{"id":15433670,"url":"https://github.com/mskelton/webpack-config","last_synced_at":"2026-04-13T22:33:36.445Z","repository":{"id":48782608,"uuid":"228254589","full_name":"mskelton/webpack-config","owner":"mskelton","description":"Shared webpack config for my React projects.","archived":false,"fork":false,"pushed_at":"2023-08-03T13:09:19.000Z","size":1104,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-12-25T14:50:43.239Z","etag":null,"topics":["react","webpack","webpack-configuration"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mskelton.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-12-15T21:22:07.000Z","updated_at":"2023-02-01T02:36:43.000Z","dependencies_parsed_at":"2024-10-20T20:22:10.911Z","dependency_job_id":null,"html_url":"https://github.com/mskelton/webpack-config","commit_stats":{"total_commits":37,"total_committers":2,"mean_commits":18.5,"dds":0.2702702702702703,"last_synced_commit":"10548e6368aed3d9a35eb4929bf6fbb77c63b59f"},"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/mskelton/webpack-config","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mskelton%2Fwebpack-config","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mskelton%2Fwebpack-config/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mskelton%2Fwebpack-config/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mskelton%2Fwebpack-config/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mskelton","download_url":"https://codeload.github.com/mskelton/webpack-config/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mskelton%2Fwebpack-config/sbom","scorecard":{"id":665823,"data":{"date":"2025-08-11","repo":{"name":"github.com/mskelton/webpack-config","commit":"10548e6368aed3d9a35eb4929bf6fbb77c63b59f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.5,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:7: update your workflow using https://app.stepsecurity.io/secureworkflow/mskelton/webpack-config/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/mskelton/webpack-config/build.yml/master?enable=pin","Info:   0 out of   2 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Code-Review","score":0,"reason":"Found 0/22 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/build.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: ISC License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 10 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"19 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q","Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38","Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j","Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5","Warn: Project is vulnerable to: GHSA-3mv9-4h5g-vhg3","Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j","Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986","Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-21T17:59:45.337Z","repository_id":48782608,"created_at":"2025-08-21T17:59:45.337Z","updated_at":"2025-08-21T17:59:45.337Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31774028,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-13T20:17:16.280Z","status":"ssl_error","status_checked_at":"2026-04-13T20:17:08.216Z","response_time":93,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["react","webpack","webpack-configuration"],"created_at":"2024-10-01T18:34:57.948Z","updated_at":"2026-04-13T22:33:36.423Z","avatar_url":"https://github.com/mskelton.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# @mskelton/webpack-config\n\n[![Build status](https://github.com/mskelton/webpack-config/workflows/Build/badge.svg)](https://github.com/mskelton/webpack-config/actions)\n[![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)\n\nShared webpack config for my projects.\n\n## Installation\n\n```bash\npnpm add -D @mskelton/webpack-config\npnpm add core-js\n```\n\n## Usage\n\nThis package is not a one-size fits all solution. It's a starting point for your\nown config. As such, the `createSimpleConfig` function is used to generate much\nof the boilerplate config, which you can then merge with your own config such as\nentry points, plugins, outputs, etc.\n\n```javascript\n// webpack.config.mjs\nimport { createSimpleConfig } from \"@mskelton/webpack-config\"\nimport { fileURLToPath } from \"node:url\"\nimport { merge } from \"webpack-merge\"\n\nexport default function config(env) {\n  const baseConfig = createSimpleConfig(env, {\n    // config options...\n  })\n\n  return merge(baseConfig, {\n    entry: \"./src/index.tsx\",\n    output: {\n      path: fileURLToPath(new URL(\"./public\", import.meta.url)),\n    },\n    plugins: [new HtmlWebpackPlugin({ template: \"src/index.html\" })],\n  })\n}\n```\n\nNext, in your `package.json` file, add the following to your `scripts` section:\n\n```json\n{\n  \"build\": \"webpack\",\n  \"build:prod\": \"webpack --env prod\"\n}\n```\n\nFinally, import the `core-js` polyfills in your entry point of your application.\n\n```javascript\nimport \"core-js/stable\"\n```\n\n## Advanced Configuration\n\nThis package is built with extensibility and customization in mind. While a\nnumber of features are enabled by default, you can easily pick and choose which\nfeatures you want to use. To enable a feature, simply set the corresponding\noption to `true` in the options object. For example, to enable the CSS feature\nwhich will setup the `css-loader`, you can set the `css` option to `true`:\n\n```javascript\nconst baseConfig = createSimpleConfig({\n  css: true,\n})\n```\n\nThe full list of available features is documented in the TypeScript definitions\nfor the `createSimpleConfig` function.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmskelton%2Fwebpack-config","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmskelton%2Fwebpack-config","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmskelton%2Fwebpack-config/lists"}