New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@condenast/bundlesize

Package Overview
Dependencies
Maintainers
233
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@condenast/bundlesize

Keep your library size in check

latest
Source
npmnpm
Version
0.18.1
Version published
Weekly downloads
151
43.81%
Maintainers
233
Weekly downloads
 
Created
Source



Keep your bundle size in check

 

Build Status NPM Version NPM Downloads  

minimal setup

npm install bundlesize --save-dev

 

usage

Add it to your scripts in package.json

"scripts": {
  "test": "bundlesize"
}

 

Or you can use npx with NPM 5.2+.

npx bundlesize

configuration

 

1) Add the path and maxSize in your package.json.

By default the gzipped size is tested. You can use the compression option to change this. (gzip, brotli, or none).

{
  "name": "your cool library",
  "version": "1.1.2",
  "bundlesize": [
    {
      "path": "./dist.js",
      "maxSize": "3 kB"
    }
  ]
}

bundlesize also supports glob patterns

Example:

"bundlesize": [
  {
    "path": "./dist/vendor-*.js",
    "maxSize": "3 kB"
  },
  {
    "path": "./dist/chunk-*.js",
    "maxSize": "3 kB"
  }
]

This makes it great for using with applications that are bundled with another tool. It will match multiple files if necessary and create a new row for each file.

 

2) build status

build status

Currently works for Travis CI, CircleCI, Wercker, and Drone.

  • Authorize bundlesize for status access, copy the token provided.
  • Add this token as BUNDLESIZE_GITHUB_TOKEN as environment parameter in your CIs project settings.

(Ask me for help if you're stuck)

 

CLI

example usage:

bundlesize -f "dist/*.js" -s 20kB

For more granular configuration, we recommend configuring it in the package.json (documented above).

 

like it?

:star: this repo

 

how to contribute?

 

Featured on Totally tooling tips and Chrome Dev Summit!!

 

who uses bundlesize?

 

TODO

  • Work with other CI tools
  • Automate setup (setting env_var)

 

similar projects

Contributors

This project exists thanks to all the people who contribute. [Contribute].

license

MIT © siddharthkp

Keywords

library
size
check
build
maxSize

FAQs

Package last updated on 12 Feb 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise

Security News

Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise

Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.

By Sarah Gooding  -  Apr 02, 2026