Gathering detailed insights and metrics for dynamic-cdn-webpack-plugin
Gathering detailed insights and metrics for dynamic-cdn-webpack-plugin
Get your dependencies from a cdn rather than bundling them in your app
Installations
npm install dynamic-cdn-webpack-pluginDeveloper Guide
BETA
Typescript
No
Module System
N/A
Min. Node Version
>=8
Node Version
12.10.0
NPM Version
6.13.3
Releases
7
Languages
1
JavaScript
JavaScript (100%)
Developer
mastilver
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
346 Stars
87 Commits
37 Forks
3 Watchers
3 Branches
5 Contributors
Updated on Feb 10, 2025
Maintainers
2
Package Meta Information
Latest Version
5.0.0
Package Id
dynamic-cdn-webpack-plugin@5.0.0
Unpacked Size
17.45 kB
Size
5.72 kB
File Count
7
NPM Version
6.13.3
Node Version
12.10.0
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
dynamic-cdn-webpack-plugin
Dynamically get your dependencies from a cdn rather than bundling them in your app
Install
$ npm install --save-dev dynamic-cdn-webpack-plugin module-to-cdn
Compatibility with webpack
If you are using webpack --version <= 3 then you should be installing with the following command.
$ npm install --save-dev dynamic-cdn-webpack-plugin@3.4.1 module-to-cdn
Usage with HtmlWebpackPlugin
webpack.config.js
1const path = require('path'); 2 3const HtmlWebpackPlugin = require('html-webpack-plugin'); 4const DynamicCdnWebpackPlugin = require('dynamic-cdn-webpack-plugin'); 5 6module.exports = { 7 entry: { 8 'app.js': './src/app.js' 9 }, 10 11 output: { 12 path.resolve(__dirname, './build'), 13 }, 14 15 plugins: [ 16 new HtmlWebpackPlugin(), 17 new DynamicCdnWebpackPlugin() 18 ] 19}
app.js
1import React from 'react'; 2import { BrowserRouter } from 'react-router-dom'; 3 4// ... do react stuff
webpack --mode=production will generate:
1/* simplified webpack build */ 2[function(module, __webpack_exports__, __webpack_require__) { 3 module.exports = React; 4}), 5(function(module, __webpack_exports__, __webpack_require__) { 6 module.exports = ReactRouterDOM; 7}), 8(function(module, __webpack_exports__, __webpack_require__) { 9 var react = __webpack_require__(0); 10 var reactRouterDOM = __webpack_require__(1); 11 12 /* ... */ 13})]
1<!DOCTYPE html> 2<html> 3 <head> 4 <meta charset="UTF-8"> 5 <title>Webpack App</title> 6 </head> 7 <body> 8 <script type="text/javascript" src="https://unpkg.com/react@15.5.3/dist/react.min.js"></script><script type="text/javascript" src="https://unpkg.com/react-router-dom@4.1.1/umd/react-router-dom.min.js"></script><script src="build/app.js"></script></body> 9</html>
Usage with ManifestPlugin
webpack.config.js
1const path = require('path'); 2 3const ManifestPlugin = require('webpack-manifest-plugin'); 4const DynamicCdnWebpackPlugin = require('dynamic-cdn-webpack-plugin'); 5 6module.exports = { 7 entry: { 8 'app': './src/app.js' 9 }, 10 11 output: { 12 path.resolve(__dirname, './build'), 13 }, 14 15 plugins: [ 16 new ManifestPlugin({ 17 fileName: 'manifest.json' 18 }), 19 new DynamicCdnWebpackPlugin() 20 ] 21}
app.js
1import React from 'react'; 2import { BrowserRouter } from 'react-router-dom'; 3 4// ... do react stuff
webpack --mode=production will generate:
1/* simplified webpack build */ 2[function(module, __webpack_exports__, __webpack_require__) { 3 module.exports = React; 4}), 5(function(module, __webpack_exports__, __webpack_require__) { 6 module.exports = ReactRouterDOM; 7}), 8(function(module, __webpack_exports__, __webpack_require__) { 9 var react = __webpack_require__(0); 10 var reactRouterDOM = __webpack_require__(1); 11 12 /* ... */ 13})]
1{ 2 "app.js": "app.js", 3 "react.js": "https://unpkg.com/react@15.5.3/dist/react.min.js", 4 "react-router-dom.js": "https://unpkg.com/react-router-dom@4.1.1/umd/react-router-dom.min.js" 5}
API
DynamicCdnWebpackPlugin(options)
webpack.config.js
1const DynamicCdnWebpackPlugin = require('dynamic-cdn-webpack-plugin'); 2 3module.exports = { 4 mode: 'production', 5 plugins: [ 6 new DynamicCdnWebpackPlugin(options) 7 ] 8}
options.disable
Type: boolean
Default: false
Useful when working offline, will fallback to webpack normal behaviour
options.env
Type: string
Default: mode
Values: development, production
Determine if it should load the development or the production version of modules
options.only
Type: Array<string>
Default: null
List the only modules that should be served by the cdn
options.exclude
Type: Array<string>
Default: []
List the modules that will always be bundled (not be served by the cdn)
options.verbose
Type: boolean
Default: false
Log whether the library is being served by the cdn or is bundled
options.resolver
Type: string, function
Default: 'module-to-cdn'
Allow you to define a custom module resolver, it can either be a function or an npm module.
The resolver should return (or resolve as a Promise) either null or an object with the keys: name, var, url, version.
Related
Contributors
Thanks goes to these wonderful people (emoji key):
 Thomas Sileghem 💻 📖 ⚠️ |  Faizaan 💬 💻 📖 |  MICHAEL JACKSON 💡 |  fedeoo 💻 |
|---|
This project follows the all-contributors specification. Contributions of any kind welcome!
License
MIT © Thomas Sileghem
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: license:0
- Info: FSF or OSI recognized license: MIT License: license:0
Reason
Found 4/26 approved changesets -- score normalized to 1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/build-and-test.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-and-test.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/mastilver/dynamic-cdn-webpack-plugin/build-and-test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-and-test.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/mastilver/dynamic-cdn-webpack-plugin/build-and-test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-and-test.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/mastilver/dynamic-cdn-webpack-plugin/build-and-test.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/build-and-test.yml:35
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 13 are checked with a SAST tool
Reason
12 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-rxrc-rgv4-jpvx
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
2.6
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More