Comments (6)
Hi there,
What the warning message is trying to tell you is that this plugin is of little use in development mode and you should therefore disable it in that mode.
One way to do so is by passing this option: enabled: process.env.NODE_ENV === 'production'
. See also the usage example in the README.
Doing this should make the warning go away.
Obviously, the warning message doesn't make this clear enough so I'm planning to improve on it.
If you already have disabled this plugin in development mode, and you're still seeing the warning, I'd like to understand why. webpack-dev-server is not usually a package used in production so you'd have to explain a bit more about your setup, perhaps post your webpack configuration so that we can have a look at it together.
from webpack-subresource-integrity.
@jscheid, thank you for quick response! The problem is that I use webpack-dev-server with process.env.NODE_ENV === 'production'
and HMR in such a case is disabled. It is not used for real prod actually. The reason for that strange thing is that my development and production builds are slightly different (for example, minification of JS-code is enabled only for production). So I run dev server locally to check the production build. And I get the mentioned message for that pseudo-production environment.
from webpack-subresource-integrity.
The problem is that I use webpack-dev-server with
process.env.NODE_ENV === 'production'
and HMR in such a case is disabled.
Could you elaborate on this point, how do you disable HMR or how do you know that it is disabled?
from webpack-subresource-integrity.
how do you disable HMR
Actually I don't enable it for the mentioned build.
how do you know that it is disabled
If HMR is enabled webpack logs this into console on first load: "[WDS] Hot Module Replacement enabled". If it is not enabled it doesn't write something like this.
And if I need to enable it I use --hot
key when call webpack 2 from command line (this works nice, I've checked): webpack-dev-server --hot
. If I don't want HMR I just not use that key.
from webpack-subresource-integrity.
Ok, I've had a closer look at this and I believe the problem is that the warning is confusingly worded.
Firstly, it should talk about "hot reloading" instead of "HMR", because even without hot module reloading enabled, webpack-dev-server will still do hot reloading (watch the filesystem and reload the page when it changed.)
Secondly, instead of saying "resources will be unprotected" it should say "may interfere with hot reloading". For example, try this in inline mode without hot
enabled: https://github.com/jscheid/wsi-import-46 (i.e. go to http://localhost:8080/ instead of http://localhost:8080/webpack-dev-server/) and make a change to index.js
. The change won't be reloaded by the browser, instead an error is thrown because the integrity hash doesn't match anymore.
To summarize, webpack-subresource-integrity interferes with hot reloading, not just hot module reloading, and as such is incompatible with webpack-dev-server regardless of the hot
flag setting.
In your specific case I'm not sure what the best solution is. Are you actually using webpack-dev-server's hot reloading in this case? Would lazy mode work perhaps? https://webpack.github.io/docs/webpack-dev-middleware.html#lazy
from webpack-subresource-integrity.
You are right. I think you should change that message to be more informative. Now I see that webpack hot reload doesn't work with subresource integrity and it is correct behavior. BTW in my case I don't change code when run prod build on dev server.
from webpack-subresource-integrity.
Related Issues (20)
- Subresource Integrity support for Module Federation plugin chunks HOT 14
- Interoperability with 'mini-css-extract-plugin' HOT 1
- Interoperability with resource hints HOT 3
- Upgraded from 1 -> 5 and now integrity value is not available in custom webpack plugin HOT 4
- Chunk with id `0` missing from `sriHashes` HOT 7
- Firefox integrity hash + csp issue HOT 6
- TypeError: Class extends value undefined is not a constructor or null HOT 6
- Empty cssIntegrity/jsIntegrity when setting realContentHash to true HOT 2
- ignore error in ModuleFederationPlugin HOT 1
- 处理ModuleFederation问题 HOT 1
- Feature request: supporting additional file types beyond CSS and JS HOT 2
- Build Fails With HtmlWebpackPlugin HOT 1
- TypeError: Class extends value undefined is not a constructor or null HOT 1
- use mini-css-extract-plugin,js css create same chunkId
- Can this be used in nextjs
- Build fails when resource name contains percent encoded character
- [Question] From non-web developer about bundle's SRI
- Missing hashes when using cache groups
- What is the proper set up with a childcompiler usecase HOT 1
- Unresolved integrity placeholders HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from webpack-subresource-integrity.