Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@remirror/pm
Advanced tools
A bundled library containing all the core prosemirror libraries required for using remirror
All the bundled prosemirror dependencies which are required for the remirror core libraries.
yarn add @remirror/pm # yarn
pnpm add @remirror/pm # pnpm
npm install @remirror/pm # npm
This bundles up the prosemirror libraries into one package to make development and consumption of the remirror codebase simpler. All prosemirror libraries are available as es-modules which makes tree shaking with rollup, webpack and other build tools possible.
This library is a required peer dependency when using remirror in your codebase. You might never need to use it directly, but in case you do, here's a snippet of how to do so.
// Top level provides types and utilities for converting commands.
import type { EditorSchema } from '@remirror/pm';
import { chainableEditorState } from '@remirror/pm';
// Nested imports provides access to the individual prosemirror library exports.
import { EditorState } from '@remirror/pm/state';
import { Suggest } from '@remirror/pm/suggest';
import { View } from '@remirror/pm/view';
FAQs
A bundled library containing all the core prosemirror libraries required for using remirror
The npm package @remirror/pm receives a total of 12,888 weekly downloads. As such, @remirror/pm popularity was classified as popular.
We found that @remirror/pm demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.