Gathering detailed insights and metrics for manifest-rev
Gathering detailed insights and metrics for manifest-rev
Dynamically load assets into your views, emails, etc. from your `rev-manifest.json` manifest revision file.
Installations
npm install manifest-revDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>=8.x
Releases
6
Languages
1
JavaScript
JavaScript (100%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
3 Stars
17 Commits
2 Forks
1 Watchers
1 Branches
4 Contributors
Updated on Nov 08, 2024
Maintainers
1
Package Meta Information
Latest Version
1.0.3
Package Id
manifest-rev@1.0.3
Unpacked Size
12.44 kB
Size
4.66 kB
File Count
14
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
manifest-rev
Dynamically load assets into your views, emails, etc. from your
rev-manifest.jsonmanifest revision file (e.g.<script src="{{ manifest('foo.js'); }}"></script>would return<script src="/foo-0775041dd4.js"></script>when rendered).
Table of Contents
Install
npm:
1npm install manifest-rev
yarn:
1yarn add manifest-rev
Usage
1const path = require('path'); 2 3const Koa = require('koa'); 4const manifestRev = require('manifest-rev'); 5 6const app = new Koa(); 7 8app.use((ctx, next) => { 9 ctx.state.manifest = manifestRev({ 10 manifest: path.join(__dirname, 'build', 'rev-manifest.json'), 11 prepend: '/' 12 }); 13 return next(); 14}); 15 16// ...
-
Call the
manifest(str, ?prop)helper function in your views when you need to include assets (requires a templating engine).pug:
1html 2 head 3 title Foo 4 body 5 h1 Foo 6 script(src=manifest('foo.js', 'path'))1<html> 2 <head> 3 <title>Foo</title> 4 </head> 5 <body> 6 <h1>Foo</h1> 7 <script src="<%= manifest('foo.js', 'path'); %>" integrity="<%= manifest('foo.js', 'integrity') %>"></script> 8 </body> 9</html>nunjucks (via koa-nunjucks-promise):
1<html> 2 <head> 3 <title>Foo</title> 4 </head> 5 <body> 6 <h1>Foo</h1> 7 <script src="{{ manifest('foo.js'); }}" integrity="{{ manifest('foo.js', 'integrity'); }}"></script> 8 </body> 9</html>
API
-
manifestRev(options)- accepts a requiredoptionsargument for setup. Returns middleware for use inapp.usestatement (which in turn binds toctx.statea helper function calledmanifest). Here are the properties accepts in theoptionsargument.manifest(required) - path to a validrev-manifest.jsonfile (e.g. as built by gulp-rev or gulp-rev-all)prepend(optional) - string to prepend before file paths rendered after lookup (e.g. if you type{{ manifest('foo.js'); }}in your view, and you have passedprepend: '/dist/'in your setup, then your tag would render as<script src="/dist/foo-0775041dd4.js"></script>(defaults to/)
-
manifest(str)- the helper function returned whenmanifestRevis invoked in your app. Returns the string found from a lookup in yourrev-manifest.jsonfile for thestrargument passed (e.g. if you type{{ manifest('foo.js'); }}in your view, then it returns for the value of thefoo.jsproperty as defined in yourmanifestfile, such asfoo-0775041dd4.js). If the found is not found, then the inputstrargument is returned.
Breaking changes in 2.0
manifest(str)is nowmanifest(str, prop)which now accepts a following property within yourrev-manifest.jsonfile.propis optional and defaults to the path of the rev'd file. For example if you type{{ manifest('foo.js', 'integrity'); }}in your view, then it returns for the value of thefoo.jsfileintegrityproperty as defined in yourmanifestfile, such assha256-YEWYfCFP9yc5DAF8K5AtLEyFuKZ1MNw+xQPm8g70LYY=). If the found is not found, then the inputstrargument is returned.
Contributors
| Name | Website |
|---|---|
| Nick Baugh | http://niftylettuce.com/ |
License
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/ladjs/.github/SECURITY.md:1
- Info: Found linked content: github.com/ladjs/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/ladjs/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/ladjs/.github/SECURITY.md:1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 0/13 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 8 are checked with a SAST tool
Reason
49 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-6chw-6frg-f759
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-mh2h-6j8q-x246
- Warn: Project is vulnerable to: GHSA-5q88-cjfq-g2mh
- Warn: Project is vulnerable to: GHSA-xp63-6vf5-xf3v
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-hr2v-3952-633q
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9
- Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f
- Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p
- Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
- Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
- Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
- Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-pc5p-h8pf-mvwp
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-w7rc-rwvf-8q5r
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-px4h-xg32-q955
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
2.6
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More