Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@esri/calcite-components
Advanced tools
Calcite Components, part of Esri's Calcite Design System, is a rich library of flexible, framework-agnostic web components for building applications. View the documentation for component descriptions, examples, and API reference, which includes properties, slots, styles, and theming.
The most common approach for loading Calcite Components is to use the version hosted on the CDN. The components can be loaded via <script>
and <link>
tags in the head of your HTML document:
<script
type="module"
src="https://cdn.jsdelivr.net/npm/@esri/calcite-components@2.13.0/dist/calcite/calcite.esm.js"
></script>
<link
rel="stylesheet"
type="text/css"
href="https://cdn.jsdelivr.net/npm/@esri/calcite-components@2.13.0/dist/calcite/calcite.css"
/>
Once these tags are added, components can be used like any other HTML element. Only components that are used in the application will be loaded.
Calcite Components is also provided as an NPM package. To get started, first install the package, then follow the steps below. Alternatively, you can find examples using different frameworks and build tools here.
npm install @esri/calcite-components
Choose one of the two builds provided by Calcite Components.
Custom Elements is the recommended build when leveraging a frontend framework. To use this build, you will need to set the path to Calcite Components' assets. You can either use local assets, which will be explained in a subsequent step, or assets hosted on the CDN.
import { setAssetPath } from "@esri/calcite-components/dist/components";
// CDN hosted assets
setAssetPath("https://cdn.jsdelivr.net/npm/@esri/calcite-components/dist/calcite/assets");
// Local assets
// setAssetPath(PATH); // PATH depends on framework, more info below
Next, you need to import each component you use from the custom elements build. This will automatically define the custom elements on the window.
import "@esri/calcite-components/dist/components/calcite-button";
import "@esri/calcite-components/dist/components/calcite-icon";
import "@esri/calcite-components/dist/components/calcite-slider";
When using the Distribution build, you'll need to define the custom elements on the window. You can also choose between local and CDN hosted assets.
import { defineCustomElements } from "@esri/calcite-components/dist/loader";
// CDN hosted assets
defineCustomElements(window, {
resourcesUrl: "https://cdn.jsdelivr.net/npm/@esri/calcite-components/dist/calcite/assets",
});
// Local assets
// defineCustomElements(window);
Since you defined the custom elements on the window, you do not need to import individual components.
Some components, such as calcite-icon
and calcite-date-picker
, rely on assets being available at a particular path. As mentioned, with the NPM package you have the option to provide a local path or the URL to the assets hosted on the CDN. Using the CDN hosted assets can help decrease on disk build size.
To use the assets locally, they need to be copied using a build tool or NPM script. The directory for the local assets must be named assets
, which eases the copying process. For example, /public/calcite/assets
will work, however /public/calcite-assets
will not.
The Calcite Components examples repo demonstrates using local assets in a variety of JavaScript frameworks and build tools. Each example has a README with a framework or build tool specific explanation.
cp -r node_modules/@esri/calcite-components/dist/calcite/assets/* ./public/assets/
Finally, load the Cascading Style Sheet (CSS). This is also dependent on your framework or build tool, however in many cases it can be imported in JavaScript:
import "@esri/calcite-components/dist/calcite/calcite.css";
Stencil provides a full set of typings for all the components in this repo. To make TypeScript aware of these components, just import the library:
import "@esri/calcite-components";
This will provide autocomplete of component names/properties, as well as additional HTML element types:
// created elements will implicitly have the correct type already
const loader = document.createElement("calcite-loader");
document.body.appendChild(loader);
loader.active = true;
// you can also explicitly type an element using the generated types
// the type name will always be formatted like HTML{CamelCaseComponentName}Element
const loader = document.querySelector(".my-loader-element") as HTMLCalciteLoaderElement;
loader.active = true;
@stencil/core
VersionWhen using Stencil, make sure the @stencil/core
version in your project matches the one used by Calcite Components. You may run into type errors if the @stencil/core
versions are different. You can install the same Stencil version used by @esri/calcite-components
:
npm install @stencil/core@$(npm view @esri/calcite-components dependencies["@stencil/core"])
Chrome | Firefox | Safari | Edge |
---|---|---|---|
Last 2 versions ✔ |
We welcome contributions to this project. See CONTRIBUTING.md for an overview of contribution guidelines.
COPYRIGHT © 2024 Esri
All rights reserved under the copyright laws of the United States and applicable international laws, treaties, and conventions.
This material is licensed for use under the Esri Master License Agreement (MLA), and is bound by the terms of that agreement. You may redistribute and use this code without modification, provided you adhere to the terms of the MLA and include this copyright notice.
See use restrictions at http://www.esri.com/legal/pdfs/mla_e204_e300/english
For additional information, contact: Environmental Systems Research Institute, Inc. Attn: Contracts and Legal Services Department 380 New York Street Redlands, California, USA 92373 USA
email: contracts@esri.com
FAQs
Web Components for Esri's Calcite Design System.
We found that @esri/calcite-components demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 42 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.