Identify which NPM libraries are used on a website with Bundle Scanner

Bundle Scanner identifies which npm libraries are used on any website. It downloads every Javascript file from a URL and searches through the files for code that matches one of the 35,000 most popular npm libraries. The scanning itself works in a pretty ingenious way: When a user requests to scan a website, Bundle Scanner …

Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies

While looking at a package.json from a public project from PayPal, Alex Birsan noticed that it held some references to private NPM packages used internally by PayPal. Birsan noticed some of the manifest file packages were not present on the public npm repository but were instead PayPal’s privately created npm packages, used and stored internally …

Demystifying Dependency Injection Containers

Video from Kai Sassnowski’s talk at Laracon EU 2019: The goal of this talk is to explain how dependency containers work by building our own. We start out by building the simplest DI container possible to demonstrate the underlying concept. Most people will be surprised about how little code this actually takes (3-4 effective lines …

Overriding the PHP version to use when installing Composer dependencies

If you have a (legacy) PHP project running on a legacy server (running PHP 5.4.27 for example), but are locally developing with a more modern PHP version (PHP 7.4 for example), you might end up installing dependencies that are not compatible with the PHP version on the server. To bypass this, you can tell Composer, …

Working with symlinked packages in React Native

For an RN app I’m co-developing we have several repos that work together. One of the repos acts a library for other repos to use. During development, in order to test a few things out, we sometimes need to have the local dev version of the library repo work with one of the other repos …

IoC containers beyond constructor injection

Talk by Hannes Van De Vreken, as given at the recent phpCE conference in Poland: Did you know your IoC container can do a whole lot more than just constructor injection? Besides that it is actually packed with features. Inflectors, resolving callbacks, aliasing, method invocation to name a few. In this talk you will learn …

Carthage – A simple, decentralized dependency manager for Cocoa

Whilst checking out the aforementioned IMcD23/TabView and a few other iOS/macOS libraries I could not help by notice the lack of CocoaPods and the presense of Carthage. Apparently the community is now leaning more towards the latter. Carthage is intended to be the simplest way to add frameworks to your Cocoa application. Carthage builds your …

Why I’m excited about Yarn

Today, Facebook – in collaboration with Google and others – released Yarn, a new package manager for JavaScript. Introducing Yarn: a new package manager for JavaScript from @fbOpenSource, @tildeio, @googledevs & @exponentjs. https://t.co/2LfN5OXjOv — Yarn (@yarnpkg) October 11, 2016 In comparison to npm, the Yarn website pushes these three main benefits forwards: Speed Reliability Security …

Webpack Module Tree Visualizer

Visualize and analyze your Webpack bundle to see which modules are taking up space and which might be duplicates. Generate JSON stats, and pass it into the online tool. webpack –json > stats.json You can also use the plugin locally if you want. Webpack Visualizer → Related: Disc – Browserify Module Tree Visualizer →

Disc – Browserify Module Tree Visualizer

Disc is a tool for analyzing the module tree of browserify project bundles. It’s especially handy for catching large and/or duplicate modules which might be either bloating up your bundle or slowing down the build process. Build your bundle with the –full-paths flag and then pass that to discify: browserify –full-paths index.js > bundle.js discify …