Gathering detailed insights and metrics for gatsby-plugin-loadable-components-ssr-fix
Gathering detailed insights and metrics for gatsby-plugin-loadable-components-ssr-fix
Gatsby plugin for using @loadable/component with Gatsby's SSR
Installations
npm install gatsby-plugin-loadable-components-ssr-fixDeveloper Guide
BETA
Typescript
No
Module System
N/A
Min. Node Version
>=8.0.0
Node Version
13.6.0
NPM Version
6.13.4
Releases
12
Updated dependencies
v2.1.0
Updated on May 15, 2020
Renamed option renderFn to useHydrate
v2.0.0
Updated on Mar 03, 2020
Added option to specify render function
v1.1.0
Updated on Mar 03, 2020
Fixed error logged on console on develop
v1.0.8
Updated on Mar 03, 2020
Fixed a bug that rendered all chunks on all the pages
v1.0.7
Updated on Dec 18, 2019
v1.0.6
v1.0.6
Updated on Dec 15, 2019
Languages
2
JavaScript
Shell
JavaScript (98.39%)
Shell (1.61%)
Developer
hector-del-rio
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
49 Stars
96 Commits
25 Forks
4 Watchers
26 Branches
14 Contributors
Updated on Jul 03, 2023
Maintainers
1
Package Meta Information
Latest Version
2.0.2
Package Id
gatsby-plugin-loadable-components-ssr-fix@2.0.2
Unpacked Size
7.54 kB
Size
2.95 kB
File Count
9
NPM Version
6.13.4
Node Version
13.6.0
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
2
Dev Dependencies
4
Description
Server-side rendering loadable components in your gatsby application.
Installation
npm install --save gatsby-plugin-loadable-components-ssr
This plugin also requires @loadable/component as a peer dependency:
npm install --save @loadable/component
Problem
As described in the documentation a series of steps must be followed to implement server-side rendering in your app. However, it's not trivial to apply them to a gatsby application.
Solution
This plugin implements the steps described in the link above using gatsby's APIs, so you can use it only by adding
gatsby-plugin-loadable-components-ssr in your list of gatsby plugins.
Usage
Simply add gatsby-plugin-loadable-components-ssr to the plugins array in gatsby-config.js.
1// gatsby-config.js 2 3module.exports = { 4 plugins: [ 5 'gatsby-plugin-loadable-components-ssr', 6 // OR 7 { 8 resolve: `gatsby-plugin-loadable-components-ssr`, 9 options: { 10 // Whether replaceHydrateFunction should call ReactDOM.hydrate or ReactDOM.render 11 // Defaults to ReactDOM.render on develop and ReactDOM.hydrate on build 12 useHydrate: true, 13 }, 14 } 15 ], 16}
My gatsby-browser.js already implements replaceHydrateFunction API
This plugin uses replaceHydrateFunction API. If your application also implements this API (gatsby-browser.js)
make sure you wrap your implementation with loadableReady(() => ...).
Before (from the example in here):
1// gatsby-browser.js 2 3exports.replaceHydrateFunction = () => { 4 return (element, container, callback) => { 5 ReactDOM.render(element, container, callback); 6 }; 7};
After:
1// gatsby-browser.js 2 3const loadableReady = require('@loadable/component').loadableReady; 4 5exports.replaceHydrateFunction = () => { 6 return (element, container, callback) => { 7 loadableReady(() => { 8 ReactDOM.render(element, container, callback); 9 }); 10 }; 11};
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npmpublish.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/graysonhicks/gatsby-plugin-loadable-components-ssr/npmpublish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npmpublish.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/graysonhicks/gatsby-plugin-loadable-components-ssr/npmpublish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npmpublish.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/graysonhicks/gatsby-plugin-loadable-components-ssr/npmpublish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npmpublish.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/graysonhicks/gatsby-plugin-loadable-components-ssr/npmpublish.yml/master?enable=pin
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 2 out of 2 npmCommand dependencies pinned
Reason
Found 4/21 approved changesets -- score normalized to 1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/npmpublish.yml:1
- Info: no jobLevel write permissions found
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 14 are checked with a SAST tool
Reason
54 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-c2jc-4fpr-4vhg
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-xq7p-g2vc-g82p
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-r7qp-cfhv-p84w
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-c6f8-8r25-c4gc
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-7hpj-7hhx-2fgx
- Warn: Project is vulnerable to: GHSA-44fp-w29j-9vj5
- Warn: Project is vulnerable to: GHSA-4pg4-qvpc-4q3h
- Warn: Project is vulnerable to: GHSA-g5hg-p3ph-g8qg
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
- Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
- Warn: Project is vulnerable to: GHSA-6fx8-h7jm-663j
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-54xq-cgqr-rpm3
- Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj
- Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9
- Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
- Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
- Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
- Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
2.5
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More