[feat] `script.integrity` and import map #286

loynoir · 2022-09-30T12:31:18Z

Now, there is ESM. I think there should have a concept update combine two, in flavor of each dependency manager reinvent different lock file.

  "imports": {},
  "scopes": {},
  "integrity": {} | ./lock/file/relative/path/to/import/map,

As ESM system differ from legacy system, I think, should iter into the inner most dependency, and update field integrity or file flatly.

For relative path, should be compact for both filesystem and network.
Maybe allow .integrity as a url. Maybe user can store their import map in their dotfile repo?
Maybe design .integrity as an Array<Record<string,string>>, and when importId not uniq, throw error.

Maybe split integrity outside import map ?

Like golang proxy.golang.org and sum.golang.org.

The text was updated successfully, but these errors were encountered:

jkrems · 2022-09-30T12:37:24Z

Is this the same as https://github.com/guybedford/import-maps-extensions#integrity? If so, maybe this existing issue might be interesting: #221

loynoir · 2022-09-30T13:05:05Z

Kind of duplicate.

loynoir closed this as completed Sep 30, 2022

Provide feedback