Determine Whether a JavaScript Library Is Locker-Compliant

Use this guide to determine if a third-party JavaScript library is compatible with Lightning Locker.

This guide applies when an org is using Lightning Locker. If an org has enabled Lightning Web Security (LWS), most third-party JavaScript libraries work as expected without changes. However, libraries that set "use strict" explicitly require changes to work with LWS. See Third-Party Library Considerations for LWS.

Any library used by your component must meet the same Lightning Locker requirements as your component.

To determine if a third-party library is compliant with Lightning Locker, we recommend these steps.

  1. Create a small sample app that uses the library.

  2. Verify that the library loads without error and that you can call basic functionality.

  3. Use Locker Console with Locker enabled.

  4. Check for these common violations:

    Declaring a variable that becomes global

    Strict mode disallows variables from becoming global variables. To avoid violating this rule, in the library, explicitly attach a library global to window.

    CSP violations

    Scan code for any usages of eval(), new Function(), or <script> tags.

    DOM access violations

    Libraries are blocked if they attempt to do broad scans of the DOM instead of manipulating only the elements passed to their APIs. If the library manipulates the DOM, you can add the lwc:dom="manual" directive to a native HTML element to allow it, as described in Use Third-Party JavaScript Libraries.

    Use of non-standard or unsupported DOM APIs

    See the APIs marked Supported and Not Supported in the Locker API Viewer.

If the library isn’t compliant, ask the library maintainers to update the code to comply with Lightning Locker, or, if the project is open-source, contribute the changes yourself. Another option is to fork the repository, make the changes, and build your own version of the library.