The React ecosystem has evolved dramatically in 2024-2025, with micro-frontend adoption reaching 85%+ among enterprise organizations. And, Module Federation becomes the de facto standard for scalable React architectures. As React 19 introduces groundbreaking features like React Compiler and enhanced concurrent rendering, teams are leveraging Module Federation to achieve unprecedented architectural flexibility while maintaining cutting-edge performance.
However, there's a critical challenge that many organizations still face: traditional bundling approaches create deployment bottlenecks and coordination nightmares, even with modern tooling.
Monolithic Deployments Before Module Federation
Consider this real-world scenario: Your React 19 application has grown to 200+ components across 8 different teams. A critical security patch in the authentication module requires redeploying the entire application, blocking releases from the dashboard, analytics, user management, and payment processing teams.
Despite having isolated feature teams and modern CI/CD pipelines, your application experiences deployment conflicts and coordination overhead that costs thousands of developer hours monthly.
This isn't hypothetical. Modern React applications face unprecedented scaling challenges:
- Team coordination: Multiple teams working on the same codebase with different React patterns.
- Deployment bottlenecks: Single deployment pipeline blocking all teams despite modern DevOps practices.
- Technology diversity: Different teams preferring React 19 features, different state management solutions, and varying architectural patterns.
- Independent scaling: Features requiring different deployment frequencies and performance characteristics.
- AI-assisted development: Teams leveraging AI tools like GitHub Copilot and ChatGPT for faster development cycles.
Module Federation addresses this gap as a Webpack 5-native solution that provides runtime code sharing while maintaining seamless React 19 integration and supporting modern development workflows.
What Is Module Federation in React?
Module Federation is a Webpack 5 feature designed from the ground up for modern micro-frontend architectures. Unlike traditional bundling approaches, Module Federation enables runtime code sharing across independently deployed applications, eliminating the maintenance burden of coordinating monolithic deployments.
Key Features:
- Runtime Sharing: Share components, hooks, and services across applications without rebuilding or redeploying everything. Module Federation enables dynamic imports from remote applications:
// Host application consuming remote components
import RemoteHeader from "remoteApp/Header";
import RemoteDashboard from "remoteApp/Dashboard";
function App() {
return (
<div>
<RemoteHeader />
<RemoteDashboard />
</div>
);
}- Independent Deployment: Each micro-frontend can be deployed independently while maintaining runtime integration. This enables teams to release features on their own schedule without affecting other teams.
- Shared Dependencies: Avoid shipping multiple copies of React, Redux, or other common libraries. Module Federation intelligently shares dependencies across applications:
// webpack.config.js
new ModuleFederationPlugin({
name: "hostApp",
remotes: {
remoteApp: "remoteApp@<http://localhost:3001/remoteEntry.js>",
},
shared: {
react: { singleton: true },
"react-dom": { singleton: true },
"react-router-dom": { singleton: true }
},
});- Type Safety: Full TypeScript support with automatic type inference for remote modules, ensuring compile-time safety across micro-frontend boundaries.
>> Read more:
- Build a Type-Safe App with Zod Schema Validation in React
- Crafting A Fully Type-Safe Web Application: Building The Backend
Compare Module Federation with Alternatives
Feature | Module Federation | Single-SPA | iframe | Nx |
|---|---|---|---|---|
Runtime Integration | Native | Manual | Isolated | Build-time |
Bundle Size | Optimized | Variable | Duplicated | Large |
TypeScript Support | Excellent | Limited | None | Good |
Team Independence | Full | Partial | Full | Limited |
React Ecosystem | Native | Good | Limited | Good |
Module Federation's Webpack-native design makes it the natural choice for teams prioritizing React integration and developer experience.
Why Use Module Federation in React Apps?
Solving Team Coordination Challenges
Module Federation eliminates the coordination overhead that plagues monolithic React applications. Traditional approaches force teams to:
- Coordinate releases across multiple teams;
- Resolve merge conflicts in shared codebases;
- Wait for other teams' deployments to complete;
- Maintain compatibility across all feature module.
Enabling Independent Deployments
Module Federation allows each team to deploy their micro-frontend independently while maintaining seamless integration:
// Team A deploys authentication module
const AuthModule = () => {
return (
<div>
<LoginForm />
<UserProfile />
</div>
);
};
// Team B deploys dashboard module independently
const DashboardModule = () => {
return (
<div>
<AnalyticsWidget />
<ReportsPanel />
</div>
);
};
// Host application integrates both at runtime
function App() {
return (
<Router>
<AuthModule />
<DashboardModule />
</Router>
);
}Reducing Bundle Size and Duplication
Traditional micro-frontend approaches often result in duplicate dependencies across applications. Module Federation intelligently shares common libraries:
// webpack.config.js - Shared dependencies configuration
new ModuleFederationPlugin({
name: "hostApp",
remotes: {
authApp: "authApp@<http://auth.example.com/remoteEntry.js>",
dashboardApp: "dashboardApp@<http://dashboard.example.com/remoteEntry.js>",
},
shared: {
react: {
singleton: true,
requiredVersion: "^18.0.0"
},
"react-dom": {
singleton: true,
requiredVersion: "^18.0.0"
},
"react-router-dom": {
singleton: true,
requiredVersion: "^6.0.0"
},
"@reduxjs/toolkit": {
singleton: true,
requiredVersion: "^1.9.0"
}
},
});This configuration ensures that React, React DOM, React Router, and Redux Toolkit are loaded only once across all micro-frontends, reducing total bundle size by 40-60% in typical enterprise applications.
Core Concepts
At its core, Module Federation introduces a revolutionary approach to application communication: instead of compiling all dependencies at build time, applications can load code from other applications at runtime.
Remote and Host Applications
- Host Application: The primary application that consumes and orchestrates remote modules. It defines the overall application structure and routing.
- Remote Application: A standalone application that exposes specific modules (components, hooks, services) for consumption by host applications.
This architecture allows a React application to "import" components, utilities, or services directly from another deployed application, just as if they were local dependencies.
How Runtime Sharing Works?
Traditional Webpack bundles everything at build time, creating static dependencies. Module Federation transforms this approach:
- Federation Configuration: Each application declares its exposed modules and shared dependencies.
- Dynamic Loading: At runtime, the host application dynamically loads remote modules via script injection.
- Dependency Resolution: Shared dependencies are resolved across applications to prevent duplication.
// Remote application configuration
new ModuleFederationPlugin({
name: "userManagement",
filename: "remoteEntry.js",
exposes: {
"./UserProfile": "./src/components/UserProfile",
"./UserSettings": "./src/components/UserSettings",
"./useUserAuth": "./src/hooks/useUserAuth",
},
shared: {
react: { singleton: true },
"react-dom": { singleton: true },
"react-router-dom": { singleton: true }
},
});
// Host application configuration
new ModuleFederationPlugin({
name: "mainApp",
remotes: {
userManagement: "userManagement@<http://localhost:3001/remoteEntry.js>",
analytics: "analytics@<http://localhost:3002/remoteEntry.js>",
},
shared: {
react: { singleton: true },
"react-dom": { singleton: true },
"react-router-dom": { singleton: true }
},
});Getting Started with Module Federation + React
Step 1: Project Setup and Dependencies
For modern React 19 applications, start with Vite or Webpack 5 setup using the latest tooling:
# Using Vite with React 19 (recommended for new projects)
pnpm create vite@latest host-app --template react-ts
pnpm create vite@latest remote-app --template react-ts
# Install latest Module Federation plugins and React 19
pnpm add react@^19.0.0 react-dom@^19.0.0
pnpm add @module-federation/vite@^0.5.0
pnpm add @types/react@^19.0.0 @types/react-dom@^19.0.0
# For existing Webpack projects with latest versions
pnpm add webpack@^5.95.0 @module-federation/webpack@^0.5.0
pnpm add webpack-cli@^5.1.0 webpack-dev-server@^5.1.0
# Modern development tools
pnpm add -D @vitejs/plugin-react@^4.3.0
pnpm add -D typescript@^5.6.0 @types/node@^22.0.0
pnpm add -D eslint@^9.0.0 @typescript-eslint/parser@^8.0.0
pnpm add -D prettier@^3.4.0Step 2: Configure Federation in the Remote Application
Create a comprehensive remote application that exposes multiple modules with React 19 and latest Module Federation features:
// remote-app/vite.config.ts
import { defineConfig } from 'vite';
import react from '@vitejs/plugin-react';
import federation from '@module-federation/vite';
export default defineConfig({
plugins: [
react({
// Enable React 19 features
jsxImportSource: 'react',
babel: {
plugins: [
// Enable React Compiler optimizations
['babel-plugin-react-compiler', {}]
]
}
}),
federation({
name: 'userManagement',
filename: 'remoteEntry.js',
exposes: {
'./UserProfile': './src/components/UserProfile',
'./UserSettings': './src/components/UserSettings',
'./useUserAuth': './src/hooks/useUserAuth',
'./UserService': './src/services/UserService',
'./UserDashboard': './src/components/UserDashboard',
},
shared: {
react: {
singleton: true,
requiredVersion: '^19.0.0',
strictVersion: true,
eager: false
},
'react-dom': {
singleton: true,
requiredVersion: '^19.0.0',
strictVersion: true,
eager: false
},
'react-router-dom': {
singleton: true,
requiredVersion: '^6.28.0',
strictVersion: false
},
'@tanstack/react-query': {
singleton: true,
requiredVersion: '^5.0.0',
strictVersion: false
}
},
// Modern federation features
runtimePlugins: ['./src/runtime-plugin.ts'],
experiments: {
css: true,
futureDefaults: true
}
}),
],
build: {
target: 'esnext',
minify: 'terser',
cssCodeSplit: true,
rollupOptions: {
output: {
manualChunks: {
vendor: ['react', 'react-dom'],
router: ['react-router-dom']
}
}
}
},
server: {
port: 3001,
cors: true,
headers: {
'Cross-Origin-Embedder-Policy': 'require-corp',
'Cross-Origin-Opener-Policy': 'same-origin'
}
},
optimizeDeps: {
include: ['react', 'react-dom', 'react-router-dom']
}
});Step 3: Configure Federation in the Host Application
Set up the host application to consume remote modules with Module Federation 2.0 features:
// host-app/vite.config.ts
import { defineConfig } from 'vite';
import react from '@vitejs/plugin-react';
import federation from '@module-federation/vite';
export default defineConfig({
plugins: [
react({
// Enable React 19 features and compiler optimizations
jsxImportSource: 'react',
babel: {
plugins: [
['babel-plugin-react-compiler', {}]
]
}
}),
federation({
name: 'mainApp',
remotes: {
userManagement: 'userManagement@<http://localhost:3001/remoteEntry.js>',
analytics: 'analytics@<http://localhost:3002/remoteEntry.js>',
payments: 'payments@<http://localhost:3003/remoteEntry.js>',
},
shared: {
react: {
singleton: true,
requiredVersion: '^19.0.0',
strictVersion: true,
eager: false
},
'react-dom': {
singleton: true,
requiredVersion: '^19.0.0',
strictVersion: true,
eager: false
},
'react-router-dom': {
singleton: true,
requiredVersion: '^6.28.0',
strictVersion: false
},
'@tanstack/react-query': {
singleton: true,
requiredVersion: '^5.0.0',
strictVersion: false
},
'zustand': {
singleton: true,
requiredVersion: '^4.5.0',
strictVersion: false
}
},
// Module Federation 2.0 features
runtimePlugins: ['./src/runtime-plugin.ts'],
experiments: {
css: true,
futureDefaults: true,
// Enable automatic TypeScript type generation
typescript: {
autoGenerateTypes: true,
typeCheck: true
}
}
}),
],
build: {
target: 'esnext',
minify: 'terser',
cssCodeSplit: true,
rollupOptions: {
output: {
manualChunks: {
vendor: ['react', 'react-dom'],
router: ['react-router-dom'],
query: ['@tanstack/react-query']
}
}
}
},
server: {
port: 3000,
cors: true,
headers: {
'Cross-Origin-Embedder-Policy': 'require-corp',
'Cross-Origin-Opener-Policy': 'same-origin'
}
},
optimizeDeps: {
include: ['react', 'react-dom', 'react-router-dom', '@tanstack/react-query']
}
});Step 4: Implement Type-Safe Remote Module Consumption with React 19
Create comprehensive type definitions for remote modules with React 19 features and modern TypeScript patterns:
// host-app/src/types/remote.d.ts
import { ComponentType, ReactNode } from 'react';
// Enhanced User Profile with React 19 features
declare module 'userManagement/UserProfile' {
interface UserProfileProps {
userId: string;
onEdit?: () => void;
onDelete?: () => Promise<void>;
children?: ReactNode; // React 19 children prop
className?: string;
// React 19 form actions
action?: (formData: FormData) => Promise<void>;
}
const UserProfile: ComponentType<UserProfileProps>;
export default UserProfile;
}
// Modern authentication hook with React 19 patterns
declare module 'userManagement/useUserAuth' {
interface User {
id: string;
email: string;
name: string;
avatar?: string;
preferences: Record<string, unknown>;
}
interface LoginCredentials {
email: string;
password: string;
rememberMe?: boolean;
}
interface UserAuthReturn {
user: User | null;
login: (credentials: LoginCredentials) => Promise<void>;
logout: () => Promise<void>;
isLoading: boolean;
error: Error | null;
// React 19 async state management
refreshUser: () => Promise<void>;
}
export function useUserAuth(): UserAuthReturn;
}
// Analytics module with modern patterns
declare module 'analytics/Dashboard' {
interface AnalyticsDashboardProps {
userId: string;
timeRange: '7d' | '30d' | '90d' | '1y';
onDataLoad?: (data: AnalyticsData) => void;
onError?: (error: Error) => void;
// React 19 server components support
serverAction?: (data: FormData) => Promise<void>;
}
interface AnalyticsData {
metrics: Record<string, number>;
charts: ChartData[];
insights: string[];
}
interface ChartData {
type: 'line' | 'bar' | 'pie';
data: Array<{ label: string; value: number }>;
}
const AnalyticsDashboard: ComponentType<AnalyticsDashboardProps>;
export default AnalyticsDashboard;
}
// Payment module with modern error handling
declare module 'payments/PaymentForm' {
interface PaymentFormProps {
amount: number;
currency: string;
onSuccess: (transactionId: string) => void;
onError: (error: PaymentError) => void;
// React 19 form handling
onSubmit?: (formData: FormData) => Promise<void>;
}
interface PaymentError {
code: string;
message: string;
details?: Record<string, unknown>;
}
const PaymentForm: ComponentType<PaymentFormProps>;
export default PaymentForm;
}
// Global module federation types
declare global {
interface Window {
__FEDERATION__: {
version: string;
remotes: Record<string, string>;
shared: Record<string, unknown>;
};
}
}Step 5: Consume Remote Components with Modern Error Handling
Implement robust error handling for remote module loading with React 19 features and modern patterns:
// host-app/src/components/RemoteModuleWrapper.tsx
import React, { Suspense, ComponentType, useCallback } from 'react';
import { ErrorBoundary } from 'react-error-boundary';
interface RemoteModuleWrapperProps {
fallback?: React.ReactNode;
errorFallback?: React.ComponentType<{ error: Error; resetError: () => void }>;
children: React.ReactNode;
onRetry?: () => void;
moduleName?: string;
}
function ErrorFallback({ error, resetError }: { error: Error; resetError: () => void }) {
return (
<div className="error-boundary" role="alert">
<h2>Module Loading Error</h2>
<p>Something went wrong loading this module:</p>
<details>
<summary>Error Details</summary>
<pre>{error.message}</pre>
<pre>{error.stack}</pre>
</details>
<button onClick={resetError} className="retry-button">
Retry Loading Module
</button>
</div>
);
}
export function RemoteModuleWrapper({
fallback = <div className="loading-spinner">Loading module...</div>,
errorFallback: ErrorComponent = ErrorFallback,
children,
onRetry,
moduleName = 'Unknown Module'
}: RemoteModuleWrapperProps) {
const handleError = useCallback((error: Error, errorInfo: { componentStack: string }) => {
console.error(`Module Federation Error in ${moduleName}:`, error, errorInfo);
// Send error to monitoring service
if (typeof window !== 'undefined' && window.gtag) {
window.gtag('event', 'module_federation_error', {
module_name: moduleName,
error_message: error.message,
error_stack: error.stack
});
}
}, [moduleName]);
return (
<ErrorBoundary
FallbackComponent={ErrorComponent}
onError={handleError}
onReset={onRetry}
>
<Suspense fallback={fallback}>
{children}
</Suspense>
</ErrorBoundary>
);
}
// Modern React 19 App with enhanced error handling
function App() {
const handleModuleRetry = useCallback(() => {
// Clear module cache and retry loading
if (typeof window !== 'undefined' && window.__FEDERATION__) {
// Clear cached modules
Object.keys(window.__FEDERATION__.remotes).forEach(remote => {
delete window.__FEDERATION__.remotes[remote];
});
}
// Reload the page to retry module loading
window.location.reload();
}, []);
return (
<Router>
<div className="app">
<RemoteModuleWrapper
moduleName="UserProfile"
onRetry={handleModuleRetry}
fallback={<div className="user-profile-skeleton">Loading user profile...</div>}
>
<UserProfile userId="123" />
</RemoteModuleWrapper>
<RemoteModuleWrapper
moduleName="AnalyticsDashboard"
onRetry={handleModuleRetry}
fallback={<div className="analytics-skeleton">Loading analytics...</div>}
>
<AnalyticsDashboard userId="123" timeRange="30d" />
</RemoteModuleWrapper>
<RemoteModuleWrapper
moduleName="PaymentForm"
onRetry={handleModuleRetry}
fallback={<div className="payment-skeleton">Loading payment form...</div>}
>
<PaymentForm
amount={99.99}
currency="USD"
onSuccess={(transactionId) => console.log('Payment successful:', transactionId)}
onError={(error) => console.error('Payment failed:', error)}
/>
</RemoteModuleWrapper>
</div>
</Router>
);
} Step 6: Implement Advanced Dynamic Remote Loading with React 19
For advanced scenarios, implement sophisticated dynamic remote module loading with modern patterns:
// host-app/src/hooks/useRemoteModule.ts
import { useState, useEffect, useCallback, useRef } from 'react';
import { ComponentType } from 'react';
interface RemoteModule {
default: ComponentType<any>;
[key: string]: any;
}
interface UseRemoteModuleOptions {
retryCount?: number;
retryDelay?: number;
timeout?: number;
fallbackModule?: ComponentType<any>;
onLoad?: (module: any) => void;
onError?: (error: Error) => void;
}
interface UseRemoteModuleReturn<T = any> {
module: T | null;
loading: boolean;
error: Error | null;
retry: () => void;
clearCache: () => void;
}
export function useRemoteModule<T = any>(
remoteName: string,
moduleName: string,
options: UseRemoteModuleOptions = {}
): UseRemoteModuleReturn<T> {
const {
retryCount = 3,
retryDelay = 1000,
timeout = 10000,
fallbackModule,
onLoad,
onError
} = options;
const [module, setModule] = useState<T | null>(null);
const [loading, setLoading] = useState(true);
const [error, setError] = useState<Error | null>(null);
const [retryAttempts, setRetryAttempts] = useState(0);
const timeoutRef = useRef<NodeJS.Timeout>();
const abortControllerRef = useRef<AbortController>();
const loadModule = useCallback(async () => {
try {
setLoading(true);
setError(null);
// Create abort controller for timeout handling
abortControllerRef.current = new AbortController();
// Set timeout
timeoutRef.current = setTimeout(() => {
abortControllerRef.current?.abort();
}, timeout);
// Dynamic import with modern error handling
const remoteModule = await import(
/* @vite-ignore */
`${remoteName}/${moduleName}`
);
clearTimeout(timeoutRef.current);
setModule(remoteModule);
setRetryAttempts(0);
onLoad?.(remoteModule);
} catch (err) {
clearTimeout(timeoutRef.current);
const error = err as Error;
setError(error);
onError?.(error);
console.error(`Failed to load module ${remoteName}/${moduleName}:`, error);
// Auto-retry logic
if (retryAttempts < retryCount) {
setTimeout(() => {
setRetryAttempts(prev => prev + 1);
loadModule();
}, retryDelay * Math.pow(2, retryAttempts)); // Exponential backoff
}
} finally {
setLoading(false);
}
}, [remoteName, moduleName, retryAttempts, retryCount, retryDelay, timeout, onLoad, onError]);
const retry = useCallback(() => {
setRetryAttempts(0);
setError(null);
loadModule();
}, [loadModule]);
const clearCache = useCallback(() => {
// Clear module federation cache
if (typeof window !== 'undefined' && window.__FEDERATION__) {
const cacheKey = `${remoteName}/${moduleName}`;
delete window.__FEDERATION__.remotes[cacheKey];
}
retry();
}, [retry, remoteName, moduleName]);
useEffect(() => {
loadModule();
return () => {
clearTimeout(timeoutRef.current);
abortControllerRef.current?.abort();
};
}, [loadModule]);
return { module, loading, error, retry, clearCache };
}
// Enhanced usage example with React 19 patterns
function DynamicUserProfile({ userId }: { userId: string }) {
const { module: UserProfile, loading, error, retry, clearCache } = useRemoteModule(
'userManagement',
'UserProfile',
{
retryCount: 3,
retryDelay: 1000,
timeout: 15000,
onLoad: (module) => {
console.log('UserProfile module loaded successfully');
// Track module load success
if (typeof window !== 'undefined' && window.gtag) {
window.gtag('event', 'module_load_success', {
module_name: 'UserProfile',
load_time: performance.now()
});
}
},
onError: (error) => {
console.error('UserProfile module failed to load:', error);
// Track module load failure
if (typeof window !== 'undefined' && window.gtag) {
window.gtag('event', 'module_load_failure', {
module_name: 'UserProfile',
error_message: error.message
});
}
}
}
);
if (loading) {
return (
<div className="user-profile-loading">
<div className="loading-spinner" />
<p>Loading user profile...</p>
{retryAttempts > 0 && (
<p className="retry-info">Retry attempt {retryAttempts}/3</p>
)}
</div>
);
}
if (error) {
return (
<div className="user-profile-error">
<h3>Failed to load user profile</h3>
<p>{error.message}</p>
<div className="error-actions">
<button onClick={retry} className="retry-button">
Retry Loading
</button>
<button onClick={clearCache} className="clear-cache-button">
Clear Cache & Retry
</button>
</div>
</div>
);
}
if (!UserProfile) {
return (
<div className="user-profile-not-found">
<p>User profile module not found</p>
<button onClick={retry}>Try Again</button>
</div>
);
}
return <UserProfile userId={userId} />;
}
// Advanced module registry for dynamic module management
class ModuleRegistry {
private modules = new Map<string, ComponentType<any>>();
private loadingPromises = new Map<string, Promise<any>>();
async loadModule(remoteName: string, moduleName: string): Promise<ComponentType<any>> {
const key = `${remoteName}/${moduleName}`;
if (this.modules.has(key)) {
return this.modules.get(key)!;
}
if (this.loadingPromises.has(key)) {
return this.loadingPromises.get(key)!;
}
const loadingPromise = import(/* @vite-ignore */ `${remoteName}/${moduleName}`)
.then(module => {
this.modules.set(key, module.default);
this.loadingPromises.delete(key);
return module.default;
})
.catch(error => {
this.loadingPromises.delete(key);
throw error;
});
this.loadingPromises.set(key, loadingPromise);
return loadingPromise;
}
clearModule(remoteName: string, moduleName: string) {
const key = `${remoteName}/${moduleName}`;
this.modules.delete(key);
this.loadingPromises.delete(key);
}
clearAllModules() {
this.modules.clear();
this.loadingPromises.clear();
}
}
export const moduleRegistry = new ModuleRegistry();Step 7: Modern Deployment and CI/CD Integration
Configure advanced deployment pipelines with cloud-native approaches and modern DevOps practices:
# .github/workflows/deploy-user-management.yml
name: Deploy User Management Module
on:
push:
branches: [main, develop]
paths: ['user-management/**']
pull_request:
branches: [main]
paths: ['user-management/**']
env:
NODE_VERSION: '20'
PNPM_VERSION: '8'
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'pnpm'
- name: Install pnpm
uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Run type checking
run: pnpm type-check
working-directory: ./user-management
- name: Run linting
run: pnpm lint
working-directory: ./user-management
- name: Run tests
run: pnpm test:coverage
working-directory: ./user-management
- name: Upload coverage reports
uses: codecov/codecov-action@v4
with:
file: ./user-management/coverage/lcov.info
flags: user-management
name: user-management-coverage
security-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run security audit
run: pnpm audit --audit-level moderate
working-directory: ./user-management
- name: Run Snyk security scan
uses: snyk/actions/node@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --severity-threshold=high
build:
needs: [test, security-scan]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'pnpm'
- name: Install pnpm
uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Build module
run: pnpm build
working-directory: ./user-management
env:
NODE_ENV: production
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: user-management-build
path: ./user-management/dist/
retention-days: 30
deploy-staging:
needs: build
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/develop'
environment: staging
steps:
- uses: actions/checkout@v4
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: user-management-build
path: ./user-management/dist/
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Deploy to staging CDN
run: |
aws s3 sync ./user-management/dist s3://staging-cdn-bucket/user-management/ \\
--delete \\
--cache-control "public, max-age=31536000" \\
--metadata-directive REPLACE
aws cloudfront create-invalidation \\
--distribution-id ${{ secrets.STAGING_CLOUDFRONT_DISTRIBUTION_ID }} \\
--paths "/user-management/*"
- name: Update staging module registry
run: |
aws lambda invoke \\
--function-name update-module-registry \\
--payload '{"module":"user-management","version":"'${{ github.sha }}'","environment":"staging"}' \\
response.json
deploy-production:
needs: build
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
environment: production
steps:
- uses: actions/checkout@v4
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: user-management-build
path: ./user-management/dist/
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Deploy to production CDN
run: |
# Deploy with blue-green strategy
aws s3 sync ./user-management/dist s3://prod-cdn-bucket/user-management-v${{ github.run_number }}/ \\
--delete \\
--cache-control "public, max-age=31536000" \\
--metadata-directive REPLACE
# Update module federation configuration
aws s3 cp ./user-management/dist/remoteEntry.js s3://prod-cdn-bucket/user-management/remoteEntry.js \\
--cache-control "no-cache, no-store, must-revalidate"
aws cloudfront create-invalidation \\
--distribution-id ${{ secrets.PROD_CLOUDFRONT_DISTRIBUTION_ID }} \\
--paths "/user-management/*"
- name: Update production module registry
run: |
aws lambda invoke \\
--function-name update-module-registry \\
--payload '{"module":"user-management","version":"'${{ github.sha }}'","environment":"production"}' \\
response.json
- name: Run smoke tests
run: |
curl -f <https://prod-cdn.example.com/user-management/remoteEntry.js> || exit 1
curl -f <https://prod-cdn.example.com/user-management/manifest.json> || exit 1
- name: Notify deployment success
uses: 8398a7/action-slack@v3
with:
status: success
channel: '#deployments'
text: 'User Management module deployed successfully to production!'
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
rollback:
runs-on: ubuntu-latest
if: failure()
environment: production
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Rollback to previous version
run: |
aws lambda invoke \\
--function-name rollback-module \\
--payload '{"module":"user-management","environment":"production"}' \\
response.json
- name: Notify rollback
uses: 8398a7/action-slack@v3
with:
status: failure
channel: '#deployments'
text: 'User Management module deployment failed and rolled back!'
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}Docker Containerization for Micro-Frontends:
# user-management/Dockerfile
FROM node:20-alpine AS base
# Install pnpm
RUN npm install -g pnpm@8
WORKDIR /app
# Copy package files
COPY package.json pnpm-lock.yaml ./
COPY user-management/package.json ./user-management/
# Install dependencies
RUN pnpm install --frozen-lockfile
# Copy source code
COPY user-management/ ./user-management/
# Build the application
WORKDIR /app/user-management
RUN pnpm build
# Production stage
FROM nginx:alpine AS production
# Copy built files
COPY --from=base /app/user-management/dist /usr/share/nginx/html
# Copy nginx configuration
COPY user-management/nginx.conf /etc/nginx/conf.d/default.conf
# Add health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \\
CMD curl -f <http://localhost/health> || exit 1
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]# user-management/nginx.conf
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
index index.html;
# Enable gzip compression
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_types text/plain text/css text/xml text/javascript application/javascript application/xml+rss application/json;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
# Module Federation specific headers
add_header Cross-Origin-Embedder-Policy "require-corp" always;
add_header Cross-Origin-Opener-Policy "same-origin" always;
# Cache static assets
location ~* \\.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
expires 1y;
add_header Cache-Control "public, immutable";
}
# Don't cache remoteEntry.js
location /remoteEntry.js {
expires -1;
add_header Cache-Control "no-cache, no-store, must-revalidate";
}
# Health check endpoint
location /health {
access_log off;
return 200 "healthy\\n";
add_header Content-Type text/plain;
}
# Fallback for SPA routing
location / {
try_files $uri $uri/ /index.html;
}
}This modern setup enables each team to deploy independently with comprehensive testing, security scanning, and cloud-native infrastructure while maintaining runtime integration through Module Federation.
AI-Assisted Module Federation Development
The integration of AI tools into Module Federation development has revolutionized how teams build, optimize, and maintain micro-frontend architectures. In 2025, AI-assisted development has become the standard practice for enterprise teams.
GitHub Copilot Integration for Module Federation
Leverage GitHub Copilot to accelerate Module Federation configuration and development:
// AI-assisted Module Federation configuration generation
// Prompt: "Generate a Module Federation config for a React 19 e-commerce app with user management, payments, and analytics modules"
import { defineConfig } from 'vite';
import react from '@vitejs/plugin-react';
import federation from '@module-federation/vite';
export default defineConfig({
plugins: [
react({
// AI-suggested React 19 optimizations
jsxImportSource: 'react',
babel: {
plugins: [
['babel-plugin-react-compiler', {}]
]
}
}),
federation({
name: 'ecommerce-host',
remotes: {
// AI-generated remote configurations
userManagement: 'userManagement@<https://cdn.example.com/user-management/remoteEntry.js>',
paymentGateway: 'paymentGateway@<https://cdn.example.com/payments/remoteEntry.js>',
analyticsDashboard: 'analyticsDashboard@<https://cdn.example.com/analytics/remoteEntry.js>',
productCatalog: 'productCatalog@<https://cdn.example.com/products/remoteEntry.js>',
},
shared: {
// AI-optimized shared dependencies
react: {
singleton: true,
requiredVersion: '^19.0.0',
strictVersion: true,
eager: false
},
'react-dom': {
singleton: true,
requiredVersion: '^19.0.0',
strictVersion: true,
eager: false
},
'@tanstack/react-query': {
singleton: true,
requiredVersion: '^5.0.0',
strictVersion: false
},
'zustand': {
singleton: true,
requiredVersion: '^4.5.0',
strictVersion: false
}
},
// AI-suggested advanced features
experiments: {
css: true,
futureDefaults: true,
typescript: {
autoGenerateTypes: true,
typeCheck: true
}
}
}),
],
// AI-optimized build configuration
build: {
target: 'esnext',
minify: 'terser',
cssCodeSplit: true,
rollupOptions: {
output: {
manualChunks: {
vendor: ['react', 'react-dom'],
query: ['@tanstack/react-query'],
state: ['zustand']
}
}
}
}
});This AI-assisted approach to Module Federation development represents the cutting edge of modern web development.
Best Practices for Production Module Federation
To ensure smooth scaling and maintainable micro-frontend architectures, consider these essential best practices.
Dependency Management and Version Control
Pin dependency versions to prevent runtime conflicts and ensure consistent behavior across environments:
// webpack.config.js - Strict version control
new ModuleFederationPlugin({
name: "hostApp",
remotes: {
userManagement: "userManagement@<http://localhost:3001/remoteEntry.js>",
},
shared: {
react: {
singleton: true,
requiredVersion: "18.2.0", // Exact version pinning
strictVersion: true
},
"react-dom": {
singleton: true,
requiredVersion: "18.2.0",
strictVersion: true
},
"react-router-dom": {
singleton: true,
requiredVersion: "6.8.0",
strictVersion: false // Allow minor updates
}
},
});Use semantic versioning for shared dependencies to balance stability with necessary updates.
Performance Optimization Strategies
- Implement lazy loading for non-critical remote modules to improve initial page load performance:
// Lazy load remote components
const UserProfile = React.lazy(() => import("userManagement/UserProfile"));
const AnalyticsDashboard = React.lazy(() => import("analytics/Dashboard"));
function App() {
return (
<Router>
<Suspense fallback={<div>Loading...</div>}>
<Routes>
<Route path="/profile" element={<UserProfile />} />
<Route path="/analytics" element={<AnalyticsDashboard />} />
</Routes>
</Suspense>
</Router>
);
}- Optimize bundle splitting by exposing granular modules rather than entire applications:
// Good: Granular module exposure
exposes: {
"./UserProfile": "./src/components/UserProfile",
"./UserSettings": "./src/components/UserSettings",
"./useUserAuth": "./src/hooks/useUserAuth",
}
// Avoid: Exposing entire applications
exposes: {
"./UserManagement": "./src/App", // Too large, loads unnecessary code
}Testing Strategies for Micro-Frontends
- Contract Testing: Ensure exposed components maintain expected interfaces across deployments:
// Contract tests for remote modules
describe("UserProfile Contract", () => {
it("should accept required props", () => {
const props = { userId: "123" };
expect(() => <UserProfile {...props} />).not.toThrow();
});
it("should handle optional props", () => {
const props = { userId: "123", onEdit: jest.fn() };
expect(() => <UserProfile {...props} />).not.toThrow();
});
});- Integration Testing: Validate cross-module communication and data flow:
// Integration test for host-remote communication
describe("Module Federation Integration", () => {
it("should load remote modules successfully", async () => {
const { getByTestId } = render(<App />);
// Wait for remote module to load
await waitFor(() => {
expect(getByTestId("user-profile")).toBeInTheDocument();
});
});
});- Mock Remote Modules: Use fallback implementations for local development:
// Development fallback for remote modules
const UserProfileMock = () => (
<div data-testid="user-profile-mock">
Mock User Profile Component
</div>
);
// Use mock in development, real module in production
const UserProfile = process.env.NODE_ENV === 'development'
? UserProfileMock
: React.lazy(() => import("userManagement/UserProfile"));Security Considerations
- Content Security Policy (CSP): Configure CSP headers to validate remote script sources:
<!-- CSP header for Module Federation -->
<meta http-equiv="Content-Security-Policy"
content="script-src 'self' <https://cdn.example.com>;
connect-src 'self' <https://api.example.com>;">- Subresource Integrity (SRI): Validate remote script integrity:
// Add integrity checks for remote modules
new ModuleFederationPlugin({
name: "hostApp",
remotes: {
userManagement: {
external: "userManagement@<http://localhost:3001/remoteEntry.js>",
integrity: "sha384-abc123..." // SHA hash of remote entry
}
}
});- Environment-based Configuration: Use different remote URLs for different environments:
// Environment-specific remote configuration
const getRemoteUrl = (remoteName: string) => {
const baseUrls = {
development: "<http://localhost:3001>",
staging: "<https://staging-cdn.example.com>",
production: "<https://cdn.example.com>"
};
return `${baseUrls[process.env.NODE_ENV]}/${remoteName}/remoteEntry.js`;
};Scaling Challenges and Solutions
While Module Federation provides powerful capabilities, it introduces unique challenges that require careful consideration.
Handling Breaking Changes Across Micro-Frontends
- Semantic Versioning: Implement strict versioning for exposed modules to manage breaking changes:
// Version-aware module loading
const loadRemoteModule = async (remoteName: string, version: string) => {
const remoteUrl = `${getRemoteUrl(remoteName)}@${version}/remoteEntry.js`;
try {
return await import(/* @vite-ignore */ remoteUrl);
} catch (error) {
console.error(`Failed to load ${remoteName}@${version}:`, error);
// Fallback to previous version or show error
return await loadFallbackModule(remoteName);
}
};- Backward Compatibility: Maintain compatibility layers for deprecated APIs:
// Compatibility wrapper for breaking changes
const UserProfileV2 = ({ userId, onEdit }: UserProfileV2Props) => {
// New implementation
return <div>New User Profile</div>;
};
// Backward compatibility wrapper
const UserProfile = ({ userId, onEdit, ...legacyProps }: UserProfileProps) => {
// Handle legacy props
if (legacyProps.legacyCallback) {
console.warn("legacyCallback is deprecated, use onEdit instead");
}
return <UserProfileV2 userId={userId} onEdit={onEdit} />;
};Debugging Across Micro-Frontend Boundaries
- Source Map Configuration: Ensure proper source map generation for debugging:
// webpack.config.js - Source map configuration
module.exports = {
devtool: 'source-map', // Generate source maps for debugging
optimization: {
minimize: false, // Disable minification in development
}
};- Centralized Logging: Implement cross-module logging for better debugging:
// Shared logging service
class FederationLogger {
static log(moduleName: string, level: string, message: string, data?: any) {
const logEntry = {
timestamp: new Date().toISOString(),
module: moduleName,
level,
message,
data
};
console.log(JSON.stringify(logEntry));
// Send to centralized logging service
if (process.env.NODE_ENV === 'production') {
this.sendToLoggingService(logEntry);
}
}
static sendToLoggingService(logEntry: any) {
// Implementation for centralized logging
}
}
// Usage in remote modules
FederationLogger.log('userManagement', 'info', 'User profile loaded', { userId: '123' });Performance Monitoring and Optimization
- Bundle Analysis: Monitor bundle sizes and loading performance:
// Performance monitoring for remote modules
const monitorModulePerformance = (moduleName: string) => {
const startTime = performance.now();
return {
end: () => {
const loadTime = performance.now() - startTime;
console.log(`${moduleName} loaded in ${loadTime}ms`);
// Send metrics to monitoring service
if (window.gtag) {
window.gtag('event', 'module_load_time', {
module_name: moduleName,
load_time: loadTime
});
}
}
};
};
// Usage
const performanceMonitor = monitorModulePerformance('userManagement');
const UserProfile = await import("userManagement/UserProfile");
performanceMonitor.end();- Caching Strategies: Implement intelligent caching for remote modules:
// Cache management for remote modules
class RemoteModuleCache {
private cache = new Map<string, any>();
async getModule(remoteName: string, moduleName: string) {
const cacheKey = `${remoteName}/${moduleName}`;
if (this.cache.has(cacheKey)) {
return this.cache.get(cacheKey);
}
const module = await import(/* @vite-ignore */ `${remoteName}/${moduleName}`);
this.cache.set(cacheKey, module);
return module;
}
clearCache() {
this.cache.clear();
}
}Real-World Examples and Business Impact
Enterprise Dashboard: Fortune 500 Implementation
A Fortune 500 financial services company transformed their monolithic React dashboard into a Module Federation architecture, achieving remarkable business outcomes:
Business Results:
- 50% faster feature delivery: Teams deploy independently without coordination overhead
- 90% reduction in merge conflicts: Isolated codebases eliminate integration issues
- 75% faster build times: Each team builds only their portion of the application
- 40% reduction in production incidents: Isolated deployments prevent cascading failures
Technical Implementation:
// Main dashboard host configuration
new ModuleFederationPlugin({
name: "financialDashboard",
remotes: {
analytics: "analytics@<https://cdn.company.com/analytics/remoteEntry.js>",
payments: "payments@<https://cdn.company.com/payments/remoteEntry.js>",
userManagement: "userManagement@<https://cdn.company.com/users/remoteEntry.js>",
reporting: "reporting@<https://cdn.company.com/reports/remoteEntry.js>",
},
shared: {
react: { singleton: true, requiredVersion: "18.2.0" },
"react-dom": { singleton: true, requiredVersion: "18.2.0" },
"@company/design-system": { singleton: true, requiredVersion: "2.1.0" },
"@company/auth": { singleton: true, requiredVersion: "1.5.0" }
}
});Multi-Tenant SaaS Platform: Independent Module Evolution
A B2B SaaS platform serving 10,000+ customers implemented Module Federation to enable independent feature development across multiple product teams:
Architecture Overview:
- Core Platform: Host application managing authentication, billing, and navigation
- Feature Modules: Independently developed and deployed by specialized teams
- Customer Modules: Customizable modules for enterprise customers
// Dynamic module loading based on customer configuration
const loadCustomerModules = async (customerId: string) => {
const customerConfig = await fetchCustomerConfig(customerId);
const modules = [];
for (const moduleConfig of customerConfig.enabledModules) {
try {
const module = await import(
/* @vite-ignore */
`${moduleConfig.remoteUrl}/remoteEntry.js`
);
modules.push({
name: moduleConfig.name,
component: module.default,
config: moduleConfig
});
} catch (error) {
console.error(`Failed to load module ${moduleConfig.name}:`, error);
}
}
return modules;
};
// Usage in customer dashboard
function CustomerDashboard({ customerId }: { customerId: string }) {
const [modules, setModules] = useState([]);
useEffect(() => {
loadCustomerModules(customerId).then(setModules);
}, [customerId]);
return (
<div className="customer-dashboard">
{modules.map(module => (
<Suspense key={module.name} fallback={<ModuleLoader />}>
<module.component config={module.config} />
</Suspense>
))}
</div>
);
}Business Impact:
- 3x faster customer onboarding: New customers can be onboarded with custom modules in days instead of weeks
- 60% reduction in customer churn: Faster feature delivery improves customer satisfaction
- 40% increase in developer productivity: Teams work independently without coordination overhead
E-commerce Platform: Micro-Frontend Marketplace
A large e-commerce platform implemented Module Federation to enable third-party developers to create marketplace extensions:
Architecture Benefits:
- Third-party integrations: External developers can create modules without access to core codebase
- Independent scaling: High-traffic modules (like payment processing) can scale independently
- Technology diversity: Different teams use different React patterns and state management
// Third-party module registration system
class ModuleRegistry {
private modules = new Map<string, ModuleConfig>();
registerModule(config: ModuleConfig) {
// Validate module configuration
this.validateModuleConfig(config);
// Register with Module Federation
this.registerWithFederation(config);
this.modules.set(config.name, config);
}
private validateModuleConfig(config: ModuleConfig) {
// Security validation
if (!this.isValidRemoteUrl(config.remoteUrl)) {
throw new Error('Invalid remote URL');
}
// Contract validation
if (!this.validateModuleContract(config)) {
throw new Error('Module contract validation failed');
}
}
private registerWithFederation(config: ModuleConfig) {
// Dynamically add remote to Module Federation configuration
const federationConfig = this.getFederationConfig();
federationConfig.remotes[config.name] = `${config.name}@${config.remoteUrl}/remoteEntry.js`;
this.updateFederationConfig(federationConfig);
}
}
// Usage by third-party developers
const thirdPartyModule = {
name: 'advancedAnalytics',
remoteUrl: '<https://developer.example.com/analytics>',
contract: {
props: ['userId', 'timeRange'],
events: ['onDataLoad', 'onError']
}
};
moduleRegistry.registerModule(thirdPartyModule);Business Results:
- 200+ third-party modules: Ecosystem of extensions created by external developers
- 25% increase in platform revenue: Marketplace fees from third-party modules
- 50% reduction in internal development costs: External developers handle feature requests
When Not to Use Module Federation?
For applications with simple requirements and single-team ownership:
// ❌ Overkill for simple applications
const SimpleBlogApp = () => {
const [posts, setPosts] = useState([]);
return (
<div>
{posts.map(post => (
<BlogPost key={post.id} post={post} />
))}
</div>
);
};
// Module Federation adds unnecessary complexity for:
// - Single-page applications with < 20 components
// - Applications with single team ownership
// - Prototypes or MVPs with rapid iteration needsFor applications with strict performance requirements:
- Real-time gaming applications requiring microsecond precision
- High-frequency trading interfaces with latency constraints
- Embedded systems with extremely limited resources
- Legacy applications where migration costs outweigh benefits
Making the Decision
The key question: "What happens if teams can't deploy independently?"
- If the answer is "development velocity suffers significantly" → Module Federation is essential
- If the answer is "minimal impact on team productivity" → Traditional architecture may suffice
Decision Matrix:
| Factor | Traditional Architecture | Module Federation |
|---|---|---|
| Team Size | 1-5 developers | 5+ developers |
| Deployment Frequency | Weekly/Monthly | Daily/Multiple daily |
| Technology Diversity | Single stack | Multiple stacks |
| Team Independence | Low | High |
| Complexity Tolerance | Low | High |
| Performance Requirements | Standard | Standard-High |
Conclusion
Module Federation has evolved from a technical solution to a strategic enabler of business agility. In 2025, it drives faster innovation, higher productivity, and autonomous scalability across React ecosystems.
With AI-assisted implementation and intelligent module boundaries, organizations adopting Module Federation today are building the foundation for the next era of software development—federated, adaptive, and future-ready.
>>> Follow and Contact Relia Software for more information!
- coding