rollup plugins
This repository houses plugins that Rollup considers critical to every day use of Rollup, plugins which the organization has adopted maintenance of, and plugins that the project recommends to its users.
alias | Define and resolve aliases for bundle dependencies |
auto-install | Automatically install dependencies that are imported by a bundle |
babel | Compile your files with Babel |
beep | System beeps on errors and warnings |
buble | Compile ES2015 with buble |
commonjs | Convert CommonJS modules to ES6 |
data-uri | Import modules from Data URIs |
dsv | Convert .csv and .tsv files into JavaScript modules with d3-dsv |
dynamic-import-vars | Resolving dynamic imports that contain variables. |
eslint | Verify entry point and all imported files with ESLint |
esm-shim | Replace cjs syntax for esm output bundles |
graphql | Convert .gql/.graphql files to ES6 modules |
html | Create HTML files to serve Rollup bundles |
image | Import JPG, PNG, GIF, SVG, and WebP files |
inject | Scan modules for global variables and injects import statements where necessary |
json | Convert .json files to ES6 modules |
legacy | Add export declarations to legacy non-module scripts |
multi-entry | Use multiple entry points for a bundle |
node-resolve | Locate and bundle third-party dependencies in node_modules |
replace | Replace strings in files while bundling |
run | Run your bundles in Node once they're built |
strip | Remove debugger statements and functions like assert.equal and console.log from your code |
sucrase | Compile TypeScript, Flow, JSX, etc with Sucrase |
swc | Transpile TypeScript/JavaScript with the speedy-web-compiler |
terser | Generate a minified output bundle with terser |
typescript | Integration between Rollup and Typescript |
url | Import files as data-URIs or ES Modules |
virtual | Load virtual modules from memory |
wasm | Import WebAssembly code with Rollup |
yaml | Convert YAML files to ES6 modules |
pluginutils | A set of utility functions commonly used by Rollup plugins |
This repository is a monorepo which leverages pnpm for dependency management.
To begin, please install pnpm
:
1$ npm install pnpm -g
All plugin packages are kept in the /packages
directory.
1$ pnpm --filter ./packages/<name> add <package>
Where <package>
is the name of the NPM package you wish to add for a plugin package, and <name>
is the proper name of the plugin. e.g. @rollup/plugin-beep
.
1$ pnpm publish <name> [flags]
Where <name>
is the portion of the plugin package name following @rollup/plugin-
. (e.g. beep
)
The publish script performs the following actions:
package.json
CHANGELOG.md
for the target pluginpackage.json
and CHANGELOG.md
, with a commit message is in the form chore(release): <name>-v<version>
<name>-v<version>
(e.g. beep-v0.1.0
)The following flags are available to modify the publish process:
--dry
tells the script to perform a dry-run, skipping any file modifications, NPM, or Git Actions. Results from version determination and new ChangeLog additions are displayed.--major
, --minor
, --patch
can be used to force a particular type of semver bump.--no-push
will instruct the script not to push changes and tags to Git.--no-tag
will instruct the script not to tag the release.To run tests on all packages which have changes:
1$ pnpm test
To run tests on a specific package:
1$ pnpm --filter ./packages/<name> test
Linting:
To lint all packages which have changes:
1$ pnpm lint
To lint a specific package:
1$ pnpm --filter ./packages/<name> lint
Note: Scripts in the repository will run the root test
and lint
script on those packages which have changes. This is also how the CI pipelines function. To run either on a package outside of that pipeline, use pnpm <script> @rollup/plugin-<name>
.
While we don't have an official procedure for adding third-party plugins to this repository, we are absolutely open to the idea. If you'd like to speak about your project being a part of this repo, please reach out to @RollupJS on Twitter.
No vulnerabilities found.
Reason
30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
Reason
binaries present in source code
Details
Reason
Found 13/30 approved changesets -- score normalized to 4
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Reason
14 existing vulnerabilities detected
Details
Score
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More