{"id":21344461,"url":"https://github.com/s00d/smoshit-webpack-plugin","last_synced_at":"2026-05-19T01:32:12.981Z","repository":{"id":57364300,"uuid":"310296453","full_name":"s00d/smoshit-webpack-plugin","owner":"s00d","description":"This is a simple plugin that uses smosh to compress all images in your project.","archived":false,"fork":false,"pushed_at":"2020-12-02T09:07:52.000Z","size":69,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-09-18T21:49:44.488Z","etag":null,"topics":["compression","image","plugin","smosh","webpack"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/s00d.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-11-05T12:47:03.000Z","updated_at":"2020-12-02T09:07:54.000Z","dependencies_parsed_at":"2022-09-13T21:00:50.427Z","dependency_job_id":null,"html_url":"https://github.com/s00d/smoshit-webpack-plugin","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/s00d/smoshit-webpack-plugin","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/s00d%2Fsmoshit-webpack-plugin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/s00d%2Fsmoshit-webpack-plugin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/s00d%2Fsmoshit-webpack-plugin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/s00d%2Fsmoshit-webpack-plugin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/s00d","download_url":"https://codeload.github.com/s00d/smoshit-webpack-plugin/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/s00d%2Fsmoshit-webpack-plugin/sbom","scorecard":{"id":793690,"data":{"date":"2025-08-11","repo":{"name":"github.com/s00d/smoshit-webpack-plugin","commit":"9f0284e05338e3391489cb01b392ef2334a0aa4d"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.7,"checks":[{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":0,"reason":"Found 0/5 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: MIT License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":0,"reason":"24 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx","Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c","Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq","Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97","Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj","Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37","Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h","Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v","Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T08:19:11.702Z","repository_id":57364300,"created_at":"2025-08-23T08:19:11.702Z","updated_at":"2025-08-23T08:19:11.702Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33197558,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-18T09:27:30.708Z","status":"ssl_error","status_checked_at":"2026-05-18T09:27:28.300Z","response_time":71,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["compression","image","plugin","smosh","webpack"],"created_at":"2024-11-22T01:19:10.350Z","updated_at":"2026-05-19T01:32:12.961Z","avatar_url":"https://github.com/s00d.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SmoshIt plugin for Webpack\n\n[![npm](https://img.shields.io/npm/v/smoshit-webpack-plugin.svg)](https://www.npmjs.com/package/smoshit-webpack-plugin)\n[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)\n\nThis is a simple plugin that uses [smosh](https://github.com/heldr/smosh) to compress all images in your project.\n\n## Install\n\n`npm install smoshit-webpack-plugin`\n\nRequires node \u003e=4.0.0\n\n## Example Usage\n\n```js\nvar SmoshItPlugin = require('smoshit-webpack-plugin').default\n// Or if using ES2015:\n// import SmoshItPlugin from 'smoshit-webpack-plugin'\n\nmodule.exports = {\n  plugins: [\n    // Make sure that the plugin is after any plugins that add images\n    new SmoshItPlugin({\n      disable: process.env.NODE_ENV !== 'production', // Disable during development\n    })\n  ]\n}\n```\n\nWorking with [copy-webpack-plugin](https://github.com/kevlened/copy-webpack-plugin):\n\n```js\nmodule.exports = {\n  plugins: [\n    // Copy the images folder and optimize all the images\n    new CopyWebpackPlugin([{\n      from: 'images/'\n    }]),\n    new SmoshItPlugin({ test: /\\.(jpe?g|png|gif|svg)$/i })\n  ]\n}\n```\n\n*Note the order of the plugins matters. `SmoshItPlugin` must be placed after `CopyWebpackPlugin` (or any other plugins that deal with images) in `plugins` array.*\n\n## API\n\n### new SmoshItPlugin(options)\n\n#### options.disable\n\n**type**: `Boolean`\n**default**: `false`\n\nWhen set to `true` it will disable the plugin entirely. This is useful for disabling the plugin during development, and only enabling it during production\n\n#### options.test\n\n**type**: `RegExp` or `String` or `Array`\n**default**: `/.*/`\n\nThis plugin will only run on files that match this test. This is similar to the webpack loader `test` option (but is not using the same implementation, so there might be major differences!). This can either be a RegExp object, a [minimatch glob](https://github.com/isaacs/minimatch), a function which gets the filename and returns `true` if the file should be minified, or an array of any of them.\n\nThis can allow you to only run the plugin on specific files, or even include the plugin multiple times for different sets of images and apply different imagemin settings to each.\n\nThis will overwrite everything, including the `externalImages` option!\n\nExample:\n\n```js\nimport SmoshItPlugin from 'smoshit-webpack-plugin'\n\nmodule.exports = {\n  plugins: [\n    // Use the default settings for everything in /images/*\n    new SmoshItPlugin({ test: 'images/**' }),\n    // bump up the optimization level for all the files in my `bigpngs` directory\n    new SmoshItPlugin({\n      test: 'bigpngs/**',\n    })\n  ]\n}\n```\n\n\n#### options.externalImages\n\n**type**: `Object`\n**default**: `{ context: '.', sources: [], destination: null, fileName: null }`\n\nInclude any external images (those not included in webpack's compilation assets) that you want to be parsed by SmoshIt.\nIf a destination value is not supplied the files are optimized in place. You can optionally set either of these to a function which will be invoked at the last possible second before optimization to grab files that might not exist at the time of writing the config (see #37 for more info).\n\nThe paths will work based on the webpack's (and this plugin's) `context` option, so in the following example, the files will be read from `./src/images/**/*.png` and will be written to `.src/public/images/**/*.png` Context only applies to the `sources` array.\n\nExample:\n\n```js\nimport SmoshItPlugin from 'smoshit-webpack-plugin'\nimport glob from 'glob'\n\nmodule.exports = {\n  plugins: [\n    new SmoshItPlugin({\n      externalImages: {\n        context: 'src', // Important! This tells the plugin where to \"base\" the paths at\n        sources: glob.sync('src/images/**/*.png'),\n        destination: 'src/public/images',\n        fileName: '[path][name].[ext]' // (filePath) =\u003e filePath.replace('jpg', 'webp') is also possible\n      }\n    })\n  ]\n}\n```\n\n#### options.minFileSize\n\n**type**: `Integer`\n**default**: `0`\n\nOnly apply to images that are **larger** than this value *in bytes*.\n\n#### options.maxFileSize\n\n**type**: `Integer`\n**default**: `Infinity`\n\nOnly apply to images that are **smaller than or equal-to** this value *in bytes*.\n\nThis and `minFileSize` together can be used to include WebpackSmoshItPlugin multiple times with multiple configs on different file sizes.\n\nExample:\n\n```js\nimport SmoshItPlugin from 'smoshit-webpack-plugin'\nimport glob from 'glob'\n\nmodule.exports = {\n  plugins: [\n    new SmoshItPlugin({\n      maxFileSize: 10000, // Only apply this one to files equal to or under 10kb\n    }),\n    new SmoshItPlugin({\n      minFileSize: 10000, // Only apply this one to files over 10kb\n    })\n  ]\n}\n```\n\n#### options.cacheFolder\n\n**type**: `String`\n**default**: `''`\n\nCache already minified images into a `cacheFolder`. On next run plugin will\ncheck for the cached images first. If cached image exists it will simply use that one.\nOtherwise image will be optimised and written to the `cacheFolder` for later builds.\n\n**Note**: This is a very simple cache implementation, it WILL NOT intelligently clear the\ncache if you update the options in this plugin. There also might be significantly more files in the cache than you have images, this is normal, and a side-effect of how I'm deferring to `smoshit` to determine if a file is an image or not. It can be prevented by setting a good `test` regex.\n\nExample:\n\n```js\nimport resolve from 'path'\nimport SmoshItPlugin from 'smoshit-webpack-plugin'\n\nmodule.exports = {\n  plugins: [\n    new SmoshItPlugin({\n      cacheFolder: resolve('./cache'), // use existing folder called cache in the current dir\n    })\n  ]\n}\n```\n\n#### options.onlyUseIfSmaller\n\n**type**: `Boolean`\n**default**: `false`\n\nIf set to `true`, this plugin will use the original image if the optimization process makes it larger.\n\n**`true` used to be the default behavior in version 2 of this plugin!**\n\n## License\n\n[MIT](LICENSE.md) Copyright (c) [Kuzmin Pavel](https://github.com/s00d)\n\n\n\n*   Big thanks to [`imagemin-webpack-loader`](https://github.com/Klathmon/imagemin-webpack-plugin) to learn how to write the plugin.\n*   Big thanks to [`gulp-smushit`](https://github.com/heldr/gulp-smushit) to learn how to write the plugin.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fs00d%2Fsmoshit-webpack-plugin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fs00d%2Fsmoshit-webpack-plugin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fs00d%2Fsmoshit-webpack-plugin/lists"}