Skip to content

maccuaa/vite-plugin-generate-package-json

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

57 Commits

.github/workflows

.github/workflows

 
 

src

src

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

bun.lockb

bun.lockb

 
 

package.json

package.json

 
 

renovate.json

renovate.json

 
 

tsconfig.json

tsconfig.json

 
 

Repository files navigation

vite-plugin-generate-package-json

Generate a package.json and package-lock.json file with only the packages that your Vite bundle imports.

About

This plugin is useful for when you want to generate an SBOM or scan your project for vulnerable Open Source libraries but you don't want to include libraries which aren't included in your final production bundle. Many libraries miscategorize their dependencies (dependency vs devDepdency) which leads to many libraries appearing in production NPM audit reports etc even though the library isn't included in the final production build.

Installation

# npm
npm i -D vite-plugin-generate-package-json

Usage

// vite.config.ts
import { defineConfig } from "vite";
import { generatePackageJson } from "vite-plugin-generate-package-json";

export default defineConfig({
  root: "src",
  build: {
    outDir: "build",
  },
  plugins: [generatePackageJson()],
});

Configuration

There are some useful options, all of them are optional:

outputDir

Type: string Default: build

Set the output directory where the package.json and package-lock.json files will be written to.

generatePackageJson({
  outputDir: "dist",
});

License

MIT

About

Generate package.json file with packages from your Vite bundle

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages