Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@ckeditor/ckeditor5-angular
Advanced tools
Official Angular component for CKEditor 5 – the best browser-based rich text editor.
Official CKEditor 5 rich text editor component for Angular 13+.
See the "Rich text editor component for Angular" guide in the CKEditor 5 documentation to learn more:
ngModel
@Input
properties@Output
propertiesBecause of the breaking changes in the Angular library output format, the @ckeditor/ckeditor5-angular
package is released in the following versions to support various Angular ecosystems:
Package version | Angular version | Details |
---|---|---|
Actively supported versions | ||
^9 | 16+ | Migration to TypeScript 5. Declaration files are not backward compatible. Requires CKEditor 5 in version 43 or higher. |
Past releases (no longer maintained) | ||
^8 | 13+ | Requires CKEditor 5 at least in version 42. |
^7 | 13+ | Changes in peer dependencies. (issue) |
^6 | 13+ | Requires CKEditor 5 at least in version 37. |
^5 | 13+ | Requires Angular at least in version 13+. Lower versions are no longer maintained. |
^4 | 9.1+ | Requires CKEditor 5 at least in version 34. |
^3 | 9.1+ | Requires Node.js at least in version 14. |
^2 | 9.1+ | Migration to TypeScript 4. Declaration files are not backward compatible. |
^1 | 5.x - 8.x | Angular versions are no longer maintained. |
Note that the package.json
file used in the main repository isn't published on npm (the production one is present in src/ckeditor/package.json
).
After cloning this repository, install necessary dependencies:
npm install
This repository contains the following code:
./src/ckeditor
contains the implementation of the <ckeditor>
component,./src/app
is a demo application using the component.Note: The npm package contains a packaged component only.
To open the demo application using the component, run:
npm run start
To test it in production, use:
npm run start -- --configuration production
To run unit tests, use:
npm run test
To run e2e tests, run:
# Prepare the server.
npm run start
# Then, start tests.
npm run test:e2e
To run coverage tests, run:
npm run coverage
Play with the application and make sure the component works properly.
CircleCI automates the release process and can release both channels: stable (X.Y.Z
) and pre-releases (X.Y.Z-alpha.X
, etc.).
Before you start, you need to prepare the changelog entries.
#master
branch is up-to-date: git fetch && git checkout master && git pull
.git checkout -b release-[YYYYMMDD]
where YYYYMMDD
is the current day.yarn run changelog --branch release-[YYYYMMDD] [--from [GIT_TAG]]
.
By default, the changelog generator uses the latest published tag as a starting point for collecting commits to process.
The --from
modifier option allows overriding the default behavior. It is required when preparing the changelog entries for the next stable release while the previous one was marked as a prerelease, e.g., @alpha
.
Example: Let's assume that the v40.5.0-alpha.0
tag is our latest and that we want to release it on a stable channel. The --from
modifier should be equal to --from v40.4.0
.
This task checks what changed in each package and bumps the version accordingly. It won't create a new changelog entry if nothing changes at all. If changes were irrelevant (e.g., only dependencies), it would make an "internal changes" entry.
Scan the logs printed by the tool to search for errors (incorrect changelog entries). Incorrect entries (e.g., ones without the type) should be addressed. You may need to create entries for them manually. This is done directly in CHANGELOG.md (in the root directory). Make sure to verify the proposed version after you modify the changelog.
#master
branch.@ckeditor/ckeditor-5-devops
team to review the pull request and trigger the release process.Licensed under the terms of GNU General Public License Version 2 or later. For full details about the license, please check the LICENSE.md file.
9.1.0 (2024-11-25)
FAQs
Official Angular component for CKEditor 5 – the best browser-based rich text editor.
The npm package @ckeditor/ckeditor5-angular receives a total of 53,923 weekly downloads. As such, @ckeditor/ckeditor5-angular popularity was classified as popular.
We found that @ckeditor/ckeditor5-angular demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.