Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@markprompt/web
Advanced tools
A web component for adding GPT-4 powered search using the Markprompt API.
A prebuilt version of the Markprompt dialog, based on @markprompt/react
, built
with Preact for bundle-size savings. Viable for use from vanilla JavaScript or
any framework.
Install the package from NPM:
npm add @markprompt/web @markprompt/css
Include the CSS on your page, via a link tag or by importing it in your JavaScript:
<!-- load from a CDN: -->
<link rel="stylesheet" href="https://esm.sh/@markprompt/css@0.30.1?css" />
import '@markprompt/css';
Call the markprompt
function with your project key:
import { markprompt } from '@markprompt/web';
const markpromptEl = document.querySelector('#markprompt');
markprompt('YOUR-PROJECT-KEY', markpromptEl, {
references: {
getHref: (reference) => reference.file.path.replace(/\.[^.]+$/, '');
getLabel: (reference) => {
return reference.meta?.leadHeading?.value || reference.file?.title;
}
},
});
where YOUR-PROJECT-KEY
can be obtained in your project settings on
Markprompt.com.
Options are optional and allow you to configure the texts and links used in the component to some extent. You will most likely want to pass references.getHref
and reference.getLabel
to transform your prompt references into links to your corresponding documentation, and search.getHref
to transform search result paths into links to your documentation.
Styles are easily overridable for customization via targeting classes. Additionally, see the theming section in our documentation for a full list of variables.
<script>
tagBesides initializing the Markprompt component yourselves from JavaScript, you can load the script from a CDN. You can attach the options for the Markprompt component to the window prior to loading our script:
<link rel="stylesheet" href="https://esm.sh/@markprompt/css@latest?css" />
<script>
window.markprompt = {
projectKey: `YOUR-PROJECT-KEY`,
container: `#markprompt`,
options: {
references: {
getHref: (reference) => reference.file?.path?.replace(/\.[^.]+$/, ''),
getLabel: (reference) => {
return reference.meta?.leadHeading?.value || reference.file?.title;
},
},
},
};
</script>
<script type="module" src="https://esm.sh/@markprompt/web@latest/init"></script>
<div id="markprompt"></div>
[!IMPORTANT] Consider locking the versions of your dependencies to avoid breaking changes. Always use versions that have been published at the same time.
markprompt(projectKey, container, options?)
Render a Markprompt dialog button.
projectKey
(string
): Your Markprompt project key.container
(HTMLElement | string
): The element or selector to render
Markprompt into.options
(object
): Options for customizing Markprompt, see above.When rendering the Markprompt component, it will render a search input-like button by default. You have two other options:
trigger.floating = true
to render a floating buttontrigger.customElement = true
, then
import { openMarkprompt } from '@markprompt/react'
and call
openMarkprompt()
from your code. This gives you the flexibility to render
your own trigger element and attach whatever event handlers you would like
and/or open the Markprompt dialog programmatically.markpromptOpen()
Open the Markprompt dialog programmatically.
markpromptClose()
Close the Markprompt dialog programmatically.
markpromptChat(projectKey, container, options?)
Render the Markprompt chat view standalone, outside of a dialog.
projectKey
(string
): Your Markprompt project key.container
(HTMLElement | string
): The element or selector to render
Markprompt into.options
(object
): Options for customizing Markprompt.ticketDeflectionForm(container, options)
Renders a standalone ticket deflection form into the provided container.
container
(HTMLElement | string
): The element or selector to render the form into.options
(object
): Options for customizing the form, see below.Find the full documentation and implementation examples for the SDK on the Markprompt docs.
This library is created by the team behind Markprompt (@markprompt).
FAQs
A web component for adding GPT-4 powered search using the Markprompt API.
We found that @markprompt/web demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.