![Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack](https://cdn.sanity.io/images/cgdhsj6q/production/6af25114feaaac7179b18127c83327568ff592d1-1024x1024.webp?w=800&fit=max&auto=format)
Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
@angular/core
Advanced tools
Package description
The @angular/core package is a fundamental part of Angular, a popular front-end web application platform. It provides the critical runtime parts of the Angular framework, including the component decorator, directives, dependency injection, and the core Angular APIs necessary for building dynamic single-page web applications.
Components
Components are the building blocks of Angular applications. They control a patch of screen called a view. The @Component decorator indicates that the class immediately below it is a component and provides metadata about the component.
"@Component({ selector: 'app-root', templateUrl: './app.component.html', styleUrls: ['./app.component.css'] }) export class AppComponent { title = 'My Angular App'; }"
Dependency Injection
Dependency Injection (DI) is a design pattern used in Angular to make components or classes dependent on interfaces rather than concrete implementations. This improves modularity and testability.
"constructor(private myService: MyService) {}"
Directives
Directives are classes that add additional behavior to elements in your Angular applications. With Angular's built-in directives, you can manage forms, lists, styles, and what users see.
"@Directive({ selector: '[appHighlight]' }) export class HighlightDirective { constructor(el: ElementRef) { el.nativeElement.style.backgroundColor = 'yellow'; } }"
React is a popular JavaScript library for building user interfaces. It focuses on a component-based architecture similar to Angular but uses a different syntax and design philosophy. React emphasizes a one-way data flow and virtual DOM for efficient rendering.
Vue.js is a progressive JavaScript framework used for building UIs and single-page applications. It is designed from the ground up to be incrementally adoptable. Vue also focuses on the ViewModel part of the MVVM pattern and employs a reactive and composable data model.
Changelog
14.0.2 (2022-06-15)
| Commit | Type | Description | | -- | -- | -- | | ef5cba3df7 | fix | allow null in ngComponentOutlet (#46280) |
| Commit | Type | Description |
| -- | -- | -- |
| 8ecfd71fd7 | fix | don't emit empty providers array (#46301) |
| b92c1a6ada | fix | use inline type-check blocks for components outside rootDir
(#46096) |
| Commit | Type | Description | | -- | -- | -- | | 3fd8948b4a | fix | Resolve forwardRef declarations for jit (#46334) |
Alex Rickabaugh, Andrew Scott, Badawi7, Daniel Schmitz, Derek Cormier, JoostK, Kevin Davila, Kristiyan Kostadinov, Paul Draper, Paul Gschwendtner, Tom Eustace, Totati, Younes Jaaidi, alefra, dario-piotrowicz, markostanimirovic, mgechev, piyush132000, sten-bone and vivekkoya
<!-- CHANGELOG SPLIT MARKER --><a name="14.0.1"></a>
Readme
The sources for this package are in the main Angular repo. Please file issues and pull requests against that repo.
License: MIT
FAQs
Angular - the core framework
The npm package @angular/core receives a total of 2,774,804 weekly downloads. As such, @angular/core popularity was classified as popular.
We found that @angular/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.