Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@codemirror/language
Advanced tools
Language support infrastructure for the CodeMirror code editor
The @codemirror/language package is part of the CodeMirror ecosystem, which provides a versatile text editor implemented in JavaScript for the browser. This specific package focuses on language support, offering tools and functionality to parse, analyze, and display code written in various programming languages. It allows for syntax highlighting, code parsing for autocompletion, and other language-specific features within the CodeMirror editor.
Syntax Highlighting
This feature allows for syntax highlighting of JavaScript code within the CodeMirror editor. By importing the JavaScript language support from the package and applying it as an extension to the editor, the code within the editor is automatically highlighted according to the syntax of JavaScript.
import {javascript} from '@codemirror/lang-javascript';
let myEditor = new EditorView({
doc: 'function myScript(){\n console.log(\"Hello, world!\");\n}',
extensions: [javascript()]
});
Code Parsing for Autocompletion
This code sample demonstrates how to enable autocompletion for JavaScript code. By combining the JavaScript language support with the autocomplete extension from CodeMirror, the editor can suggest completions based on the current context in the code, enhancing the coding experience.
import {javascript} from '@codemirror/lang-javascript';
import {autocomplete, startCompletion} from '@codemirror/autocomplete';
let myEditor = new EditorView({
doc: 'console.',
extensions: [javascript(), autocomplete(), EditorView.updateListener.of(update => {
if (update.changes) startCompletion(myEditor);
})]
});
The Monaco Editor is the code editor that powers VS Code, offering rich language support and development features. Compared to @codemirror/language, Monaco provides a more extensive set of features out of the box, including integrated syntax highlighting, autocompletion, and debugging for a wide range of languages. However, it might be heavier and more complex to integrate into web projects.
Ace is another popular code editor library that can be embedded in web pages and applications. Similar to @codemirror/language, it offers syntax highlighting, autocompletion, and other editing features for various programming languages. Ace is known for its extensibility and customizability, though it might not be as modern or as actively developed as CodeMirror.
[ WEBSITE | DOCS | ISSUES | FORUM | CHANGELOG ]
This package implements the language support infrastructure for the CodeMirror code editor.
The project page has more information, a number of examples and the documentation.
This code is released under an MIT license.
We aim to be an inclusive, welcoming community. To make that explicit, we have a code of conduct that applies to communication around the project.
6.10.8 (2024-12-23)
Fix a regression introduced 6.10.7 that caused indention to sometimes crash on nested language boundaries.
FAQs
Language support infrastructure for the CodeMirror code editor
We found that @codemirror/language demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.