Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@esri/calcite-components
Advanced tools
Shared Web Components for Esri's Calcite design framework. To see the components in action, check out the example site (TODO: set up gh-pages).
Documentation for each component can be found within that component's directory in a generated readme.md
file. This file will cover all the events and attributes each component uses.
The current lineup of components is:
Note: Some of the below instructions won't work, as this library is not yet published to npm.
npm install --save @esri/calcite-components
Calcite components can be loaded via two <script>
tags in the head of your HTML document:
<script type="module" src="https://unpkg.com/@esri/calcite-components@0.0.0-alpha.3/dist/calcite/calcite.esm.js"></script>
<script nomodule="" src="https://unpkg.com/@esri/calcite-components@0.0.0-alpha.3/dist/calcite/calcite.js"></script>
Browsers that support modules will load the first, while older browsers will load the second, bundled version.
Once these script tags are added, components can be used just like any other HTML element. Only components that are actually used will be loaded.
If you already have a webpack build for your project, you can use @stencil/webpack to add calcite-components to your bundle.
After installing calcite-components, install the plugin as a dev dependency:
npm install --save-dev @stencil/webpack
Then import and call the plugin in webpack.config.js
:
const stencil = require('@stencil/webpack');
module.exports = {
...
plugins: [
new stencil.StencilPlugin()
]
}
Lastly, add the import in your main bundle js (or ts) file:
import '@esri/calcite-components/dist/calcite.js';
This will add the initial stencil loader to your bundle, and copy over the actual component code to the output directory you've configured for Webpack. Components will still be lazy-loaded as they are needed. Note: you must use the .js
file path for the Webpack plugin to work correctly, even if your bundle file is a TypeScript file.
Stencil provides a full set of typings for all the components in this repo. To make TypeScript aware of these components, just import the library:
import '@esri/calcite-components';
This will provide autocomplete of component names/properties, as well as additional HTML element types:
// created elements will implicitly have the correct type already
const loader = document.createElement('calcite-loader');
document.body.appendChild(loader);
loader.isActive = true;
// you can also explicitly type an element using the generated types
// the type name will always be formatted like HTML{CamelCaseComponentName}Element
const loader = document.querySelector('.my-loader-element') as HTMLCalciteLoaderElement;
loader.isActive = true;
We welcome contributions to this project. See CONTRIBUTING.md for an overview of contribution guidelines.
Apache 2.0. For a full copy of the license, see the LICENSE file.
FAQs
Web Components for Esri's Calcite Design System.
The npm package @esri/calcite-components receives a total of 76,332 weekly downloads. As such, @esri/calcite-components popularity was classified as popular.
We found that @esri/calcite-components demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 42 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.