Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@typescript-deploys/monaco-editor
Advanced tools
The Monaco Editor is the code editor which powers VS Code, with the features better described here.
Please note that this repository contains no source code for the code editor, it only contains the scripts to package everything together and ship the monaco-editor
npm module.
Try the editor out on our website.
$ npm install monaco-editor
You will get:
esm
: ESM version of the editor (compatible with e.g. webpack)dev
: AMD bundled, not minifiedmin
: AMD bundled, and minifiedmin-maps
: source maps for min
monaco.d.ts
: this specifies the API of the editor (this is what is actually versioned, everything else is considered private and might break with any release).It is recommended to develop against the dev
version, and in production to use the min
version.
monaco.d.ts
.Create issues in this repository for anything related to the Monaco Editor. Always mention the version of the editor when creating issues and the browser you're having trouble in. Please search for existing issues to avoid duplicates.
In IE 11, the editor must be surrounded in the body element, otherwise the hit testing performed for mouse operations does not work. You can inspect this using F12 and click on the body element and confirm that visually it surrounds the editor.
❓ What is the relationship between VS Code and the Monaco Editor?
The Monaco Editor is generated straight from VS Code's sources with some shims around services the code needs to make it run in a web browser outside of its home.
❓ What is the relationship between VS Code's version and the Monaco Editor's version?
None. The Monaco Editor is a library and it reflects directly the source code.
❓ I've written an extension for VS Code, will it work on the Monaco Editor in a browser?
No.
Note: If the extension is fully based on the LSP and if the language server is authored in JavaScript, then it would be possible.
❓ Why all these web workers and why should I care?
Language services create web workers to compute heavy stuff outside of the UI thread. They cost hardly anything in terms of resource overhead and you shouldn't worry too much about them, as long as you get them to work (see above the cross-domain case).
❓ What is this loader.js
? Can I use require.js
?
It is an AMD loader that we use in VS Code. Yes.
❓ I see the warning "Could not create web worker". What should I do?
HTML5 does not allow pages loaded on file://
to create web workers. Please load the editor with a web server on http://
or https://
schemes. Please also see the cross-domain case above.
❓ Is the editor supported in mobile browsers or mobile web app frameworks?
No.
❓ Why doesn't the editor support TextMate grammars?
Please see CONTRIBUTING
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
Licensed under the MIT License.
FAQs
A browser based code editor
The npm package @typescript-deploys/monaco-editor receives a total of 251 weekly downloads. As such, @typescript-deploys/monaco-editor popularity was classified as not popular.
We found that @typescript-deploys/monaco-editor demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.