Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@roast-cms/french-press-editor
Advanced tools
☕ An offline-first rich text editor component.
yarn add @roast-cms/french-press-editor
Then, in your project:
import { BrowserRouter } from "react-router-dom"
import { ThemeProvider } from "styled-components"
import { Sugar } from "@roast-cms/react-sugar-styled"
//
import { FrenchPress, Picture, Wrapper } from "@roast-cms/french-press-editor"
//
const App props =>
<ThemeProvider theme={Sugar()}>
<BrowserRouter>
<Wrapper>
<Editor />
</Wrapper>
</BrowserRouter>
</ThemeProvider>
If you've ever tried building a rich-text editorial experience for your users in-browser with ContentEditable
, you may know what true torture feels like. Nobody wants that, hence tools like Slate, Quill, Draft.js, Prose Mirror, and many more exist to alleviate the pain. However, there's a learning curve and possible limitations to each system, which take time to learn and understand.
french-press-editor
simplifies the task of building a functional and beautiful editorial experience for your users further by packaging all of the plugins, components, and directives necessary in one easy to install module (using Slate as a platform of choice). No ContentEditable
bullshit, no lengthy research, no complex APIs.
This project is being actively developed and debugged. Expect breaking changes with every minor release (i.e.
v0.1.0
tov0.2.0
). Your input on how to make it easier to work with and customized is greately appreciated.
To see if this tool is right for you, please have a look through the list of specs below. Everything listed is pre-packaged.
localStorage
and all image data is stored in browser database. Your users may edit everything whilst offline!french-press-editor
is a ready-made, opinionated package, yet there is plenty that you can customize, far beyond CSS.<p></p>
.<h3></h3>
to allow for semantic HTML structure in a document that has a title <h1></h1>
and a subtitle <h2></h2>
. Headings do not allow any formatting (links, bold, italic) within in order to maintain clean content structure.<blockquote></blockquote>
. Quotes do not allow any formatting (links, bold, italic) within in order to maintain clean content structure. Quotes also do not allow images or any other blocks within to keep the documents clean and to-the-point.<Link></Link>
using react-link-filter
component built on top of React Router 4 with additional features, such as correcting user input (if they forgot to type http://), transforming absolute URLs on your domain to relative ones, and a proper function within React application that works in React Router 4 context.<hr />
.<Picture />
. With this package there is a ready-made component that you can use, which will properly render images in your document. You may, however, develop your own image components with a lot more options (such as different sizes, positions, captions etc.)<strong></strong>
.<em></em>
.***
on a new line and pressing Enter will create a divider line.#
followed by space and text will convert paragraph into a heading after user moves to the next line with Enter key.>
followed by space and text will convert paragraph into a quote after user moves to the next line with Enter key....
and pressing space will convert three dots into an ellipsis …
.-
then space again will turn dash into —
(—
).callbackStatus()
will send you "ok" or "pending" indicating whether the content is being stored in browser or not.callbackError()
will send you error string and reason (i.e. if the image is too large).editorRef()
returns Slate Editor reference once it mounts.To learn more about what you can customize and build for french-press-editor
to make it yours, check out the complete API guide.
If you have a feature request, bug report or a question, please submit an issue. Please keep in mind that this tool isn't built for everyone and it works best when there are less features cluttering the experience and weighing down the package.
Pull requests are very much welcome. To get started with the code: clone the repo, run yarn install
then yarn start
and open up http://localhost:3002
in your browser.
Every folder in this repo has a README.md
file to help you along.
FAQs
An offline-first rich text editor component.
The npm package @roast-cms/french-press-editor receives a total of 24 weekly downloads. As such, @roast-cms/french-press-editor popularity was classified as not popular.
We found that @roast-cms/french-press-editor demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.