You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Do not compile untrusted code with webpack. It could lead to execution of malicious code on your computer, remote servers, or in the Web browsers of the end users of your application.
I would appreciate a credit if this is integrated, as I believe I discovered it (the note in the docs was added after I reported it on July 12th, 2020)
The text was updated successfully, but these errors were encountered:
Description of the LOTP tool
webpack is used for bundling javascript.
Files
Webpack will load configuration files in Javascript format of course (e.g. webpack.config.js)
What is less well known is that the webpack magic comments feature lets you execute code during compile time by adding comments to Javascript files.
Documentation
It has a note in the documentation saying
Config Files: https://webpack.js.org/configuration/
Magic Comments: https://webpack.js.org/api/module-methods/#magic-comments
Real-world example
https://gist.github.com/allanlw/9df6a260d689500c7e25cb9a56bdd54d I've verified it works on Webpack 5.91 (the current stable).
Additional notes
I would appreciate a credit if this is integrated, as I believe I discovered it (the note in the docs was added after I reported it on July 12th, 2020)
The text was updated successfully, but these errors were encountered: