Security News
Research
Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
@remirror/pm
Advanced tools
A bundled library containing all the core prosemirror libraries required for using remirror
All the bundled prosemirror dependencies which are required for the remirror core libraries.
yarn add @remirror/pm # yarn
pnpm add @remirror/pm # pnpm
npm install @remirror/pm # npm
This bundles up the prosemirror libraries into one package to make development and consumption of the remirror codebase simpler. All prosemirror libraries are available as es-modules which makes tree shaking with rollup, webpack and other build tools possible.
This library is a required peer dependency when using remirror in your codebase. You might never need to use it directly, but in case you do, here's a snippet of how to do so.
// Top level provides types and utilities for converting commands.
import type { EditorSchema } from '@remirror/pm';
import { chainableEditorState } from '@remirror/pm';
// Nested imports provides access to the individual prosemirror library exports.
import { EditorState } from '@remirror/pm/state';
import { Suggest } from '@remirror/pm/suggest';
import { View } from '@remirror/pm/view';
FAQs
A bundled library containing all the core prosemirror libraries required for using remirror
The npm package @remirror/pm receives a total of 26,086 weekly downloads. As such, @remirror/pm popularity was classified as popular.
We found that @remirror/pm demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.
Security News
Sonar’s acquisition of Tidelift highlights a growing industry shift toward sustainable open source funding, addressing maintainer burnout and critical software dependencies.