Gathering detailed insights and metrics for extract-css-assets-webpack-plugin
Gathering detailed insights and metrics for extract-css-assets-webpack-plugin
🚀 ice.js: The Progressive App Framework Based On React(基于 React 的渐进式应用框架)
Installations
npm install extract-css-assets-webpack-pluginDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
12.22.12
NPM Version
6.14.16
Releases
134
Languages
6
TypeScript
JavaScript
CSS
EJS
AppleScript
Shell
TypeScript (90.85%)
JavaScript (6.48%)
CSS (1.57%)
EJS (0.92%)
AppleScript (0.18%)
Shell (0.01%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
18,547 Stars
3,281 Commits
2,129 Forks
440 Watchers
63 Branches
125 Contributors
Updated on Jul 13, 2025
Maintainers
4
Package Meta Information
Latest Version
0.2.10
Package Id
extract-css-assets-webpack-plugin@0.2.10
Unpacked Size
16.51 kB
Size
4.56 kB
File Count
9
NPM Version
6.14.16
Node Version
12.22.12
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
1
extract-css-assets-webpack-plugin
提取 css 文件中网络资源,将其本地化。
Required
- webpack >= 4.0
Options
outputPath默认值:""提取后的文件目录前缀relativeCssPath默认值:""提取的文件后相对于 css 的路径forceLocal默认值:false是否 publicPath 为 http 网络路径时也强制生效
Usage
1import MiniCssExtractPlugin from 'mini-css-extract-plugin'; 2import ExtractCssAssetsPlugin from 'extract-css-assets-webpack-plugin'; 3 4module.exports = { 5 entry: './index', 6 output: { 7 publicPath: '/', 8 }, 9 module: { 10 rules: [ 11 { 12 test: /\.(png|jpg|gif)$/, 13 use: [ 14 { 15 loader: 'url-loader', 16 options: { 17 limit: 8192, 18 name: 'assets/[hash].[ext]', 19 }, 20 }, 21 ], 22 }, 23 { 24 test: /\.css$/, 25 use: [MiniCssExtractPlugin.loader, 'css-loader'], 26 }, 27 ], 28 }, 29 plugins: [ 30 new MiniCssExtractPlugin({ 31 filename: 'css/[name].css', 32 chunkFileName: 'css/[id].css', 33 }), 34 new ExtractCssAssetsPlugin({ 35 outputPath: 'assets/', 36 relativeCssPath: '../', // 由于创建了 css 目录 则生成的图片相对于 css 目录则为 `'../'` 37 }), 38 ], 39};
input:
1body { 2 color: red; 3 background-image: url(//img.alicdn.com/tfs/TB1zSOZrFGWBuNjy0FbXXb4sXXa-1024-1024.png); 4} 5 6.b { 7 background-image: url('./img.jpg'); 8} 9 10@font-face { 11 font-family: 'iconfont'; /* project id 377048 */ 12 src: url('//at.alicdn.com/t/font_377048_kjcjjyweu4sra4i.eot'); 13 src: url('//at.alicdn.com/t/font_377048_kjcjjyweu4sra4i.eot?#iefix') format('embedded-opentype'), 14 url('//at.alicdn.com/t/font_377048_kjcjjyweu4sra4i.woff') format('woff'), 15 url('//at.alicdn.com/t/font_377048_kjcjjyweu4sra4i.ttf') format('truetype'), 16 url('//at.alicdn.com/t/font_377048_kjcjjyweu4sra4i.svg#iconfont') format('svg'); 17}
output:
1body { 2 color: red; 3 background-image: url('/assets/cd7e3c88d4211a9b0b2335d1e417bb12.png'); 4} 5 6.b { 7 background-image: url(/assets/fcaa0cae8fcd6ecf465971d57fdeff85.jpg); 8} 9 10@font-face { 11 font-family: 'iconfont'; /* project id 377048 */ 12 src: url('/assets/34032f039a2b3b449235ba9d307409ec.eot'); 13 src: url('/assets/34032f039a2b3b449235ba9d307409ec.eot?#iefix') format('embedded-opentype'), 14 url('/assets/f7efc431f760b9e8a6125054c5f4a502.woff') format('woff'), 15 url('/assets/3a70f449494ab666efaf24b72d563431.ttf') format('truetype'), url('/assets/b1b72dfa538406f3897c40ab412b4183.svg#iconfont') 16 format('svg'); 17}
注意事项
- 当
output.publicPath设置为 http 网络路径,并且forceLocal未设置为true时,插件不工作。
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
25 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 24/26 approved changesets -- score normalized to 9
Reason
SAST tool is not run on all commits -- score normalized to 2
Details
- Warn: 7 commits out of 30 are checked with a SAST tool
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/coverage.yml:29
- Warn: jobLevel 'checks' permission set to 'write': .github/workflows/coverage.yml:27
- Warn: no topLevel permission defined: .github/workflows/canary.yml:1
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Warn: no topLevel permission defined: .github/workflows/coverage.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/version.yml:1
- Warn: no topLevel permission defined: .github/workflows/website.yml:1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/canary.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/canary.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/canary.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/canary.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/canary.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/canary.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/canary.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/canary.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/coverage.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/coverage.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/coverage.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/coverage.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/coverage.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/coverage.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/coverage.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/coverage.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/coverage.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/coverage.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/version.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/version.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/version.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/version.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/version.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/version.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/version.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/version.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/website.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/website.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/website.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/website.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/website.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/website.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/website.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/alibaba/ice/website.yml/master?enable=pin
- Info: 0 out of 15 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 10 third-party GitHubAction dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
56 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-hpx4-r86g-5jrg
- Warn: Project is vulnerable to: GHSA-prr3-c3m5-p7q2
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
- Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
- Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
- Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
- Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
- Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-p3hc-fv2j-rp68
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
- Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986 / GHSA-64vr-g452-qvp3
- Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
- Warn: Project is vulnerable to: GHSA-vg6x-rcgg-rjx6
- Warn: Project is vulnerable to: GHSA-x574-m823-4x7w
- Warn: Project is vulnerable to: GHSA-4r4m-qw57-chr8
- Warn: Project is vulnerable to: GHSA-xcj6-pq6g-qj4x
- Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4
- Warn: Project is vulnerable to: GHSA-859w-5945-r5v3
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-f9xv-q969-pqx4
Score
4.9
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More