Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@ckeditor/ckeditor5-engine
Advanced tools
The editing engine of CKEditor 5 – the best browser-based rich text editor.
@ckeditor/ckeditor5-engine is a core package of CKEditor 5, a modern JavaScript rich text editor. This package provides the engine that powers the editor, including the data model, editing view, and rendering process. It is highly modular and extensible, allowing developers to create custom editing experiences.
Creating a Document
This feature allows you to create a new document instance, which is the core of the editing engine. The document holds the data model and manages the editing operations.
const { Document } = require('@ckeditor/ckeditor5-engine');
const doc = new Document();
console.log(doc);
Adding a Root Element
This feature allows you to add a root element to the document. The root element is the top-level container for the document's content.
const { Document } = require('@ckeditor/ckeditor5-engine');
const doc = new Document();
const root = doc.createRoot();
console.log(root);
Inserting Text
This feature allows you to insert text into the document. The Writer class is used to perform editing operations on the document.
const { Document, Writer } = require('@ckeditor/ckeditor5-engine');
const doc = new Document();
const root = doc.createRoot();
const writer = new Writer();
writer.insertText('Hello, world!', root);
console.log(root);
Listening to Changes
This feature allows you to listen to changes in the document. The document emits events whenever its content is modified, enabling you to react to these changes.
const { Document } = require('@ckeditor/ckeditor5-engine');
const doc = new Document();
doc.on('change', (event, batch) => {
console.log('Document changed:', batch);
});
ProseMirror is a toolkit for building rich-text editors on the web. It provides a similar data model and editing capabilities as @ckeditor/ckeditor5-engine but is more low-level, offering greater flexibility at the cost of requiring more setup and configuration.
Slate is another framework for building rich text editors. It offers a more React-friendly API compared to @ckeditor/ckeditor5-engine and is highly customizable. However, it may require more effort to implement complex features.
Quill is a modern WYSIWYG editor built for compatibility and extensibility. It provides a simpler API compared to @ckeditor/ckeditor5-engine and is easier to get started with, but it may not offer the same level of customization and control.
The CKEditor 5 editing engine implements a flexible MVC-based architecture for creating rich text editing features.
This plugin is part of the ckeditor5
package. Install the whole package to use it.
npm install ckeditor5
If you want to check full CKEditor 5 capabilities, sign up for a free non-commitment 14-day trial.
contentEditable
nightmares!For a general introduction see the Overview of CKEditor 5 Framework guide and then the Editing engine architecture guide.
Additionally, refer to the @ckeditor/ckeditor5-engine
package page in CKEditor 5 documentation for even more information.
Licensed under the terms of GNU General Public License Version 2 or later. For full details about the license, please check the LICENSE.md
file or https://ckeditor.com/legal/ckeditor-oss-license.
FAQs
The editing engine of CKEditor 5 – the best browser-based rich text editor.
We found that @ckeditor/ckeditor5-engine demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.