jscheid
commented
2 years ago Hi, thanks for putting this together. Unless I'm missing something it doesn't solve #176 however, it's ultimately a different feature--skipping SRI for certain chunks--that only happens to solve the use case for you?
Seen as a standalone feature it's one that nobody else has requested so far. It's also prone to accidental misuse, at least as implemented, since the trustworthiness of an origin may change over time.
With this in mind I'm reluctant to merge this. I assume it can serve as a temporary workaround for you without being part of an official release?
As for the actual issue at hand, support for federated modules, I had already started looking into it and I have a half-finished fix sitting here. It's difficult to find the time to finish it up especially because it's not a feature that we need ourselves at present, but let me try again in the near future to see how much work is left on it.
Christian24
Hello,
This attempts to solve #176. We are trying to adapt module federation in our application. Since we are using this plugin, we cannot.
Since our federated modules are all loaded from our servers, but updated often, we decided it is okay to skip SRI generation for these as suggested here.
I am not very familiar with the inner workings of webpack or this plugin, so please do a very detailed review. I wrote a test for it, but I don't feel exactly comfortable and I might have just broken everything, but I wanted to help to get this off the ground, so hopefully this is useful.
Thanks a lot, Christian