What is @ckeditor/ckeditor5-engine?
@ckeditor/ckeditor5-engine is a core package of CKEditor 5, a modern JavaScript rich text editor. This package provides the engine that powers the editor, including the data model, editing view, and rendering process. It is highly modular and extensible, allowing developers to create custom editing experiences.
What are @ckeditor/ckeditor5-engine's main functionalities?
Creating a Document
This feature allows you to create a new document instance, which is the core of the editing engine. The document holds the data model and manages the editing operations.
const { Document } = require('@ckeditor/ckeditor5-engine');
const doc = new Document();
console.log(doc);
Adding a Root Element
This feature allows you to add a root element to the document. The root element is the top-level container for the document's content.
const { Document } = require('@ckeditor/ckeditor5-engine');
const doc = new Document();
const root = doc.createRoot();
console.log(root);
Inserting Text
This feature allows you to insert text into the document. The Writer class is used to perform editing operations on the document.
const { Document, Writer } = require('@ckeditor/ckeditor5-engine');
const doc = new Document();
const root = doc.createRoot();
const writer = new Writer();
writer.insertText('Hello, world!', root);
console.log(root);
Listening to Changes
This feature allows you to listen to changes in the document. The document emits events whenever its content is modified, enabling you to react to these changes.
const { Document } = require('@ckeditor/ckeditor5-engine');
const doc = new Document();
doc.on('change', (event, batch) => {
console.log('Document changed:', batch);
});
Other packages similar to @ckeditor/ckeditor5-engine
prosemirror
ProseMirror is a toolkit for building rich-text editors on the web. It provides a similar data model and editing capabilities as @ckeditor/ckeditor5-engine but is more low-level, offering greater flexibility at the cost of requiring more setup and configuration.
slate
Slate is another framework for building rich text editors. It offers a more React-friendly API compared to @ckeditor/ckeditor5-engine and is highly customizable. However, it may require more effort to implement complex features.
quill
Quill is a modern WYSIWYG editor built for compatibility and extensibility. It provides a simpler API compared to @ckeditor/ckeditor5-engine and is easier to get started with, but it may not offer the same level of customization and control.
CKEditor 5 editing engine
The CKEditor 5 editing engine implements a flexible MVC-based architecture for creating rich text editing features.
Architecture overview
- Custom data model. CKEditor 5 implements a tree-structured custom data model, designed to fit multiple requirements such as enabling real-time collaboration and complex editing features (like tables or nested blocks).
- Virtual DOM. CKEditor 5's editing engine features a custom, editing-oriented virtual DOM implementation that aims to hide browser quirks from your sight. No more
contentEditable
nightmares! - Real-time collaborative editing. The editor implements Operational Transformation for the tree-structured model as well as many other mechanisms which were required to create a seamless collaborative UX. Additionally, we provide cloud infrastructure and plugins enabling real-time collaborative editing in your application! Check the collaboration demo.
- Extensible. The entire editor architecture was designed for maximum flexibility. The code is event-based and highly decoupled, allowing you to plug in or replace selected pieces. Features do not directly depend on each other and communicate in standardized ways.
- Schema-less core. The core makes minimal assumptions and can be controlled through the schema. This leaves all decisions to plugins and to you.
- Modular architecture. Not only can the core modules be reused and recomposed but even the features were implemented in a highly granular way. Feel like running a headless CKEditor 5 with a couple of features in Node.js? Not a problem!
- Framework for building rich-text editors. Every use case is different and every editor needs to fulfill different goals. Therefore, we give you the freedom to create your own editors with custom-tailored features and UI.
- Heavily tested from day one. CKEditor 5 comes with 3x more tests than React itself. All packages have 100% code coverage.
- 8+ years of support. It is not yet another framework to be gone next year or a hyped proof-of-concept to fail in a real-life scenario. We have over 15 years of experience in creating rich text editors and invested over 4 years in designing and building your next future-proof rich text editor of choice.
Documentation
For a general introduction see the Overview of CKEditor 5 Framework guide and then the Editing engine architecture guide.
Additionally, refer to the @ckeditor/ckeditor5-engine
package page in CKEditor 5 documentation for even more information.
Installation
npm install ckeditor5
License
Licensed under the terms of GNU General Public License Version 2 or later. For full details about the license, please check the LICENSE.md
file or https://ckeditor.com/legal/ckeditor-oss-license.
43.1.1 (September 25, 2024)
We are happy to announce the release of CKEditor 5 v43.1.1.
During a recent internal audit, we identified a Cross-Site Scripting (XSS) vulnerability in the CKEditor 5 clipboard package (CVE-2024-45613
). This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert malicious content into the editor, which might happen with a very specific editor configuration.
This vulnerability affects only installations where the editor configuration meets the following criteria:
- The Block Toolbar plugin is enabled.
- One of the following plugins is also enabled:
You can read more details in the relevant security advisory and contact us if you have more questions.
Taking the occasion, we decided to introduce additional hardening to some parts of our codebase that introduce theoretical and unexploitable issues. Our security team confirmed that none of these issues were exploitable in a real scenario, however, we decided to fix them, in order to increase the overall security posture of our software.
Released packages
Check out the Versioning policy guide for more information.
<details>
<summary>Released packages (summary)</summary>
Other releases:
</details>