Conversation
Add npm publish file lists for bridge packages to avoid shipping __tests__ and test fixtures.
Extract proxy debug functionality from `chrome-devtools` into the core `sdk` package. This move allows for: - Standalone usage of the proxy debug logic without full DevTools dependency. - More robust unit tests for proxy runtime and storage behaviors. - Consistent proxy implementation across different debugging environments. Modified packages: - `packages/chrome-devtools`: updated to consume the new SDK-based proxy logic. - `packages/sdk`: integrated the proxy implementation and added tests. Co-Authored-By: Aime <aime@bytedance.com> Change-Id: I71a2c4a75fd0611b4a313c917d315a652f55e402
🦋 Changeset detectedLatest commit: 1e1b345 The changes in this PR will be included in the next version bump. This PR includes changesets to release 45 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
✅ Deploy Preview for module-federation-docs ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
@module-federation/devtools
@module-federation/cli
create-module-federation
@module-federation/data-prefetch
@module-federation/dts-plugin
@module-federation/enhanced
@module-federation/error-codes
@module-federation/esbuild
@module-federation/managers
@module-federation/manifest
@module-federation/metro
@module-federation/metro-plugin-rnc-cli
@module-federation/metro-plugin-rnef
@module-federation/modern-js
@module-federation/modern-js-v3
@module-federation/native-federation-tests
@module-federation/native-federation-typescript
@module-federation/nextjs-mf
@module-federation/node
@module-federation/retry-plugin
@module-federation/rsbuild-plugin
@module-federation/rspack
@module-federation/rspress-plugin
@module-federation/runtime
@module-federation/runtime-core
@module-federation/runtime-tools
@module-federation/sdk
@module-federation/storybook-addon
@module-federation/third-party-dts-extractor
@module-federation/treeshake-frontend
@module-federation/treeshake-server
@module-federation/typescript
@module-federation/utilities
@module-federation/webpack-bundler-runtime
@module-federation/bridge-react
@module-federation/bridge-react-webpack-plugin
@module-federation/bridge-shared
@module-federation/bridge-vue3
@module-federation/inject-external-runtime-core-plugin
commit: |
Contributor
Bundle Size Report16 package(s) changed, 24 unchanged. Package dist + ESM entry
Bundle targets
Consumer scenarios
Total dist (raw): 6.41 MB (+86.6 kB (+1.3%)) Bundle sizes are generated with rslib (Rspack). Package-root metrics preserve the historical report. Tracked subpath exports such as |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b6c927984a
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Comment on lines
+133
to
+135
| if (typeof value !== 'string') { | ||
| memo[key] = value; | ||
| } |
There was a problem hiding this comment.
stripLegacyOverrides currently drops every string-valued key that is not in RESERVED_RUNTIME_FIELDS, and both setOverrides and clearOverrides run through this path. That means any legitimate string runtime option stored in runtimeConfig (for example a custom mode/url-like flag carried via the [key: string]: unknown contract) is silently deleted whenever overrides are updated, which is data loss outside the proxy override scope.
Useful? React with 👍 / 👎.
## Summary - add a browser-safe IIFE build for the proxy runtime helpers and expose it as `FederationSdk` - surface the bundle through package metadata for CDN access - document the preload injection flow, internal `moduleInfo` usage, and the runtime version requirement - widen the snapshot typings to accept Vmok/Garfish `extendInfos` metadata and cover it with proxy tests ## Validation - `pnpm exec prettier --check packages/sdk/README.md \ packages/sdk/tsdown.config.ts \ packages/sdk/src/proxy/iife.ts \ packages/sdk/src/types/snapshot.ts \ packages/sdk/__tests__/proxy-storage.spec.ts \ packages/sdk/__tests__/proxy-runtime.spec.ts \ packages/sdk/package.json` - `pnpm --filter @module-federation/sdk run build` - `pnpm --filter @module-federation/sdk run test` ## Notes - the package build now emits `packages/sdk/dist/index.iife.js` - validation ran in the current workspace with Node `v22.22.0` - the repo declares Node `^20`, so pnpm printed an engine warning while the build and tests still passed Co-Authored-By: Aime <aime@bytedance.com> Change-Id: I48fb342965802a10fb9f6087d51c7978740c3aa9
…r api in node Co-Authored-By: Aime <aime@bytedance.com> Change-Id: I6ae25cc8818d50f877f6af6354ae5924d53eb576
- Freeze security options and allowedProxyOrigins arrays to prevent runtime tampering. - Block proxy override targets that are not in security.allowedProxyOrigins. - Block snapshot-loaded moduleInfo remoteEntry URLs that are not allowed. - Normalize console.warn output format for proxy debug runtime warnings. Tests: - pnpm --filter @module-federation/runtime-core test - pnpm --filter @module-federation/sdk test Co-Authored-By: Aime <aime@bytedance.com> Change-Id: Iace648928621808694b33e8cc5b44ea757b2d048
…into feat/proxy-debug-sdk
…tions.remotes Co-Authored-By: Aime <aime@bytedance.com> Change-Id: If4622ae2e647d2dce956bd0bb717826d5683dfc6
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Related Issue
Types of changes
Checklist