ClawHub

Vite

Configure and optimize Vite for development, production builds, and library bundling.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
2 · 1.3k · 15 current installs · 19 all-time installs
byIván@ivangdavila
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Vite configuration and optimization) align with the content in SKILL.md. The only required binary is node, which is appropriate for Vite guidance.
Instruction Scope
SKILL.md is a set of configuration and troubleshooting notes for Vite; it does not instruct the agent to read unrelated files, exfiltrate data, or contact external endpoints. It references .env usage as guidance but does not request secrets or direct their transmission.
Install Mechanism
No install spec and no code files — instruction-only skill, so nothing is downloaded or written to disk by an installer.
Credentials
The skill declares no required environment variables or credentials. Mentions of VITE_ env vars are explanatory and consistent with Vite behavior; there is no request for unrelated secrets or credentials.
Persistence & Privilege
always is false and there are no config paths or install steps that modify agent/system state. The skill does not request elevated or persistent privileges.
Assessment
This skill is a set of Vite configuration tips and is internally consistent with its stated purpose. Risk is low because it's instruction-only and only requires node. Before installing/use: (1) confirm you trust the skill source (source/homepage unknown), (2) avoid giving the agent access to sensitive environment variables or your workspace if you don't want local .env files read, and (3) remember this is guidance — it won't install tools or run commands by itself, but an agent with broader execution rights could act on these instructions. If you need automated changes to your repo, prefer a skill that provides a verifiable install/source repository.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk975tfbxdh7nfenjb3xdvax1es811kjz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Clawdis
OSLinux · macOS · Windows
Binsnode

SKILL.md

Vite Patterns

Environment Variables

  • Only VITE_ prefixed vars are exposed to client code — DB_PASSWORD stays server-side, VITE_API_URL is bundled
  • Access via import.meta.env.VITE_* not process.env — process.env is Node-only and undefined in browser
  • .env.local overrides .env and is gitignored by default — use for local secrets
  • import.meta.env.MODE is development or production — use for conditional logic, not NODE_ENV

CommonJS Compatibility

  • Pure ESM by default — CommonJS packages need optimizeDeps.include for pre-bundling
  • require() doesn't work in Vite — use import or createRequire from module for dynamic requires
  • Some packages ship broken ESM — add to ssr.noExternal or optimizeDeps.exclude and let Vite transform them
  • Named exports from CommonJS may fail — use default import and destructure: import pkg from 'pkg'; const { method } = pkg

Dependency Pre-bundling

  • Vite pre-bundles dependencies on first run — delete node_modules/.vite to force rebuild after package changes
  • Large dependencies slow down dev server start — add rarely-changing ones to optimizeDeps.include for persistent cache
  • Linked local packages (npm link) aren't pre-bundled — add to optimizeDeps.include explicitly
  • optimizeDeps.force: true rebuilds every time — only for debugging, kills dev performance

Path Aliases

  • Configure in both vite.config.ts AND tsconfig.json — Vite uses its own, TypeScript uses tsconfig
  • Use path.resolve(__dirname, './src') not relative paths — relative breaks depending on working directory
  • @/ alias is not built-in — must configure manually unlike some frameworks
// vite.config.ts
resolve: {
  alias: { '@': path.resolve(__dirname, './src') }
}

Dev Server Proxy

  • Proxy only works in dev — production needs actual CORS config or reverse proxy
  • changeOrigin: true rewrites Host header — required for most APIs that check origin
  • WebSocket proxy needs explicit ws: true — HTTP proxy doesn't forward WS by default
  • Trailing slashes matter: /api proxies /api/users, /api/ only proxies /api//users
server: {
  proxy: {
    '/api': {
      target: 'http://localhost:3000',
      changeOrigin: true,
      rewrite: path => path.replace(/^\/api/, '')
    }
  }
}

Static Assets

  • public/ files served at root, not processed — use for favicons, robots.txt, files that need exact paths
  • src/assets/ files are processed, hashed, can be imported — use for images, fonts referenced in code
  • Import assets to get resolved URL: import logo from './logo.png' — hardcoded paths break after build
  • new URL('./img.png', import.meta.url) for dynamic paths — template literals with variables don't work

Build Optimization

  • build.rollupOptions.output.manualChunks for code splitting — without it, one giant bundle
  • Analyze bundle with rollup-plugin-visualizer — find unexpected large dependencies
  • build.target defaults to modern browsers — set 'es2015' for legacy support, but increases bundle size
  • build.cssCodeSplit: true (default) — each async chunk gets its own CSS file

Library Mode

  • build.lib for npm packages — different config from app mode
  • Set external for peer dependencies — don't bundle React/Vue into your library
  • Generate types separately with tsc — Vite doesn't emit .d.ts files
  • Both ESM and CJS outputs: formats: ['es', 'cjs'] — some consumers still need require()

HMR Issues

  • Circular imports break HMR — refactor to break the cycle or full reload triggers
  • State lost on HMR means component isn't accepting updates — check for import.meta.hot.accept()
  • CSS changes trigger full reload if imported in JS that doesn't accept HMR — import CSS in components that do
  • server.hmr.overlay: false hides error overlay — useful for custom error handling but hides issues

SSR Configuration

  • ssr.external for Node-only packages — prevents bundling node_modules in SSR build
  • ssr.noExternal forces bundling — needed for packages with browser-specific imports
  • CSS imports fail in SSR by default — use ?inline suffix or configure css.postcss for SSR

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…