{"id":27549,"library":"webpack-subresource-integrity-embroider","title":"webpack-subresource-integrity-embroider","description":"Webpack plugin providing Subresource Integrity (SRI) support for Ember applications built with Embroider. At version 0.2.4, this package addresses limitations of both ember-cli-sri (which does not support Embroider) and the generic webpack-subresource-integrity plugin (which cannot handle non-webpack-managed assets and the Embroider-generated index.html). It injects integrity attributes into link and script elements while handling edge cases like empty rootURL/publicPath, inline scripts, and external resources. Release cadence is sporadic with bug fixes and enhancements. Key differentiator: native Embroider integration without requiring additional addons.","status":"active","version":"0.2.4","language":"javascript","source_language":"en","source_url":"ssh://git@github.com/jelhan/webpack-subresource-integrity-embroider","tags":["javascript"],"install":[{"cmd":"npm install webpack-subresource-integrity-embroider","lang":"bash","label":"npm"},{"cmd":"yarn add webpack-subresource-integrity-embroider","lang":"bash","label":"yarn"},{"cmd":"pnpm add webpack-subresource-integrity-embroider","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Peer dependency; plugin integrates with Webpack's compilation hooks.","package":"webpack","optional":false}],"imports":[{"note":"Package does not ship ESM; use CommonJS require. Type definitions only exist via @types/webpack.","wrong":"import SubresourceIntegrityPlugin from 'webpack-subresource-integrity-embroider';","symbol":"SubresourceIntegrityPlugin","correct":"const SubresourceIntegrityPlugin = require('webpack-subresource-integrity-embroider');"},{"note":"The default export is the plugin class itself; both patterns work but the second is more common. The package does not export named exports.","wrong":"const SubresourceIntegrityPlugin = require('webpack-subresource-integrity-embroider');","symbol":"default","correct":"const SubresourceIntegrityPlugin = require('webpack-subresource-integrity-embroider').default;"},{"note":"Package does not export TypeScript types. Options should be typed manually if using TypeScript.","wrong":"import { PluginOptions } from 'webpack-subresource-integrity-embroider';","symbol":"PluginOptions","correct":"No TypeScript types exported; use inline type or ignore."}],"quickstart":{"code":"const EmberApp = require('ember-cli/lib/broccoli/ember-app');\nconst SubresourceIntegrityPlugin = require('webpack-subresource-integrity-embroider');\n\nmodule.exports = function (defaults) {\n  const app = new EmberApp(defaults, {});\n  const { maybeEmbroider } = require('@embroider/test-setup');\n  return maybeEmbroider(app, {\n    packagerOptions: {\n      webpackConfig: {\n        plugins: [new SubresourceIntegrityPlugin()],\n      },\n    },\n  });\n};","lang":"javascript","description":"Adds the webpack-subresource-integrity-embroider plugin to an Embroider-based Ember app's webpack config in ember-cli-build.js."},"warnings":[{"fix":"Use ember-cli-sri instead for classic Ember builds.","message":"Package is not compatible with Ember apps not using Embroider; will not add integrity attributes.","severity":"breaking","affected_versions":">=0.0.0"},{"fix":"Either provide integrity hashes for all external resources or disable the check by setting `hashExternal: false` in plugin options (if supported). Check documentation for options.","message":"External resources (e.g., CDN scripts) without integrity hashes cause build errors since v0.2.0.","severity":"gotcha","affected_versions":">=0.2.0"},{"fix":"Use `const SubresourceIntegrityPlugin = require('webpack-subresource-integrity-embroider');`","message":"Using `require('webpack-subresource-integrity-embroider')` returns the constructor directly; no `.default` needed.","severity":"deprecated","affected_versions":">=0.1.0"},{"fix":"Upgrade to >=0.2.4.","message":"Empty rootURL or publicPath caused issues in versions below 0.2.4; assets might not get integrity attributes.","severity":"gotcha","affected_versions":"<0.2.4"},{"fix":"Upgrade to >=0.2.2 or avoid inline scripts.","message":"Inline scripts are not supported before v0.2.2; plugin would fail.","severity":"gotcha","affected_versions":"<0.2.2"}],"env_vars":null,"last_verified":"2026-04-25T00:00:00.000Z","next_check":"2026-07-24T00:00:00.000Z","problems":[{"fix":"Run `npm install webpack-subresource-integrity-embroider --save-dev` and ensure require path matches.","cause":"Package not installed or incorrect require path.","error":"Cannot find module 'webpack-subresource-integrity-embroider'"},{"fix":"Upgrade to >=0.1.2.","cause":"Bug in versions <0.1.2 causing invalid base64 encoding.","error":"Error: Invalid encoding of hash in integrity value"},{"fix":"Ensure webpack is installed as a peer dependency and the plugin is added to webpack config correctly.","cause":"Plugin expects webpack compiler; incorrect usage or missing webpack dependency.","error":"TypeError: Cannot read property 'tapAsync' of undefined"},{"fix":"Add integrity attribute to the resource or set `hashExternal: false` in plugin options (if available).","cause":"Plugin enforces integrity hashes for external resources since v0.2.0.","error":"Build error: External resource https://example.com/script.js does not have integrity hash"}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}