
Research
/Security News
Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
@lexical/react
Advanced tools
This package provides Lexical components and hooks for React applications.
@lexical/react
This package provides a set of components and hooks for Lexical that allow for text editing in React applications.
Install lexical
and @lexical/react
:
npm install --save lexical @lexical/react
Below is an example of a basic plain text editor using lexical
and @lexical/react
(try it yourself).
import {$getRoot, $getSelection} from 'lexical';
import {useEffect} from 'react';
import {LexicalComposer} from '@lexical/react/LexicalComposer';
import {PlainTextPlugin} from '@lexical/react/LexicalPlainTextPlugin';
import {ContentEditable} from '@lexical/react/LexicalContentEditable';
import {HistoryPlugin} from '@lexical/react/LexicalHistoryPlugin';
import {OnChangePlugin} from '@lexical/react/LexicalOnChangePlugin';
import {useLexicalComposerContext} from '@lexical/react/LexicalComposerContext';
const theme = {
// Theme styling goes here
...
}
// When the editor changes, you can get notified via the
// LexicalOnChangePlugin!
function onChange(editorState) {
editorState.read(() => {
// Read the contents of the EditorState here.
const root = $getRoot();
const selection = $getSelection();
console.log(root, selection);
});
}
// Lexical React plugins are React components, which makes them
// highly composable. Furthermore, you can lazy load plugins if
// desired, so you don't pay the cost for plugins until you
// actually use them.
function MyCustomAutoFocusPlugin() {
const [editor] = useLexicalComposerContext();
useEffect(() => {
// Focus the editor when the effect fires!
editor.focus();
}, [editor]);
return null;
}
// Catch any errors that occur during Lexical updates and log them
// or throw them as needed. If you don't throw them, Lexical will
// try to recover gracefully without losing user data.
function onError(error) {
throw error;
}
function Editor() {
const initialConfig = {
namespace: 'MyEditor',
theme,
onError,
};
return (
<LexicalComposer initialConfig={initialConfig}>
<PlainTextPlugin
contentEditable={
<ContentEditable
aria-placeholder={'Enter some text...'}
placeholder={<div>Enter some text...</div>}
/>
}
/>
<OnChangePlugin onChange={onChange} />
<HistoryPlugin />
<MyCustomAutoFocusPlugin />
</LexicalComposer>
);
}
Draft.js is a framework for building rich text editors in React. It provides a set of immutable models and helper functions to manage editor state and content. Compared to @lexical/react, Draft.js is more mature but may require more boilerplate code for advanced features.
Slate is a highly customizable framework for building rich text editors in React. It offers a more flexible and extensible architecture compared to @lexical/react, allowing developers to define their own data models and editor behaviors. However, this flexibility can come with a steeper learning curve.
Quill is a modern WYSIWYG editor built for the web. It provides a rich set of features out of the box, including formatting, themes, and modules for extending functionality. Quill is less focused on React specifically but can be integrated with React applications using wrappers like react-quill.
FAQs
This package provides Lexical components and hooks for React applications.
The npm package @lexical/react receives a total of 992,339 weekly downloads. As such, @lexical/react popularity was classified as popular.
We found that @lexical/react demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
Security News
Socket now integrates with Bun 1.3’s Security Scanner API to block risky packages at install time and enforce your organization’s policies in local dev and CI.
Research
The Socket Threat Research Team is tracking weekly intrusions into the npm registry that follow a repeatable adversarial playbook used by North Korean state-sponsored actors.