Rollup-plugin-node-globals is a helpful tool for developers using Rollup to bundle their Node.js code for the browser. It cleverly injects the same global variables that Browserify does, ensuring compatibility and preventing common "undefined" errors when code relies on Node.js environment globals like process or Buffer.
Version 1.0.7 introduces significant changes compared to version 1.0.6. Key dependency updates and additions mark this release. Most notably, it drops the direct dependency on rollup-plugin-inject found in 1.0.6, opting instead for a suite of more granular packages. This includes acorn for JavaScript parsing, buffer-es6 for Browserify's buffer implementation, estree-walker for working with the AST, magic-string for efficient string manipulation, and rollup-pluginutils for common Rollup plugin utilities.
These adjustments suggest a shift towards a more fine-grained control over the injection process, potentially improving performance and reducing the overall bundle size. The explicit listing of these dependencies also gives developers a clearer picture of the plugin's inner workings and potential extension points. If you're upgrading from 1.0.6, be aware that the internal architecture has changed, so custom configurations relying on the old rollup-plugin-inject method might need adjustments. The newer version provides a lower level approach, focusing on targeted replacements. The updates should lead to better tree shaking and compatibility.
The are not vulnerabilities for the version 1.0.7 of the package rollup-plugin-node-globals
