Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@editorjs/editorjs
Advanced tools
We are glad to introduce the next version of Editor.js. Totally new core, structure and plugins — that was an impressive adventure 🤓.
Welcome to testing stage. Please, join a public Telegram-chat where you always find a support.
IE / Edge | Firefox | Chrome | Safari | iOS Safari | Opera |
---|---|---|---|---|---|
Edge 12+ | Firefox 18+ | Chrome 49+ | Safari 10+ | Safari 10+ | Opera 36+ |
New
— Toolbox now have beautiful helpers with Tool names and shortcutsImprovements
— Prevent navigating back on Firefox when Block is removing by backspaceNew
— Blocks selected with Rectangle Selection can be also removed, copied or cutNew
— Migrate from postcss-cssnext
to postcss-preset-env
and disable postcss-custom-properties
which conflicts with postcss-preset-env
New
RectangeSelection — Ability to select Block or several Blocks with mouseNew
Sanitize API — Sanitize Config of Block Tools
now automatically extends by tags of Inline Tools
that is enabled by current Tool by inlineToolbar
option. You don't need more to specify a, b, mark, code
manually. This feature will be added to fields that supports inline markup.New
Block Selection — Ability to select Block by CMD+A
, and the whole Editor by double CMD+A
. After that, you can copy (CMD+C
), remove (Backspace
) or clear (Enter
) selected Blocks.New
Styles API — Added button
class for stylization of any buttons provided by Tools with one unified style.New
Notifier API — methods for showing user notifications: on success, errors, warnings, etc.New
Block Tool — Table constructor 💪New
If one of the Tools is unavailable on Editor initialization, its Blocks will be rendered with Dummy Block, describing that user can not edit content of this Block. Dummy Blocks can be moved, removed and saved as normal Blocks. So saved data won't be lost if one of the Tools is failedNew
Public TS-types are presented.Changes
Tools API — options irreplaceable
and contentless
was removed.Changes
Tools API — Paste API: tags, patterns and mime-types now should be specified by Tool's pasteConfig
static property. Custom Paste Event should be handled by onPaste(event)
that should not be static from now.Changes
Tools API — options displayInToolbox
and toolboxIcon
was removed. Use toolbox
instead, that should return object with icon
and title
field, or false
if Tool should not be placed at the Toolbox. Also, there are a way to override toolbox {icon, title}
settings provided by Tool with you own settings at the Initial Config.Improvements
— All Projects code now on TypeScriptImprovements
— NPM package size decreased from 1300kb to 422kbImprovements
— Bundle size decreased from 438kb to 252kbImprovements
— Inline Toolbar
: when you add a Link to the selected fragment, Editor will highlight this fragment even when Caret is placed into the URL-input.Improvements
— Block Settings won't be shown near empty Blocks of initialType
by default. You should click on them instead.Improvements
— onChange
-callback now will be fired even with children attributes changing.Improvements
— HTMLJantior package was updated due to found vulnerabilityImprovements
— Logging improved: now all Editor's logs will be preceded by beautiful label with current Editor version.Improvements
— Internal isEmpty
checking was improved for Blocks with many children nodes (200 and more)Improvements
— Paste improvements: tags that can be substituted by Tool now will matched even on deep-level of pasted DOM three.Improvements
— There is no more «unavailable» sound on copying Block by CMD+C
on macOSImprovements
— Dozens of bugfixes and small improvementsSee a whole Changelog
While we develop the new Documentation Site with all stuff, you can check some available docs at the docs/ dir.
Sorry if we missed something. You can join a Telegram-chat and ask a question.
Editor.js is a Block-Styled editor. Blocks are structural units, of which the Entry is composed.
For example, Paragraph
, Heading
, Image
, Video
, List
are Blocks. Each Block is represented by Plugin.
We have many ready-to-use Plugins and the simple API for creation new ones.
So how to use the Editor after Installation.
TAB
or click on the Plus Button to view the ToolboxTAB
again to leaf Toolbox and select a Block you need. Then press Enter.We really appreciate shortcuts. So there are few presets.
Shortcut | Action | Restrictions |
---|---|---|
TAB | Show/leaf a Toolbox. | On empty block |
SHIFT+TAB | Leaf back a Toolbox. | While Toolbox is opened |
ENTER | Create a Block | While Toolbox is opened and some Tool is selected |
CMD+B | Bold style | On selection |
CMD+I | Italic style | On selection |
CMD+K | Insert a link | On selection |
Also we support shortcuts on the all type of Tools. Specify a shortcut with the Tools configuration. For example:
var editor = EditorJS({
//...
tools: {
header: {
class: Header,
shortcut: 'CMD+SHIFT+H'
},
list: {
class: List,
shortcut: 'CMD+SHIFT+L'
}
}
//...
});
There are few steps to run Editor.js on your site.
Firstly you need to get Editor.js itself. It is a minified script with Editor's core and some default must-have tools.
Choose the most usable method of getting Editor for you.
Install the package via NPM or Yarn
npm i @editorjs/editorjs --save-dev
Include module in your application
const EditorJS = require('@editorjs/editorjs');
You can load specific version of package from jsDelivr CDN.
https://cdn.jsdelivr.net/npm/@editorjs/editorjs@latest
Then require this script.
<script src="..."></script>
Copy editor.js file to your project and load it.
<script src="editor.js"></script>
Each Block at the Editor.js represented by Tools. There are simple external scripts with own logic. Probably you want to use several Block Tools that should be connected.
For example check out our Header Tool that represents heading blocks.
You can install Header Tool by the same way as the Editor (Node.js, CDN, local file).
Check Editor.js's community to see more ready-to-use Tools.
Example: use Header from CDN
<script src="https://cdn.jsdelivr.net/npm/codex.editor.header@2.0.4/dist/bundle.js"></script>
Create an instance of Editor.js and pass Configuration Object with holderId
and tools list.
<div id="editorjs"></div>
You can create a simple Editor with only default Paragraph Tool by passing a string with element's Id (wrapper for Editor) as a configuration param. Or use the default editorjs
id for wrapper.
var editor = new EditorJS(); /** Zero-configuration */
// equals
var editor = new EditorJS('editorjs');
Or pass a whole settings object.
var editor = new EditorJS({
/**
* Create a holder for the Editor and pass its ID
*/
holderId : 'editorjs',
/**
* Available Tools list.
* Pass Tool's class or Settings object for each Tool you want to use
*/
tools: {
header: {
class: Header,
inlineToolbar : true
},
// ...
},
/**
* Previously saved data that should be rendered
*/
data: {}
});
Call editor.saver.save()
and handle returned Promise with saved data.
editor.saver.save()
.then((savedData) => {
console.log(savedData);
});
Take a look at the example.html to view more detailed examples.
FAQs
Editor.js — open source block-style WYSIWYG editor with JSON output
The npm package @editorjs/editorjs receives a total of 85,006 weekly downloads. As such, @editorjs/editorjs popularity was classified as popular.
We found that @editorjs/editorjs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.