webpack-node-externals icon indicating copy to clipboard operation
webpack-node-externals copied to clipboard

Published 20 hours ago verified publisher icon liady

There should be an option to automatically co-whitelist peer-dependencies of a whitelisted module

Open florisporro opened this issue 5 years ago • 7 comments

I'm building an application with Electron where all the node_modules are shipped alongside the application, rather than packed with Webpack.

One module is a private package that needs to get bundled, as it shouldn't get shipped in unpacked format. So I tried adding it to the whitelist and it beautifully gets packed into the distributable.

None of its peer-dependencies get packed though, unless I manually add them all to the whitelist.

Ideally there should be an option that enables scanning of whitelisted modules for peer-dependencies to add them to the whitelist as well.

florisporro avatar Jan 15 '20 19:01 florisporro

This problem has been raised multiple times and has never been addressed as far asI can see. See e.g. here and here. Just now I wanted to include axios into the bundle for an AWS Lambda function, and I was forced to manually look up the trail of dependencies. In this case it was:

axios => follow-redirects => debug => ms

OK, it was only four single steps this time, but it could easily have branched out into a dependency tree that one would have to manually figure out. The community would greatly appreciate if inclusion of sub-dependencies could be done automatically.

MagnusBrzenk avatar Mar 05 '20 16:03 MagnusBrzenk

Assuming the dependency tree is proper. Also what if someone decides to add resolutions to their project? Maybe add a utility that can do that whitelisting for specific packages?

fivethreeo avatar Jul 30 '20 03:07 fivethreeo

I am a collaborator on razzle, I found out that instead of using allowlist it is better to solve this by using resolve and some logic to decide what to bundle as next.js does. This module is a bit too brittle since it tries to do it in the reverse and pre-resolve what to allow.

fivethreeo avatar Jul 30 '20 22:07 fivethreeo

@MagnusBrzenk @fivethreeo Thank you for your suggestions and interest. If I understand correctly - the request is that all modules in the allowlist will have their own dependencies bundled as well. Am I correct? I will take a look on how to solve it. In any case - PRs are welcome! Thanks again.

liady avatar Jul 31 '20 18:07 liady

@liady

Better to let webpack handle the dependencies

https://github.com/jaredpalmer/razzle/pull/1370/files#diff-b95764a7288c7b8e9f3715219636a1caR299 https://github.com/jaredpalmer/razzle/pull/1370/files#diff-0039aa986c882d14539e6883d06e955d

fivethreeo avatar Jul 31 '20 22:07 fivethreeo

@florisporro @MagnusBrzenk I'm running into a similar problem that you guys mentioned and I seem to be able to get it working with the config below, can you guys try it out and let me know if it helps?

externals: [
    nodeExternals(), // exclude node_modules in current path
    nodeExternals({
      modulesDir: resolve(__dirname, '../node_modules'), // exclude node_modules in root (monorepo managed by lerna)
      allowlist: [/^@whitelistedModule\/*/], // whitelist private package
      modulesFromFile: {
        fileName: /* path to whitelisted module package.json to read from */,
        includeInBundle: ['dependencies', 'peerDependencies'],
      }
    }),
  ],

uccmen avatar Apr 05 '21 02:04 uccmen

I built a small helper that includes all subdependencies for any packages: https://github.com/kmjennison/datwd

// webpack.config.js
const nodeExternals = require('webpack-node-externals')
const includeSubdependencies = require('datwd')

module.exports = {
  // ...
  externals: [
    nodeExternals({
      // Will include "cookies" and its dependencies; for example:
      // `['cookies', 'depd', 'keygrip', 'tsscmp']`
      allowlist: includeSubdependencies(['cookies'])
    })
  ]
}

Hope this helps others. Feedback welcome!

kmjennison avatar Aug 12 '22 14:08 kmjennison