Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@polymer/polymer
Advanced tools
The Polymer library makes it easy to create your own web components. Give your element some markup and properties, and then use it on a site. Polymer provides features like dynamic templates and data binding to reduce the amount of boilerplate you need to
@polymer/polymer is a library for building web components using the Polymer framework. It provides a set of features to create reusable, encapsulated HTML elements with custom behavior.
Define a Custom Element
This feature allows you to define a custom HTML element with specific properties and behaviors. The example shows how to create a custom element named 'my-element' with a property 'myProperty'.
class MyElement extends Polymer.Element {
static get is() { return 'my-element'; }
static get properties() {
return {
myProperty: {
type: String,
value: 'default value'
}
};
}
}
customElements.define(MyElement.is, MyElement);
Data Binding
This feature allows you to bind data to your custom element's template. The example shows how to bind the 'myProperty' value to a div inside the custom element's template.
<dom-module id="my-element">
<template>
<div>{{myProperty}}</div>
</template>
<script>
class MyElement extends Polymer.Element {
static get is() { return 'my-element'; }
static get properties() {
return {
myProperty: {
type: String,
value: 'default value'
}
};
}
}
customElements.define(MyElement.is, MyElement);
</script>
</dom-module>
Event Handling
This feature allows you to handle events within your custom element. The example shows how to handle a click event on a button inside the custom element's template.
<dom-module id="my-element">
<template>
<button on-click="handleClick">Click me</button>
</template>
<script>
class MyElement extends Polymer.Element {
static get is() { return 'my-element'; }
handleClick() {
console.log('Button clicked');
}
}
customElements.define(MyElement.is, MyElement);
</script>
</dom-module>
LitElement is a simple base class for creating fast, lightweight web components. It uses lit-html to render templates and provides a reactive property system. Compared to @polymer/polymer, LitElement is more lightweight and has a smaller API surface.
Stencil is a compiler that generates Web Components and builds high-performance web apps. It combines the best concepts of the most popular frameworks into a simple build-time tool. Stencil is more focused on performance and modern web standards compared to @polymer/polymer.
SkateJS is a library for building web components that focuses on being small and performant. It provides a simple API for defining custom elements and managing their lifecycle. SkateJS is more minimalistic and performance-oriented compared to @polymer/polymer.
ℹ️ Note: This is the current stable version of the Polymer library. At Google I/O 2018 we announced a new Web Component base class,
LitElement
, as a successor to thePolymerElement
base class in this library.If you're starting a new project, we recommend that you consider using LitElement instead.
If you have a project you've built with an earlier version of the Polymer library, we recommend that you migrate to 3.0 for best compatibility with the JavaScript ecosystem. Thanks to the interoperability of Web Components, elements built with Polymer 3.0 and LitElement can be mixed and matched in the same app, so once you have updated your project to Polymer 3.0, you can migrate to LitElement incrementally, one element at a time. See our blog post on the Polymer Project roadmap for more information.
Polymer lets you build encapsulated, reusable Web Components that work just like standard HTML elements, to use in building web applications. Using a Web Component built with Polymer is as simple as importing its definition then using it like any other HTML element:
<!-- Import a component -->
<script src="https://unpkg.com/@polymer/paper-checkbox@next/paper-checkbox.js?module" type="module" ></script>
<!-- Use it like any other HTML element -->
<paper-checkbox>Web Components!</paper-checkbox>
Web Components are now implemented natively on Safari and Chrome (~70% of installed browsers), and run well on Firefox, Edge, and IE11 using polyfills. Read more below.
The easiest way to try out Polymer is to use one of these online tools:
Runs in all supported browsers: StackBlitz, Glitch
Runs in browsers with JavaScript Modules: JSBin, CodePen.
You can also save this HTML file to a local file and run it in any browser that supports JavaScript Modules.
When you're ready to use Polymer in a project, install it via npm. To run the project in the browser, a module-compatible toolchain is required. We recommend installing the Polymer CLI to and using its development server as follows.
Add Polymer to your project:
npm i @polymer/polymer
Create an element by extending PolymerElement and calling customElements.define
with your class (see the examples below).
Install the Polymer CLI:
npm i -g polymer-cli
Run the development server and open a browser pointing to its URL:
polymer serve --npm
Polymer 3.0 is published on npm using JavaScript Modules. This means it can take advantage of the standard native JavaScript module loader available in all current major browsers.
However, since Polymer uses npm conventions to reference dependencies by name, a light transform to rewrite specifiers to URLs is required to run in the browser. The polymer-cli's development server
polymer serve
, as well aspolymer build
(for building an optimized app for deployment) automatically handles this transform.
Tools like webpack and Rollup can also be used to serve and/or bundle Polymer elements.
PolymerElement
.properties
getter that describes the element's public property/attribute API
(these automatically become observed attributes).template
getter that returns an HTMLTemplateElement
describing the element's rendering, including encapsulated styling and any property bindings. <script src="node_modules/@webcomponents/webcomponents-loader.js"></script>
<script type="module">
import {PolymerElement, html} from '@polymer/polymer';
class MyElement extends PolymerElement {
static get properties() { return { mood: String }}
static get template() {
return html`
<style> .mood { color: green; } </style>
Web Components are <span class="mood">[[mood]]</span>!
`;
}
}
customElements.define('my-element', MyElement);
</script>
<my-element mood="happy"></my-element>
Web components are an incredibly powerful new set of primitives baked into the web platform, and open up a whole new world of possibility when it comes to componentizing front-end code and easily creating powerful, immersive, app-like experiences on the web.
Polymer is a lightweight library built on top of the web standards-based Web Components APIs, and makes it easier to build your very own custom HTML elements. Creating reusable custom elements - and using elements built by others - can make building complex web applications easier and more efficient.
By being based on the Web Components APIs built in the browser (or polyfilled where needed), elements built with Polymer are:
Among many ways to leverage custom elements, they can be particularly useful for building reusable UI components. Instead of continually re-building a specific navigation bar or button in different frameworks and for different projects, you can define this element once using Polymer, and then reuse it throughout your project or in any future project.
Polymer provides a declarative syntax to easily create your own custom elements, using all standard web technologies - define the structure of the element with HTML, style it with CSS, and add interactions to the element with JavaScript.
Polymer also provides optional two-way data-binding, meaning:
Polymer is designed to be flexible, lightweight, and close to the web platform - the library doesn't invent complex new abstractions and magic, but uses the best features of the web platform in straightforward ways to simply sugar the creation of custom elements.
Polymer 3.0 is now released to stable, and introduces a major change to how Polymer is distributed: from HTML Imports on Bower, to JS modules on npm. Otherwise, the API is almost entirely backward compatible with Polymer 2.0 (the only changes are removing APIs related to HTML Imports like importHref
, and converting Polymer's API to be module-based rather than globals-based).
Migrating to Polymer 3.0 by hand is mostly mechanical:
static get template()
getter on PolymerElement subclasses using the html
tagged template literal function (which parses HTMLTemplateElement
s out of strings in JS) rather than using <template>
elements in a <dom-module>
However, the polymer-modulizer
tool automates the vast majority of this migration work. Please see details on that repo for automated conversion of Polymer 2.0 apps and elements to Polymer 3.0.
👀 Looking for Polymer v2.x? Please see the v2 branch.
👀 Looking for Polymer v1.x? Please see the v1 branch.
The Polymer team loves contributions from the community! Take a look at our contributing guide for more information on how to contribute. Please file issues on the Polymer issue tracker following the issue template and contributing guide issues.
Beyond GitHub, we try to have a variety of different lines of communication available:
The Polymer library uses a BSD-like license that is available here
FAQs
The Polymer library makes it easy to create your own web components. Give your element some markup and properties, and then use it on a site. Polymer provides features like dynamic templates and data binding to reduce the amount of boilerplate you need to
The npm package @polymer/polymer receives a total of 105,231 weekly downloads. As such, @polymer/polymer popularity was classified as popular.
We found that @polymer/polymer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.