Gathering detailed insights and metrics for webpack
Gathering detailed insights and metrics for webpack
Gathering detailed insights and metrics for webpack
Gathering detailed insights and metrics for webpack
A bundler for javascript and friends. Packs many modules into a few bundled assets. Code Splitting allows for loading parts of the application on demand. Through "loaders", modules can be CommonJs, AMD, ES6 modules, CSS, Images, JSON, Coffeescript, LESS, ... and your custom stuff.
npm install webpack
66.4
Supply Chain
77.5
Quality
92
Maintenance
100
Vulnerability
99.6
License
Module System
Min. Node Version
Typescript Support
Node Version
NPM Version
64,825 Stars
17,563 Commits
8,856 Forks
1,459 Watching
79 Branches
838 Contributors
Updated on 28 Nov 2024
Minified
Minified + Gzipped
JavaScript (97.62%)
CSS (2.05%)
TypeScript (0.18%)
WebAssembly (0.12%)
CoffeeScript (0.01%)
Less (0.01%)
Cumulative downloads
Total Downloads
Last day
-7.7%
5,159,255
Compared to previous day
Last week
1.4%
29,699,259
Compared to previous week
Last month
11.3%
123,323,130
Compared to previous month
Last year
-2.6%
1,327,979,700
Compared to previous year
23
77
Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset.
Install with npm:
1npm install --save-dev webpack
Install with yarn:
1yarn add webpack --dev
Webpack is a bundler for modules. The main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset.
TL;DR
Check out webpack's quick Get Started guide and the other guides.
Webpack supports all browsers that are ES5-compliant (IE8 and below are not supported).
Webpack also needs Promise
for import()
and require.ensure()
. If you want to support older browsers, you will need to load a polyfill before using these expressions.
Webpack has a rich plugin interface. Most of the features within webpack itself use this plugin interface. This makes webpack very flexible.
Name | Status | Install Size | Description |
---|---|---|---|
mini-css-extract-plugin | Extracts CSS into separate files. It creates a CSS file per JS file which contains CSS. | ||
compression-webpack-plugin | Prepares compressed versions of assets to serve them with Content-Encoding | ||
html-webpack-plugin | Simplifies creation of HTML files (index.html ) to serve your bundles | ||
pug-plugin | Renders Pug files to HTML, extracts JS and CSS from sources specified directly in Pug. |
Webpack enables the use of loaders to preprocess files. This allows you to bundle any static resource way beyond JavaScript. You can easily write your own loaders using Node.js.
Loaders are activated by using loadername!
prefixes in require()
statements,
or are automatically applied via regex from your webpack configuration.
Name | Status | Install Size | Description |
---|---|---|---|
val-loader | Executes code as module and considers exports as JS code |
Name | Status | Install Size | Description |
---|---|---|---|
Loads and transpiles a CSON file |
Name | Status | Install Size | Description |
---|---|---|---|
Loads ES2015+ code and transpiles to ES5 using Babel | |||
Loads TypeScript like JavaScript | |||
Loads CoffeeScript like JavaScript |
Name | Status | Install Size | Description |
---|---|---|---|
Exports HTML as string, requires references to static resources | |||
Loads Pug templates and returns a function | |||
Compiles Pug to a function or HTML string, useful for use with Vue, React, Angular | |||
Compiles Markdown to HTML | |||
Loads and transforms a HTML file using PostHTML | |||
Compiles Handlebars to HTML |
Name | Status | Install Size | Description |
---|---|---|---|
<style> | Add exports of a module as style to DOM | ||
Loads CSS file with resolved imports and returns CSS code | |||
Loads and compiles a LESS file | |||
Loads and compiles a Sass/SCSS file | |||
Loads and compiles a Stylus file | |||
Loads and transforms a CSS/SSS file using PostCSS |
Webpack uses async I/O and has multiple caching levels. This makes webpack fast and incredibly fast on incremental compilations.
Webpack supports ES2015+, CommonJS and AMD modules out of the box. It performs clever static analysis on the AST of your code. It even has an evaluation engine to evaluate simple expressions. This allows you to support most existing libraries out of the box.
Webpack allows you to split your codebase into multiple chunks. Chunks are loaded asynchronously at runtime. This reduces the initial loading time.
Webpack can do many optimizations to reduce the output size of your JavaScript by deduplicating frequently used modules, minifying, and giving you full control of what is loaded initially and what is loaded at runtime through code splitting. It can also make your code chunks cache friendly by using hashes.
We want contributing to webpack to be fun, enjoyable, and educational for anyone, and everyone. We have a vibrant ecosystem that spans beyond this single repo. We welcome you to check out any of the repositories in our organization or webpack-contrib organization which houses all of our loaders and plugins.
Contributions go far beyond pull requests and commits. Although we love giving you the opportunity to put your stamp on webpack, we also are thrilled to receive a variety of other contributions including:
To get started have a look at our documentation on contributing.
If you are worried or don't know where to start, you can always reach out to Sean Larkin (@TheLarkInn) on Twitter or simply submit an issue and a maintainer can help give you guidance!
We have also started a series on our Medium Publication called The Contributor's Guide to webpack. We welcome you to read it and post any questions or responses if you still need help.
Looking to speak about webpack? We'd love to review your talk abstract/CFP! You can email it to webpack [at] opencollective [dot] com and we can give pointers or tips!!!
If you create a loader or plugin, we would <3 for you to open source it, and put it on npm. We follow the x-loader
, x-webpack-plugin
naming convention.
We consider webpack to be a low-level tool used not only individually but also layered beneath other awesome tools. Because of its flexibility, webpack isn't always the easiest entry-level solution, however we do believe it is the most powerful. That said, we're always looking for ways to improve and simplify the tool without compromising functionality. If you have any ideas on ways to accomplish this, we're all ears!
If you're just getting started, take a look at our new docs and concepts page. This has a high level overview that is great for beginners!!
Looking for webpack 1 docs? Please check out the old wiki, but note that this deprecated version is no longer supported.
If you want to discuss something or just need help, here is our Gitter room where there are always individuals looking to help out!
If you are still having difficulty, we would love for you to post a question to StackOverflow with the webpack tag. It is much easier to answer questions that include your webpack.config.js and relevant files! So if you can provide them, we'd be extremely grateful (and more likely to help you find the answer!)
If you are twitter savvy you can tweet #webpack with your question and someone should be able to reach out and help also.
If you have discovered a 🐜 or have a feature suggestion, feel free to create an issue on GitHub.
Tobias Koppers Core Founder of webpack |
Johannes Ewald Loaders & Plugins Early adopter of webpack |
Sean T. Larkin Public Relations Founder of the core team |
Kees Kluskens Development Sponsor |
Most of the core team members, webpack contributors and contributors in the ecosystem do this open source work in their free time. If you use webpack for a serious task, and you'd like us to invest more time on it, please donate. This project increases your income/productivity too. It makes development and applications faster and it reduces the required bandwidth.
This is how we use the donations:
Before we started using OpenCollective, donations were made anonymously. Now that we have made the switch, we would like to acknowledge these sponsors (and the ones who continue to donate using OpenCollective). If we've missed someone, please send us a PR, and we'll add you to this list.
Become a gold sponsor and get your logo on our README on GitHub with a link to your site.
Become a silver sponsor and get your logo on our README on GitHub with a link to your site.
Become a bronze sponsor and get your logo on our README on GitHub with a link to your site.
Become a backer and get your image on our README on GitHub with a link to your site.
(In chronological order)
The latest stable version of the package.
Stable Version
1
9.8/10
Summary
Cross-realm object access in Webpack 5
Affected Versions
>= 5.0.0, < 5.76.0
Patched Versions
5.76.0
1
6.4/10
Summary
Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS
Affected Versions
>= 5.0.0-alpha.0, < 5.94.0
Patched Versions
5.94.0
Reason
30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
GitHub workflow tokens follow principle of least privilege
Details
Reason
license file detected
Details
Reason
0 existing vulnerabilities detected
Reason
security policy file detected
Details
Reason
Found 6/10 approved changesets -- score normalized to 6
Reason
badge detected: InProgress
Reason
binaries present in source code
Details
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Reason
project is not fuzzed
Details
Score
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More