Safeguard
Tag

webpack

Safeguard articles tagged "webpack" — guides, analysis, and best practices for software supply chain and application security.

6 articles

Open Source

babel-loader: Keeping Your Babel Toolchain Lean and Patched

The babel-loader npm package bridges webpack and Babel in millions of builds. Here's how to configure it for speed, keep the toolchain patched, and know when you no longer need it.

Sep 3, 20256 min read
Open Source

Webpack 5 Node Polyfills: node-polyfill-webpack-plugin Explained

node-polyfill-webpack-plugin restores the Node core shims webpack 5 removed. Before you install it, understand what you are re-adding to your bundle and why webpack removed it.

Jul 8, 20256 min read
Supply Chain

copy-webpack-plugin and terser-webpack-plugin: Build Pipeline Hygiene

The copy-webpack-plugin npm package and terser-webpack-plugin sit in almost every webpack build. Here's how to configure both without leaking files or shipping stale minifiers.

Apr 9, 20256 min read
Supply Chain

webpack-bundle-analyzer: Find Bloat and Risky Dependencies in Your Bundle

webpack bundle analyzer turns your build output into a zoomable treemap. Used well, it finds not just bloat but duplicated packages, surprise transitive dependencies, and code you never meant to ship.

Apr 9, 20257 min read
AppSec

Webpack vs Rollup vs esbuild: A Security Comparison

Choosing a bundler is usually about speed and features. Here is how Webpack, Rollup, and esbuild compare on the dimension that matters most for supply chain security.

Sep 28, 20236 min read
AppSec

The Security Implications of Package Bundlers

Bundlers transform your code and dependencies into production artifacts. The security implications of this transformation are significant and widely overlooked.

May 28, 20236 min read
webpack — Safeguard Blog