✂️ An ES6+ aware minifier based on the Babel toolchain (beta)
Installations
npm install babel-helper-to-multiple-sequence-expressions
Developer Guide
Typescript
❌ No
Module System
CommonJS
Score
99.5
Supply Chain
64.4
Quality
81.5
Maintenance
100
Vulnerability
100
License
Releases
babel-minify@0.5.1
Published on 15 Aug 2019
babel-minify@0.5.0
Published on 24 Sept 2018
babel-minify@0.4.3
Published on 14 May 2018
babel-minify@0.4.2
Published on 14 May 2018
babel-minify@0.4.1
Published on 03 May 2018
babel-minify@0.4.0
Published on 08 Apr 2018
Developer
Statistics
Updated on 25 Nov 2024
Languages
JavaScript (93.71%)
Python (5.93%)
Shell (0.35%)
Total Downloads
Cumulative downloads
Total Downloads
318,776,794318,776,794
Last day
-12.9%
Compared to previous day
Last week
-19.6%
Compared to previous week
Last month
35.9%
Compared to previous month
Last year
-28.2%
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
No dependencies detected.
babel-minify (beta)
An ES6+ aware minifier based on the Babel toolchain.
babel-minify
is consumable via API, CLI, or Babel preset. Try it online - babeljs.io/repl
Historical note: babel-minify was renamed from babili.
Table of Contents
Experimental
babel-minify
is an experimental project that attempts to use Babel's toolchain (for compilation) to do something in a similar vein, minification. It's currently in 0.x, so we don't recommend using it in production.
Checkout our CONTRIBUTING.md if you want to help out!
Requirements
- node >= 6
- babel >= 6.20.0
Why
Current tools don't support targeting the latest version of ECMAScript. (yet)
- BabelMinify can because it is just a set of Babel plugins, and Babel already understands new syntax with our parser Babylon.
- When it's possible to only target browsers that support newer ES features, code sizes can be smaller because you don't have to transpile and then minify.
Check out our blog post for more info!
1// Example ES2015 Code 2class Mangler { 3 constructor(program) { 4 this.program = program; 5 } 6} 7new Mangler(); // without this it would just output nothing since Mangler isn't used
Before
1// ES2015+ code -> Babel -> BabelMinify/Uglify -> Minified ES5 Code 2var a=function a(b){_classCallCheck(this,a),this.program=b};new a;
After
1// ES2015+ code -> BabelMinify -> Minified ES2015+ Code 2class a{constructor(b){this.program=b}}new a;
CLI
Package | Version | Dependencies |
---|---|---|
babel-minify |
Install
1npm install babel-minify --save-dev
Usage
1minify src -d lib
Babel preset
Package | Version | Dependencies |
---|---|---|
babel-preset-minify |
Install
1npm install babel-preset-minify --save-dev
Usage
note: minify is still in beta, so we don't recommend using it for production code but rather the production environment.
When testing, it's recommended to run minifiers for production so less code is sent to end-users vs. in development where it can be an issue for readability when debugging. Check out the env docs for more help.
Options specific to a certain environment are merged into and overwrite non-env specific options.
.babelrc
:
{
"presets": ["es2015"],
"env": {
"production": {
"presets": ["minify"]
}
}
}
Then you'll need to set the env variable which could be something like BABEL_ENV=production npm run build
Individual Plugins
The minify
repo is comprised of many npm packages. It is a lerna monorepo similar to babel itself.
The npm package babel-preset-minify
is at the path packages/babel-preset-minify
Usage
Normally you wouldn't be consuming the plugins directly since the preset is available.
Add to your .babelrc
's plugins array.
{
"plugins": ["babel-plugin-transform-undefined-to-void"]
}
Other
Package | Version | Dependencies |
---|---|---|
babel-plugin-transform-inline-environment-variables | ||
babel-plugin-transform-node-env-inline | ||
babel-plugin-transform-remove-console | ||
babel-plugin-transform-remove-debugger |
Benchmarks
Bootstrap:
npm run bootstrap
Build:
npm run build
Running the benchmarks:
./scripts/benchmark.js [file...]
- defaults to a few packages fetched from unpkg.com and is defined in benchmark.js.
Note: All Input sources are ES5.
Benchmark Results for react.js:
Input Size: 54.79KB
Input Size (gzip): 15.11KB
minifier | output raw | raw win | gzip output | gzip win | parse time (ms) | minify time (ms) |
---|---|---|---|---|---|---|
babel-minify | 15.97KB | 71% | 6.08KB | 60% | 1.00 | 1039.06 |
terser | 15.65KB | 71% | 5.98KB | 60% | 0.93 | 532.19 |
uglify | 15.6KB | 72% | 6KB | 60% | 1.09 | 463.69 |
closure-compiler | 15.74KB | 71% | 6.04KB | 60% | 1.22 | 2361.41 |
closure-compiler-js | 18.21KB | 67% | 6.73KB | 55% | 1.08 | 3381.47 |
Benchmark Results for vue.js:
Input Size: 282.52KB
Input Size (gzip): 77.52KB
minifier | output raw | raw win | gzip output | gzip win | parse time (ms) | minify time (ms) |
---|---|---|---|---|---|---|
babel-minify | 104.21KB | 63% | 38.71KB | 50% | 6.09 | 3538.30 |
terser | 103.12KB | 63% | 37.92KB | 51% | 6.42 | 1680.85 |
uglify | 102.71KB | 64% | 38.08KB | 51% | 6.59 | 1662.50 |
closure-compiler | 101.93KB | 64% | 38.6KB | 50% | 10.41 | 4413.06 |
closure-compiler-js | 105.18KB | 63% | 39.5KB | 49% | 6.79 | 12082.80 |
Benchmark Results for lodash.js:
Input Size: 527.18KB
Input Size (gzip): 94.04KB
minifier | output raw | raw win | gzip output | gzip win | parse time (ms) | minify time (ms) |
---|---|---|---|---|---|---|
babel-minify | 69.59KB | 87% | 24.37KB | 74% | 5.38 | 2587.27 |
terser | 68.66KB | 87% | 24.31KB | 74% | 6.41 | 1913.43 |
uglify | 68.15KB | 87% | 24.05KB | 74% | 5.89 | 2075.71 |
closure-compiler | 71.05KB | 87% | 24.19KB | 74% | 6.24 | 4119.43 |
closure-compiler-js | 73.51KB | 86% | 24.94KB | 73% | 5.17 | 9650.59 |
Benchmark Results for three.js:
Input Size: 1.05MB
Input Size (gzip): 212.43KB
minifier | output raw | raw win | gzip output | gzip win | parse time (ms) | minify time (ms) |
---|---|---|---|---|---|---|
babel-minify | 535.88KB | 50% | 134.66KB | 37% | 27.24 | 9988.57 |
terser | 536.16KB | 50% | 132.78KB | 37% | 28.39 | 3919.34 |
uglify | 533.42KB | 50% | 133.21KB | 37% | 26.15 | 4025.20 |
closure-compiler | 532.44KB | 51% | 134.41KB | 37% | 29.96 | 9029.19 |
closure-compiler-js | 543.08KB | 50% | 136.3KB | 36% | 24.36 | 95743.77 |
Browser support
Babel Minify is best at targeting latest browsers (with full ES6+ support) but can also be used with the usual Babel es2015 preset to transpile down the code first.
Team
Amjad Masad | Boopathi Rajaa | Juriy Zaytsev | Henry Zhu | Vignesh Shanmugam |
@amasad | @boopathi | @kangax | @hzoo | @vigneshshanmugam |
@amasad | @heisenbugger | @kangax | @left_pad | @_vigneshh |
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
binaries present in source code
Details
- Warn: binary detected: scripts/gcc.jar:1
Reason
Found 10/24 approved changesets -- score normalized to 4
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/minify/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/minify/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/minify/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/minify/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/minify/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/minify/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/minify/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/minify/ci.yml/master?enable=pin
- Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 19 are checked with a SAST tool
Reason
81 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-6chw-6frg-f759
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-8w4h-3cm3-2pm2
- Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
- Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-c6rq-rjc2-86v2
- Warn: Project is vulnerable to: GHSA-mh2h-6j8q-x246
- Warn: Project is vulnerable to: GHSA-5q88-cjfq-g2mh / GHSA-xp63-6vf5-xf3v
- Warn: Project is vulnerable to: GHSA-897m-rjf5-jp39
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-3gx7-xhv7-5mx3
- Warn: Project is vulnerable to: GHSA-xf7w-r453-m56c
- Warn: Project is vulnerable to: GHSA-q42p-pg8m-cqh6
- Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9
- Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f
- Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p
- Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
- Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
- Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
- Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-vfrc-7r7c-w9mx
- Warn: Project is vulnerable to: GHSA-7wwv-vh3v-89cq
- Warn: Project is vulnerable to: GHSA-jp4x-w63m-7wgm
- Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-pc5p-h8pf-mvwp
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546
- Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-4xcv-9jjx-gfj3
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-fhjf-83wg-r2j9
- Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p
- Warn: Project is vulnerable to: GHSA-jmqm-f2gx-4fjv
- Warn: Project is vulnerable to: GHSA-6394-6h9h-cfjg
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-6g33-f262-xjp4
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
- Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
- Warn: Project is vulnerable to: GHSA-jv35-xqg7-f92r
- Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp
- Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr
- Warn: Project is vulnerable to: GHSA-2m39-62fm-q8r3
- Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
- Warn: Project is vulnerable to: GHSA-j44m-qm6p-hp7m
- Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
- Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
- Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
- Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
- Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
- Warn: Project is vulnerable to: GHSA-29xr-v42j-r956
- Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
3.1
/10
Last Scanned on 2024-12-02
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More