Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
@ckeditor/ckeditor5-vue
Advanced tools
Changelog
5.1.0 (2023-04-18)
disableTwoWayDataBinding
property that allows disabling the two-way data binding. It increases performance when working with large documents. Closes ckeditor/ckeditor5-vue#246. (commit)Readme
⚠️ This repository contains the CKEditor 5 component for Vue.js 3+
. The component for lower Vue.js versions is located in another repository - @ckeditor/ckeditor5-vue2.
Official CKEditor 5 rich text editor component for Vue.js.
See the "Rich text editor component for Vue.js" guide in the CKEditor 5 documentation to learn more:
After cloning this repository, install necessary dependencies:
yarn install
yarn run test -- [additional options]
# or
yarn t -- [additional options]
The command accepts the following options:
--coverage
(-c
) – Whether to generate the code coverage.--source-map
(-s
) – Whether to attach the source maps.--watch
(-w
) – Whether to watch test files.--reporter
(-r
) – Reporter for Karma (default: mocha
, can be changed to dots
).--browsers
(-b
) – Browsers that will be used to run tests (default: Chrome
, available: Firefox
).If you are going to change the component (src/ckeditor.js
) or plugin (src/plugin.js
) files, remember about rebuilding the package. You can use yarn run develop
in order to do it automatically.
Build a minified version of the package that is ready to publish:
yarn run build
yarn run changelog
When symlinking the component in an application generated using Vue CLI, make sure your vue.config.js
file configures webpack in the following way:
module.exports = {
configureWebpack: {
resolve: {
symlinks: false
}
}
};
Otherwise, the application will fail to load the component correctly and, as a result, it will throw a build error.
Before releasing a new version, run a demo project to confirm that the integration works in a real-world scenario.
demo
folder.yarn dev
to see if the integration works as expected.yarn build
to see if the project with the integration builds without errors.Dependencies in the `demo` project need to be reinstalled after any changes to the integration, because in `package.json` we use `file:` instead of `link:` due to Vite limitations. Unlike `link:`, which creates a symlink to the integration, `file:` copies its contents when `yarn install` is run and never updates after that.
Before starting the release process, you need to generate the changelog:
yarn run changelog
After generating the changelog, you are able to release the package.
First, you need to bump the version:
yarn run release:bump-version
You can also use the --dry-run
option in order to see what this task does.
After bumping the version, you can publish the changes:
yarn run release:publish
Note: Only the dist/
directory will be published.
Licensed under the terms of GNU General Public License Version 2 or later. For full details about the license, please check the LICENSE.md file.
FAQs
Official Vue.js 3+ component for CKEditor 5 – the best browser-based rich text editor.
The npm package @ckeditor/ckeditor5-vue receives a total of 38,778 weekly downloads. As such, @ckeditor/ckeditor5-vue popularity was classified as popular.
We found that @ckeditor/ckeditor5-vue demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.