Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

There should be an option to automatically co-whitelist peer-dependencies of a whitelisted module #72

Open
florisporro opened this issue Jan 15, 2020 · 7 comments

Comments

@florisporro
Copy link

I'm building an application with Electron where all the node_modules are shipped alongside the application, rather than packed with Webpack.

One module is a private package that needs to get bundled, as it shouldn't get shipped in unpacked format. So I tried adding it to the whitelist and it beautifully gets packed into the distributable.

None of its peer-dependencies get packed though, unless I manually add them all to the whitelist.

Ideally there should be an option that enables scanning of whitelisted modules for peer-dependencies to add them to the whitelist as well.

@MagnusBrzenk
Copy link

This problem has been raised multiple times and has never been addressed as far asI can see. See e.g. here and here. Just now I wanted to include axios into the bundle for an AWS Lambda function, and I was forced to manually look up the trail of dependencies. In this case it was:

axios => follow-redirects => debug => ms

OK, it was only four single steps this time, but it could easily have branched out into a dependency tree that one would have to manually figure out. The community would greatly appreciate if inclusion of sub-dependencies could be done automatically.

@fivethreeo
Copy link

Assuming the dependency tree is proper. Also what if someone decides to add resolutions to their project? Maybe add a utility that can do that whitelisting for specific packages?

@fivethreeo
Copy link

I am a collaborator on razzle, I found out that instead of using allowlist it is better to solve this by using resolve and some logic to decide what to bundle as next.js does. This module is a bit too brittle since it tries to do it in the reverse and pre-resolve what to allow.

@liady
Copy link
Owner

liady commented Jul 31, 2020

@MagnusBrzenk @fivethreeo Thank you for your suggestions and interest. If I understand correctly - the request is that all modules in the allowlist will have their own dependencies bundled as well. Am I correct?
I will take a look on how to solve it. In any case - PRs are welcome!
Thanks again.

@uccmen
Copy link

uccmen commented Apr 5, 2021

@florisporro @MagnusBrzenk I'm running into a similar problem that you guys mentioned and I seem to be able to get it working with the config below, can you guys try it out and let me know if it helps?

externals: [
    nodeExternals(), // exclude node_modules in current path
    nodeExternals({
      modulesDir: resolve(__dirname, '../node_modules'), // exclude node_modules in root (monorepo managed by lerna)
      allowlist: [/^@whitelistedModule\/*/], // whitelist private package
      modulesFromFile: {
        fileName: /* path to whitelisted module package.json to read from */,
        includeInBundle: ['dependencies', 'peerDependencies'],
      }
    }),
  ],

@kmjennison
Copy link

I built a small helper that includes all subdependencies for any packages:
https://github.com/kmjennison/datwd

// webpack.config.js
const nodeExternals = require('webpack-node-externals')
const includeSubdependencies = require('datwd')

module.exports = {
  // ...
  externals: [
    nodeExternals({
      // Will include "cookies" and its dependencies; for example:
      // `['cookies', 'depd', 'keygrip', 'tsscmp']`
      allowlist: includeSubdependencies(['cookies'])
    })
  ]
}

Hope this helps others. Feedback welcome!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

6 participants