Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@domql/domql
Advanced tools
DOM rendering Javascript framework.
You can start with starter-kit as a boilerplate, or jump into the live editor playground.
Key features:
To install all dependencies and run dev server, run:
yarn && yarn start
Initialization:
import DOM from '@rackai/domql'
DOM.create({ text: 'Rendered' })
Attributes:
var link = {
tag: 'a',
class: 'menu link',
attr: {
href: '#'
}
}
var img = {
tag: 'img',
class: 'avatar',
attr: {
src: '...'
}
}
Reusing:
var Link = {
tag: 'a'
}
var ListItem = {
proto: Link,
class: 'ui link',
attr: {
href: '#'
}
}
var menu = {
childProto: ListItem,
home: 'Home',
text: 'About'
}
var header = {
logo: {},
menu
}
Array Support:
var navItems = ['Home', 'About', 'FAQ', 'Contact']
var menu = {
proto: ListItem,
...navItems
}
Update:
var val = {
text: 0
}
var Increment = {
tag: 'button',
text: 'Increment',
on: {
click: (e) => {
val.update({ text: val.text++ })
}
}
}
Property | Type | Description | Default |
---|---|---|---|
key | Number String | Defines the key of the Element | The key of the object, or randomly generated name |
proto | Object Array | Clones the other element | undefined |
childProto | Object Array | Specifies the proto for all child elements | undefined |
tag | String | Specifis the HTML tag | div or related HTML tag if the key matches |
class | Any | Specifies the HTML class | undefined |
attr | Object | Specifies the set of HTML attributes | {} |
text | Any | Text inside the element | undefined |
content | Object Array | Fragment wrapper to use dynamic content loading | undefined |
To specify your own property per Element, set the function inside define
property like:
var User = {
define: {
username: param => param.toUpperCase()
},
text: element => element.username
}
var Contact = {
proto: User,
username: 'nikoloza'
}
Method | Description | Params |
---|---|---|
update | Updates element by passed object | properties : Object Array |
set | Sets passed element in the content property | element : Object Array |
All native DOM events are supported and can be specified inside on
parameter. Additionally, init
and render
can be also invoked. All events except these two receive event
object as a first parameter, following the element
object itself.
key
tag
node
proto
on
class
text
data
style
attr
update
set
define
Anything except these keywords will create a new nested child element. The easier method to specify HTML tag is to use related nodeName as a key, for example:
var layout = { // this will be <div>
header: {}, // will create <header>
aside: {}, // will create <aside>
main: { // will create <main>
childProto: {
article: { // will create <article>
title: {}, // will create <div>
description: {}, // will create <div>
_rating: {} // will create <div class="rating">
}
}
},
footer: {} // will create <footer>
}
Inspired by brisky
FAQs
DOM rendering Javascript framework at early stage.
The npm package @domql/domql receives a total of 18 weekly downloads. As such, @domql/domql popularity was classified as not popular.
We found that @domql/domql demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.