Skip to content

build: 切换打包工具为rolldown并清理旧配置#290

Open
eastgold15 wants to merge 12 commits into
SylarLong:mainfrom
eastgold15:main
Open

build: 切换打包工具为rolldown并清理旧配置#290
eastgold15 wants to merge 12 commits into
SylarLong:mainfrom
eastgold15:main

Conversation

@eastgold15

Copy link
Copy Markdown

从提交 35e5125 切换打包工具为 rolldown,并清理了旧的打包配置。

🤖 Generated with Claude Code

1. 移除旧的webpack、babel、eslint、prettier相关配置文件
2. 更新tsconfig编译配置,升级TypeScript版本
3. 替换npm/yarn脚本为bun和rolldown命令
4. 更新依赖项,移除旧开发依赖并添加rolldown
5. 新增docs目录占位文件和bun锁定文件
- 添加biome配置文件使用ultracite规范
- 配置lefthook预提交自动格式化代码
- 新增.claude开发配置与编码标准文档
- 重构package.json依赖与脚本结构
- 更新bun.lockb安装新增依赖
统一修复多处数组索引访问可能为空的类型提示,为所有通过计算得到的索引添加!非空断言,消除typescript的编译警告,确保类型安全
1.  统一rolldown.config.js里的引号为双引号,调整缩进格式
2.  精简tsconfig.json的数组写法,移除不必要的配置项
3.  新增并完善biome.jsonc的lint配置与文件匹配规则
修改biome配置文件,添加关闭默认switch子句检查的配置项
1. 移除多个类中不必要的return this语句
2. 将plugins字段改为readonly并修复注释格式
3. 将!= undefined替换为更规范的!== undefined
1. 新增npm脚本type-check用于执行TS类型检查
2. 简化_array.concatStars的数组扁平化实现,改用flat()替代reduce展开
3. 在biome配置中新增关闭多项lint规则的配置
修复多处潜在的空值访问风险,通过添加!非空断言明确告知类型系统对应位置必然存在有效值,消除类型检查警告
新增vitest配置文件,添加vitest依赖,更新package.json脚本
@socket-security

socket-security Bot commented Jun 22, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Addedrolldown@​1.1.2911007899100
Addedvitest@​4.1.9981007999100
Updateddayjs@​1.11.10 ⏵ 1.11.21100100100 +188100
Updatedtypescript@​5.2.2 ⏵ 5.9.3100100909790
Updatedi18next@​23.5.1 ⏵ 23.16.8100 +110091 +196 -1100
Addedlefthook@​2.1.99210010094100
Addedultracite@​7.8.3991009896100
Added@​biomejs/​biome@​2.4.1610010010098100

View full report

@socket-security

socket-security Bot commented Jun 22, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @emnapi/runtime is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?npm/vitest@4.1.9npm/rolldown@1.1.2npm/@emnapi/runtime@1.11.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@emnapi/runtime@1.11.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

1. 新增tsconfig.build.json用于单独生成类型声明文件
2. 修改rolldown配置,打包输出umd、esm、cjs三种格式产物
3. 更新package.json脚本和字段:调整build命令,修正主入口、模块入口和类型文件路径,更新prepublishOnly脚本
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant