js tooling to help prevent attacks from evil dependencies.
webpack plugin for creating bundles protected by the LavaMoat kernel.
-
primary
- enforce or override some options
{ optimization: { concatenateModules: false } }
(we need this to ensure code is run as its own package)- if you cant override, then throw error if they are not set
- render javascript to run in the lavamoat kernel
- lavamoat kernel source example
- initialize kernel with options + lavamoat config example
- module sources custom webpack+workaround
- module metadata schema
- integrate a resolution hook
- allow when x requires y to resolve to z example
- or fallback to normal resolution
- work correctly with popular webpack plugins like dev server
- webpack v4
- tests, at least a couple
- enforce or override some options
-
stretch goal:
- allow external tool to load webpack config, and
- expose webpacks resolver as configured
- load module code transformed as configured (maybe this is trivial, idk)
- allow external tool to load webpack config, and