Gathering detailed insights and metrics for webpack-image-srcset-loader
Gathering detailed insights and metrics for webpack-image-srcset-loader
Installations
npm install webpack-image-srcset-loaderScore
46.6
Supply Chain
66.3
Quality
71.2
Maintenance
50
Vulnerability
97.9
License
Developer
Calvin-LL
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>= 10.13.0
Typescript Support
No
Node Version
14.18.0
NPM Version
6.14.15
Statistics
30 Stars
245 Commits
2 Forks
1 Watching
33 Branches
2 Contributors
Updated on 31 Jan 2023
Bundle Size
252.31 kB
Minified
75.32 kB
Minified + Gzipped
Languages
TypeScript (95.83%)
JavaScript (4.17%)
Total Downloads
Cumulative downloads
Total Downloads
180,912
Last day
3.4%
270
Compared to previous day
Last week
16.5%
2,332
Compared to previous week
Last month
16.4%
9,155
Compared to previous month
Last year
54.2%
73,427
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
1
Dev Dependencies
27
@calvin-l/webpack-loader-test-util@commitlint/cli@commitlint/config-conventional@types/jest@types/js-string-escape@types/node@types/sharp@types/webpack@typescript-eslint/eslint-plugin@typescript-eslint/parsercommitizeneslinteslint-plugin-import-helpersfile-loaderhuskyjestlint-stagedprettierremark-cliremark-lintremark-lint-no-dead-urlsremark-preset-lint-recommendedstandard-versionts-jesttypescriptwebpackwebpack-image-resize-loader
Versions
webpack-image-srcset-loader
This loader generates a srcset string from an image.
Examples
React example with other related loaders
Vue example with other related loaders
Install
Install with npm:
1npm install --save-dev webpack-image-srcset-loader webpack-image-resize-loader
Install with yarn:
1yarn add --dev webpack-image-srcset-loader webpack-image-resize-loader
Usage
1import jpgSrcSet from "./some_pic.jpg?srcset"; 2 3// jpgSrcSet will be "97[...]7.jpg 480w, ed[...]3.jpg 1024w, c6[...]b.jpg 1920w, b6[...]3.jpg 2560w, 57[...]e.jpg"
webpack.config.js
webpack-image-srcset-loader should be placed before all other loaders
Try webpack-sharp-loader if you want to do other processing with your image before or after resizing
1module.exports = { 2 // ... 3 module: { 4 rules: [ 5 // ... 6 { 7 test: /\.(png|jpe?g|webp|tiff?)$/i, 8 oneOf: [ 9 { 10 // if the import url looks like "some.png?srcset..." 11 resourceQuery: /srcset/, 12 use: [ 13 { 14 loader: "webpack-image-srcset-loader", 15 options: { 16 sizes: ["480w", "1024w", "1920w", "2560w", "original"], 17 }, 18 }, 19 "file-loader", 20 "webpack-image-resize-loader", 21 // add webpack-sharp-loader if you want to pre-process your image e.g. rotating, flipping 22 ], 23 }, 24 { 25 // if no previous resourceQuery match 26 use: "file-loader", 27 }, 28 ], 29 }, 30 ], 31 }, 32};
Options
Note:
Additional options in the query (that thing after ?) such as quality or format here will be passed down to webpack-image-resize-loader. See webpack-image-resize-loader's options.
For example:
1import webpSrcSet from "./some_pic.jpg?srcset&format=webp"; 2 3// webpSrcSet will be "00[...]5.webp 480w, 40[...]3.webp 1024w, 76[...]b.webp 1920w, a4[...]c.webp 2560w, b1[...]c.webp"
| Name | Type | Default | Description |
|---|---|---|---|
sizes | (string)[] | undefined | Sizes in the output srcset. |
scaleUp | boolean | false | Whether or not to scale up the image when the desired width is greater than the image width. |
resizeLoaderOptionsGenerator | function | undefined | A function that returns the option to be passed on to the next loader. |
esModule | boolean | true | Whether the export is in ES modules syntax or CommonJS modules syntax |
sizes
An array containing strings in the format "[number]w", "[number]x", or "original". The numbers cannot contain decimals.
Allowed: ["10w", "1x", "2x", "original"]
Not allowed: ["10.0w", "1.5x", "2.0x"]
When using "[number]x", the original size of the image will be used for the greatest value. For example, if an image is 10×10 in size, and sizes is ["1x", "2x"], the output image will have sizes 5×5 for "1x" and 10×10 for "2x".
scaleUp
When true, if the desired width is greater than the image width, the size will not be included in the output srcset string. For example, if the original image is 10×10 in size, and the sizes array is ["5w", "10w", "15w"], when scaleUp is true the output string is "image1.jpg 5w, image2.jpg 10w, image3.jpg 15w", when scaleUp is false the output string is "image1.jpg 5w, image2.jpg 10w".
Note: this option has no effect on "[number]x" or "original"
resizeLoaderOptionsGenerator
default
1function defaultResizeLoaderOptionsGenerator(width, scale, existingOptions) { 2 return { 3 ...existingOptions, 4 ...(existingOptions?.fileLoaderOptionsGenerator 5 ? { 6 fileLoaderOptionsGenerator: existingOptions.fileLoaderOptionsGenerator.toString(), 7 } 8 : {}), 9 // since we filtered out all the width that are too wide, 10 // nothing to worry about there, need this to make sure 11 // scales larger than 1x works 12 scaleUp: true, 13 width, 14 scale, 15 }; 16}
If you wish to use a resize loader other than webpack-image-resize-loader. You may customize how the width and scale is passed down to that loader`s options.
// width is either a number or undefined
// scale is either a number or undefined
// existingOptions is either the existing options for the next loader or undefined
(width, scale, existingOptions: object) => {
...
return { ...existingOptions };
}
For example, if sizes is ["10w", "1x", "2x", "original"], resizeLoaderOptionsGenerator will be called with
resizeLoaderOptionsGenerator(10, undefined, existingOptions)for10wresizeLoaderOptionsGenerator(undefined, 1, existingOptions)for1xresizeLoaderOptionsGenerator(undefined, 2, existingOptions)for2xresizeLoaderOptionsGenerator(undefined, undefined, existingOptions)for"original"
esModule
Whether the export is in ES modules syntax or CommonJS modules syntax. If you don't know what it is or whether or not you need it, leave is as default.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 4
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/Calvin-LL/webpack-image-srcset-loader/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/Calvin-LL/webpack-image-srcset-loader/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/Calvin-LL/webpack-image-srcset-loader/main.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/Calvin-LL/webpack-image-srcset-loader/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/Calvin-LL/webpack-image-srcset-loader/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/Calvin-LL/webpack-image-srcset-loader/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/Calvin-LL/webpack-image-srcset-loader/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/Calvin-LL/webpack-image-srcset-loader/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/Calvin-LL/webpack-image-srcset-loader/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/Calvin-LL/webpack-image-srcset-loader/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/Calvin-LL/webpack-image-srcset-loader/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/Calvin-LL/webpack-image-srcset-loader/release.yml/main?enable=pin
- Info: 0 out of 10 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 3 out of 3 npmCommand dependencies pinned
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 0/4 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/main.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 26 are checked with a SAST tool
Reason
71 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
- Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
- Warn: Project is vulnerable to: GHSA-gp95-ppv5-3jc5
- Warn: Project is vulnerable to: GHSA-54xq-cgqr-rpm3
- Warn: Project is vulnerable to: GHSA-wpg7-2c88-r8xv
- Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-whgm-jr23-g3j9
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-6h5x-7c5m-7cr7
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
- Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
- Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
- Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
- Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
- Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
- Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
- Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-rqff-837h-mm52
- Warn: Project is vulnerable to: GHSA-8v38-pw62-9cw2
- Warn: Project is vulnerable to: GHSA-hgjh-723h-mx2j
- Warn: Project is vulnerable to: GHSA-jf5r-8hm2-f872
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Score
2.8
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More