Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@angular/elements
Advanced tools
@angular/elements allows Angular components to be used as custom elements (web components). This enables the integration of Angular components into non-Angular applications and enhances reusability across different frameworks and libraries.
Creating a Custom Element
This code demonstrates how to create a custom element from an Angular component. The `createCustomElement` function is used to convert `MyComponent` into a custom element named 'my-element'.
import { Injector, NgModule } from '@angular/core';
import { createCustomElement } from '@angular/elements';
import { BrowserModule } from '@angular/platform-browser';
import { MyComponent } from './my-component.component';
@NgModule({
declarations: [MyComponent],
imports: [BrowserModule],
entryComponents: [MyComponent]
})
export class AppModule {
constructor(private injector: Injector) {
const myElement = createCustomElement(MyComponent, { injector });
customElements.define('my-element', myElement);
}
ngDoBootstrap() {}
}
Using the Custom Element in HTML
Once the Angular component is converted into a custom element, it can be used in any HTML file just like a standard HTML element. This example shows how to include and use the custom element 'my-element' in an HTML file.
<!DOCTYPE html>
<html>
<head>
<title>Angular Element</title>
<script src="path/to/your/angular-element.js"></script>
</head>
<body>
<my-element></my-element>
</body>
</html>
Stencil is a compiler that generates Web Components (custom elements) and builds high-performance web apps. It is framework-agnostic and can be used to create reusable components that work with any major framework or no framework at all. Compared to @angular/elements, Stencil is more focused on performance and offers additional features like lazy loading and pre-rendering.
Lit is a simple library for building fast, lightweight web components. It provides a minimal API to define custom elements and manage their lifecycle. Lit is known for its small size and ease of use, making it a good alternative to @angular/elements for projects that require lightweight and fast custom elements.
vue-custom-element is a Vue plugin that enables the creation of custom elements from Vue components. It allows Vue components to be used as web components in non-Vue applications. This package is similar to @angular/elements but is tailored for Vue.js, providing a seamless way to integrate Vue components as custom elements.
The sources for this package are in the main Angular repo. Please file issues and pull requests against that repo.
Usage information and reference details can be found in Angular documentation.
License: MIT
18.2.4 (2024-09-11)
| Commit | Type | Description | | -- | -- | -- | | b619d6987e | fix | produce less noisy errors when parsing control flow (#57711) |
| Commit | Type | Description | | -- | -- | -- | | 9895e4492f | fix | replace leftover modules with their exports during pruning (#57684) |
<!-- CHANGELOG SPLIT MARKER --><a name="18.2.3"></a>
FAQs
Angular - library for using Angular Components as Custom Elements
The npm package @angular/elements receives a total of 280,867 weekly downloads. As such, @angular/elements popularity was classified as popular.
We found that @angular/elements demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.