Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@coveo/atomic
Advanced tools
A web-component library for building modern UIs interfacing with the Coveo platform
A web-component library for building modern UIs interfacing with the Coveo platform. Atomic web-components are built with Stencil. They are self-encapsulated, composable, and light-weight.
Using the library: Coveo Atomic Library Official Documentation.
The @coveo/atomic
package exposes the following entry points:
@coveo/atomic
: exports various types and utilities used by Coveo Atomic.@coveo/atomic/loader
: exports the Coveo Atomic components types, as well as the defineCustomElements
and setNonce
utilities.@coveo/atomic/themes
: exports the sample Coveo Atomic themes.@coveo/atomic/assets
: exports the SVG icons used by Coveo Atomic.@coveo/atomic/lang
: exports the localization files used by Coveo Atomic.Once you have cloned the repo, follow the instructions in the top-level README.md to install dependencies and link packages.
To start the project in development mode, run:
npm run start
To build the library for production, run:
npm run build
To run the unit tests for the components, run:
npm test
To open cypress, run:
npm run e2e:watch
To run all the test, run:
npm run e2e
To run all the test in Firefox:
npm run e2e:firefox
To test the current Atomic build against the hosted search pages for Trials, use the following commands:
npm run e2e:hsp:watch
npm run e2e:hsp
npm run e2e:hsp:firefox
When building Atomic components, a series of decorators are used to make development faster.
InitializeBindings
is a utility that automatically fetches the bindings
from the parent atomic-search-interface
or atomic-external
component. This decorator has to be applied to a property named bindings
.
Important In order for a component using this decorator to render properly, it should have an internal state bound to one of the properties from bindings
. This is possible by using the BindStateToController
decorator along with a State
decorator.
Here is a complete example:
import {
InitializeBindings,
InitializableComponent,
BindStateToController,
Bindings,
} from '@coveo/atomic';
import {ControllerState, Controller, buildController} from '@coveo/headless';
import {Component, State} from '@stencil/core';
@Component({
tag: 'atomic-component',
})
export class AtomicComponent implements InitializableComponent {
@InitializeBindings() public bindings!: Bindings;
private controller!: Controller;
// Automatically subscribes the `controllerState` to the state of the `controller`
@BindStateToController('controller')
@State()
private controllerState!: ControllerState;
// Method called after bindings are defined, where controllers should be initialized
public initialize() {
this.controller = buildController(this.bindings.engine);
}
render() {
return [this.strings.value(), this.controllerState.value];
}
}
ResultContext
is a utility that automatically fetches the result
from the parent component's rendered atomic-result
. This utility is used inside of custom result template components.
import {ResultContext} from '@coveo/atomic';
import {Component, State} from '@stencil/core';
@Component({
tag: 'atomic-result-component',
})
export class AtomicResultComponent {
@ResultContext() private result!: Result;
@State() public error!: Error;
public render() {
return this.result.title;
}
}
FAQs
A web-component library for building modern UIs interfacing with the Coveo platform
We found that @coveo/atomic demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.