Package Health Score

98 / 100

security
No known security issues
popularity
Key ecosystem project
maintenance
Healthy
community
Active

Explore Similar Packages

Security

No known security issues

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

Version				Vulnerabilities	License Risk
4.15.2	\|	03/2024		0 C 0 H 0 M 0 L	0 H 0 M 0 L
5.0.4	\|	03/2024		0 C 0 H 0 M 0 L	0 H 0 M 0 L
4.15.1	\|	06/2023	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
3.11.3	\|	11/2021		0 C 0 H 0 M 0 L	0 H 0 M 0 L
2.11.5	\|	03/2019		0 C 1 H 0 M 0 L	0 H 0 M 0 L

License

MIT

Security Policy

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Key ecosystem project

Weekly Downloads (10,349,995)

GitHub Stars: 7.74K
Forks: 1.42K
Contributors: 270

Direct Usage Popularity

The npm package webpack-dev-server receives a total of 10,349,995 downloads a week. As such, we scored webpack-dev-server popularity level to be Key ecosystem project.

Based on project statistics from the GitHub repository for the npm package webpack-dev-server, we found that it has been starred 7,741 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Active

Readme.md: Yes
Contributing.md: Yes
Code of Conduct: Yes
Contributors: 270
Funding: Yes

A good and healthy external contribution signal for webpack-dev-server project, which invites more than one hundred open source maintainers to collaborate on the repository.

Embed Package Health Score Badge

Maintenance

Healthy

Commit Frequency

Open Issues: 23
Open PR: 23
Last Release: 1 month ago
Last Commit: 10 days ago

Further analysis of the maintenance status of webpack-dev-server based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Healthy.

We found that webpack-dev-server demonstrates a positive version release cadence with at least one new version released in the past 3 months.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: >= 18.12.0

Age: 12 years
Dependencies: 30 Direct
Versions: 219
Install Size: 530 kB
Dist-tags: 7
# of Files: 36
Maintainers: 4
TS Typings: Yes

webpack-dev-server has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Not sure how to use webpack-dev-server?

To help you get started, we've collected the most common ways that webpack-dev-server is being used within popular public projects.

jamesknelson / sitepack / packages / sitepack / src / scripts / start.js View on Github

// See https://github.com/facebookincubator/create-react-app/blob/master/packages/react-scripts/config/webpackDevServer.config.js
    setup(app) {
      app.use(errorOverlayMiddleware());
    },
  }

  let compiler
  try {
    compiler = webpack(webpackConfig);
  }
  catch (e) {
    console.error(e.message)
    process.exit(1)
  }

  const devServer = new WebpackDevServer(compiler, options);

  devServer.listen(port, (err, result) => {
    if (err) {
      return console.log(err);
    }

    console.log(chalk.cyan('Starting the development server...'));
  });
}

View more ways to use webpack-dev-server

webpack-dev-server

Use webpack with a development server that provides live reloading. This should be used for development only.

It uses webpack-dev-middleware under the hood, which provides fast in-memory access to the webpack assets.

Getting Started

First things first, install the module:

npm install webpack-dev-server --save-dev

yarn add -D webpack-dev-server

pnpm add -D webpack-dev-server

Note: While you can install and run webpack-dev-server globally, we recommend installing it locally. webpack-dev-server will always use a local installation over a global one.

Usage

There are two main, recommended methods of using the module:

With the CLI

The easiest way to use it is with the webpack CLI. In the directory where your webpack.config.js is, run:

npx webpack serve

Following options are available with webpack serve:

Usage: webpack serve|server|s [entries...] [options]

Run the webpack dev server.

Options:
  -c, --config                              Provide path to a webpack configuration file e.g. ./webpack.config.js.
  --config-name                             Name of the configuration to use.
  -m, --merge                                         Merge two or more configurations using 'webpack-merge'.
  --env                                     Environment passed to the configuration when it is a function.
  --node-env                                   Sets process.env.NODE_ENV to the specified value.
  --progress [value]                                  Print compilation progress during build.
  -j, --json [value]                                  Prints result as JSON or store it in a file.
  -d, --devtool                                Determine source maps to use.
  --no-devtool                                        Do not generate source maps.
  --entry                                   The entry point(s) of your application e.g. ./src/main.js.
  --mode                                       Defines the mode to pass to webpack.
  --name                                       Name of the configuration. Used when loading multiple configurations.
  -o, --output-path                            Output location of the file generated by webpack e.g. ./dist/.
  --stats [value]                                     It instructs webpack on how to treat the stats e.g. verbose.
  --no-stats                                          Disable stats output.
  -t, --target                              Sets the build target e.g. node.
  --no-target                                         Negative 'target' option.
  --watch-options-stdin                               Stop watching when stdin stream has ended.
  --no-watch-options-stdin                            Do not stop watching when stdin stream has ended.
  --allowed-hosts                           Allows to enumerate the hosts from which access to the dev server are allowed (useful when you are proxying dev server, by default is 'auto').
  --allowed-hosts-reset                               Clear all items provided in 'allowedHosts' configuration. Allows to enumerate the hosts from which access to the dev server are allowed (useful when you are proxying dev server, by default is 'auto').
  --bonjour                                           Allows to broadcasts dev server via ZeroConf networking on start.
  --no-bonjour                                        Disallows to broadcasts dev server via ZeroConf networking on start.
  --no-client                                         Disables client script.
  --client-logging                             Allows to set log level in the browser.
  --client-overlay                                    Enables a full-screen overlay in the browser when there are compiler errors or warnings.
  --no-client-overlay                                 Disables the full-screen overlay in the browser when there are compiler errors or warnings.
  --client-overlay-errors                             Enables a full-screen overlay in the browser when there are compiler errors.
  --no-client-overlay-errors                          Disables the full-screen overlay in the browser when there are compiler errors.
  --client-overlay-warnings                           Enables a full-screen overlay in the browser when there are compiler warnings.
  --no-client-overlay-warnings                        Disables the full-screen overlay in the browser when there are compiler warnings.
  --client-overlay-trusted-types-policy-name   The name of a Trusted Types policy for the overlay. Defaults to 'webpack-dev-server#overlay'.
  --client-progress                                   Prints compilation progress in percentage in the browser.
  --no-client-progress                                Does not print compilation progress in percentage in the browser.
  --client-reconnect [value]                          Tells dev-server the number of times it should try to reconnect the client.
  --no-client-reconnect                               Tells dev-server to not to try to reconnect the client.
  --client-web-socket-transport                Allows to set custom web socket transport to communicate with dev server.
  --client-web-socket-url                      Allows to specify URL to web socket server (useful when you're proxying dev server and client script does not always know where to connect to).
  --client-web-socket-url-hostname             Tells clients connected to devServer to use the provided hostname.
  --client-web-socket-url-pathname             Tells clients connected to devServer to use the provided path to connect.
  --client-web-socket-url-password             Tells clients connected to devServer to use the provided password to authenticate.
  --client-web-socket-url-port                 Tells clients connected to devServer to use the provided port.
  --client-web-socket-url-protocol             Tells clients connected to devServer to use the provided protocol.
  --client-web-socket-url-username             Tells clients connected to devServer to use the provided username to authenticate.
  --compress                                          Enables gzip compression for everything served.
  --no-compress                                       Disables gzip compression for everything served.
  --history-api-fallback                              Allows to proxy requests through a specified index page (by default 'index.html'), useful for Single Page Applications that utilise the HTML5 History API.
  --no-history-api-fallback                           Disallows to proxy requests through a specified index page.
  --host                                       Allows to specify a hostname to use.
  --hot [value]                                       Enables Hot Module Replacement.
  --no-hot                                            Disables Hot Module Replacement.
  --http2                                             Allows to serve over HTTP/2 using SPDY. Deprecated, use the `server` option.
  --no-http2                                          Does not serve over HTTP/2 using SPDY.
  --https                                             Allows to configure the server's listening socket for TLS (by default, dev server will be served over HTTP). Deprecated, use the `server` option.
  --no-https                                          Disallows to configure the server's listening socket for TLS (by default, dev server will be served over HTTP).
  --https-passphrase                           Passphrase for a pfx file. Deprecated, use the `server.options.passphrase` option.
  --https-request-cert                                Request for an SSL certificate. Deprecated, use the `server.options.requestCert` option.
  --no-https-request-cert                             Does not request for an SSL certificate.
  --https-ca                                Path to an SSL CA certificate or content of an SSL CA certificate. Deprecated, use the `server.options.ca` option.
  --https-ca-reset                                    Clear all items provided in 'https.ca' configuration. Path to an SSL CA certificate or content of an SSL CA certificate. Deprecated, use the `server.options.ca` option.
  --https-cacert                            Path to an SSL CA certificate or content of an SSL CA certificate. Deprecated, use the `server.options.ca` option.
  --https-cacert-reset                                Clear all items provided in 'https.cacert' configuration. Path to an SSL CA certificate or content of an SSL CA certificate. Deprecated, use the `server.options.ca` option.
  --https-cert                              Path to an SSL certificate or content of an SSL certificate. Deprecated, use the `server.options.cert` option.
  --https-cert-reset                                  Clear all items provided in 'https.cert' configuration. Path to an SSL certificate or content of an SSL certificate. Deprecated, use the `server.options.cert` option.
  --https-crl                               Path to PEM formatted CRLs (Certificate Revocation Lists) or content of PEM formatted CRLs (Certificate Revocation Lists). Deprecated, use the `server.options.crl` option.
  --https-crl-reset                                   Clear all items provided in 'https.crl' configuration. Path to PEM formatted CRLs (Certificate Revocation Lists) or content of PEM formatted CRLs (Certificate Revocation Lists). Deprecated, use the `server.options.crl` option.
  --https-key                               Path to an SSL key or content of an SSL key. Deprecated, use the `server.options.key` option.
  --https-key-reset                                   Clear all items provided in 'https.key' configuration. Path to an SSL key or content of an SSL key. Deprecated, use the `server.options.key` option.
  --https-pfx                               Path to an SSL pfx file or content of an SSL pfx file. Deprecated, use the `server.options.pfx` option.
  --https-pfx-reset                                   Clear all items provided in 'https.pfx' configuration. Path to an SSL pfx file or content of an SSL pfx file. Deprecated, use the `server.options.pfx` option.
  --ipc [value]                                       Listen to a unix socket.
  --live-reload                                       Enables reload/refresh the page(s) when file changes are detected (enabled by default).
  --no-live-reload                                    Disables reload/refresh the page(s) when file changes are detected (enabled by default).
  --magic-html                                        Tells dev-server whether to enable magic HTML routes (routes corresponding to your webpack output, for example '/main' for 'main.js').
  --no-magic-html                                     Disables magic HTML routes (routes corresponding to your webpack output, for example '/main' for 'main.js').
  --open [value...]                                   Allows to configure dev server to open the browser(s) and page(s) after server had been started (set it to true to open your default browser).
  --no-open                                           Does not open the default browser.
  --open-target                             Opens specified page in browser.
  --open-app-name                           Open specified browser.
  --open-app                                Open specified browser. Deprecated: please use '--open-app-name'.
  --open-reset                                        Clear all items provided in 'open' configuration. Allows to configure dev server to open the browser(s) and page(s) after server had been started (set it to true to open your default browser).
  --open-target-reset                                 Clear all items provided in 'open.target' configuration. Opens specified page in browser.
  --open-app-name-reset                               Clear all items provided in 'open.app.name' configuration. Open specified browser.
  --port                                       Allows to specify a port to use.
  --server-type                                Allows to set server and options (by default 'http').
  --server-options-passphrase                  Passphrase for a pfx file.
  --server-options-request-cert                       Request for an SSL certificate.
  --no-server-options-request-cert                    Does not request for an SSL certificate.
  --server-options-ca                       Path to an SSL CA certificate or content of an SSL CA certificate.
  --server-options-ca-reset                           Clear all items provided in 'server.options.ca' configuration. Path to an SSL CA certificate or content of an SSL CA certificate.
  --server-options-cacert                   Path to an SSL CA certificate or content of an SSL CA certificate. Deprecated, use the `server.options.ca` option.
  --server-options-cacert-reset                       Clear all items provided in 'server.options.cacert' configuration. Path to an SSL CA certificate or content of an SSL CA certificate. Deprecated, use the `server.options.ca` option.
  --server-options-cert                     Path to an SSL certificate or content of an SSL certificate.
  --server-options-cert-reset                         Clear all items provided in 'server.options.cert' configuration. Path to an SSL certificate or content of an SSL certificate.
  --server-options-crl                      Path to PEM formatted CRLs (Certificate Revocation Lists) or content of PEM formatted CRLs (Certificate Revocation Lists).
  --server-options-crl-reset                          Clear all items provided in 'server.options.crl' configuration. Path to PEM formatted CRLs (Certificate Revocation Lists) or content of PEM formatted CRLs (Certificate Revocation Lists).
  --server-options-key                      Path to an SSL key or content of an SSL key.
  --server-options-key-reset                          Clear all items provided in 'server.options.key' configuration. Path to an SSL key or content of an SSL key.
  --server-options-pfx                      Path to an SSL pfx file or content of an SSL pfx file.
  --server-options-pfx-reset                          Clear all items provided in 'server.options.pfx' configuration. Path to an SSL pfx file or content of an SSL pfx file.
  --static [value...]                                 Allows to configure options for serving static files from directory (by default 'public' directory).
  --no-static                                         Disallows to configure options for serving static files from directory.
  --static-directory                        Directory for static contents.
  --static-public-path                      The static files will be available in the browser under this public path.
  --static-serve-index                                Tells dev server to use serveIndex middleware when enabled.
  --no-static-serve-index                             Does not tell dev server to use serveIndex middleware.
  --static-watch                                      Watches for files in static content directory.
  --no-static-watch                                   Does not watch for files in static content directory.
  --static-reset                                      Clear all items provided in 'static' configuration. Allows to configure options for serving static files from directory (by default 'public' directory).
  --static-public-path-reset                          Clear all items provided in 'static.publicPath' configuration. The static files will be available in the browser under this public path.
  --watch-files                             Allows to configure list of globs/directories/files to watch for file changes.
  --watch-files-reset                                 Clear all items provided in 'watchFiles' configuration. Allows to configure list of globs/directories/files to watch for file changes.
  --web-socket-server                          Deprecated: please use '--web-socket-server-type' option. Allows to set web socket server and options (by default 'ws').
  --no-web-socket-server                              Disallows to set web socket server and options.
  --web-socket-server-type                     Allows to set web socket server and options (by default 'ws').

Global options:
  --color                                             Enable colors on console.
  --no-color                                          Disable colors on console.
  -v, --version                                       Output the version number of 'webpack', 'webpack-cli' and 'webpack-dev-server' and commands.
  -h, --help [verbose]                                Display help for commands and options.

To see list of all supported commands and options run 'webpack --help=verbose'.

Webpack documentation: https://webpack.js.org/.
CLI documentation: https://webpack.js.org/api/cli/.
Made with ♥ by the webpack team.

> Note > > Detailed documentation for above options is available on this link.

With NPM Scripts

NPM package.json scripts are a convenient and useful means to run locally installed binaries without having to be concerned about their full paths. Simply define a script as such:

{
  "scripts": {
    "serve": "webpack serve"
  }
}

And run the following in your terminal/console:

npm run serve

NPM will automatically refer to the the binary in node_modules for you, and execute the file or command.

With the API

While it's recommended to run webpack-dev-server via the CLI, you may also choose to start a server via the API.

With TypeScript

If you use TypeScript in the webpack config, you'll need to properly type devServer property in order to avoid TS errors (e.g. 'devServer' does not exist in type 'Configuration'). For that use either:

/// 
import type { Configuration } from "webpack";

// Your logic

Or you can import the type from webpack-dev-server, i.e.

import type { Configuration as DevServerConfiguration } from "webpack-dev-server";
import type { Configuration } from "webpack";

const devServer: DevServerConfiguration = {};
const config: Configuration = { devServer };

// module.exports
export default config;

The Result

Either method will start a server instance and begin listening for connections from localhost on port 8080.

webpack-dev-server is configured by default to support live-reload of files as you edit your assets while the server is running.

See the documentation for more use cases and options.

Browser Support

While webpack-dev-server transpiles the client (browser) scripts to an ES5 state, the project only officially supports the last two versions of major browsers. We simply don't have the resources to support every whacky browser out there.

If you find a bug with an obscure / old browser, we would actively welcome a Pull Request to resolve the bug.

Support

We do our best to keep issues in the repository focused on bugs, features, and needed modifications to the code for the module. Because of that, we ask users with general support, "how-to", or "why isn't this working" questions to try one of the other support channels that are available.

Your first-stop-shop for support for webpack-dev-server should be the excellent documentation for the module. If you see an opportunity for improvement of those docs, please head over to the webpack.js.org repo and open a pull request.

From there, we encourage users to visit the webpack Gitter chat and talk to the fine folks there. If your quest for answers comes up dry in chat, head over to StackOverflow and do a quick search or open a new question. Remember; It's always much easier to answer questions that include your webpack.config.js and relevant files!

If you're twitter-savvy you can tweet #webpack with your question and someone should be able to reach out and lend a hand.

If you have discovered a 🐛, have a feature suggestion, or would like to see a modification, please feel free to create an issue on Github. Note: The issue template isn't optional, so please be sure not to remove it, and please fill it out completely.

Contributing

We welcome your contributions! Please have a read of CONTRIBUTING.md for more information on how to get involved.

Attribution

This project is heavily inspired by peerigon/nof5.

License

MIT

FAQs

What is webpack-dev-server?

Serves a webpack app. Updates the browser on changes. Visit Snyk Advisor to see a full health score report for webpack-dev-server, including popularity, security, maintenance & community analysis.

Is webpack-dev-server popular?

The npm package webpack-dev-server receives a total of 10,349,995 weekly downloads. As such, webpack-dev-server popularity was classified as a key ecosystem project. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is webpack-dev-server well maintained?

We found that webpack-dev-server demonstrated a healthy version release cadence and project activity. It has a community of 270 open source contributors collaborating on the project. See the full package health analysis to learn more about the package maintenance status.

Is webpack-dev-server safe to use?

The npm package webpack-dev-server was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 27 April-2024, at 01:10 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP

Package Health Score

Explore Similar Packages

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Weekly Downloads (10,349,995)

Direct Usage Popularity

Embed Package Health Score Badge

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Not sure how to use webpack-dev-server?

webpack-dev-server

Table of Contents

Getting Started

Usage

With the CLI

With NPM Scripts

With the API

With TypeScript

The Result

Browser Support

Support

Contributing

Attribution

License

MIT