
Security News
Next.js Patches Critical Middleware Vulnerability (CVE-2025-29927)
Next.js has patched a critical vulnerability (CVE-2025-29927) that allowed attackers to bypass middleware-based authorization checks in self-hosted apps.
@jeffrafter/codemirror-view
Advanced tools
[ WEBSITE | DOCS | ISSUES | FORUM | CHANGELOG ]
This package implements the DOM view component for the CodeMirror code editor.
The project page has more information, a number of examples and the documentation.
This code is released under an MIT license.
We aim to be an inclusive, welcoming community. To make that explicit, we have a code of conduct that applies to communication around the project.
6.23.0 (2023-12-28)
Work around odd iOS Safari behavior when doing select all.
Fix a composition interruption when an widget is inserted next to the cursor.
Fix a crash in bidirectional cursor motion.
Simplify visual motion through bidirectional text, fix several corner cases where it would work badly.
Fix a bug that broke some bidi isolates not on the first line of the document.
EditorView.bidiIsolatedRanges
now supports automatically determining the direction of the range if not provided by the decoration.
EditorView.visualLineSide
can be used to find the visual end or start of a line with bidirectional text.
The new EditorView.outerDecorations
facet can be used to provide decorations that should always be at the bottom of the precedence stack.
FAQs
DOM view component for the CodeMirror code editor
We found that @jeffrafter/codemirror-view demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Next.js has patched a critical vulnerability (CVE-2025-29927) that allowed attackers to bypass middleware-based authorization checks in self-hosted apps.
Security News
A survey of 500 cybersecurity pros reveals high pay isn't enough—lack of growth and flexibility is driving attrition and risking organizational security.
Product
Socket, the leader in open source security, is now available on Google Cloud Marketplace for simplified procurement and enhanced protection against supply chain attacks.