Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@wordpress/element
Advanced tools
@wordpress/element is a package that provides utilities for working with React elements in the context of WordPress. It is essentially a thin abstraction layer over React, tailored to integrate seamlessly with the WordPress ecosystem.
Creating Elements
This feature allows you to create React elements using the `createElement` function, which is similar to React's `React.createElement`.
const { createElement } = require('@wordpress/element');
const element = createElement('div', { className: 'my-class' }, 'Hello World');
Component Class
You can define class components using the `Component` class provided by @wordpress/element, similar to React's `React.Component`.
const { Component } = require('@wordpress/element');
class MyComponent extends Component {
render() {
return createElement('div', null, 'Hello from MyComponent');
}
}
Hooks
The package supports React hooks like `useState`, allowing you to manage state in functional components.
const { useState } = require('@wordpress/element');
function MyFunctionalComponent() {
const [count, setCount] = useState(0);
return createElement('button', { onClick: () => setCount(count + 1) }, `Count: ${count}`);
}
React is a JavaScript library for building user interfaces. It is the core library that @wordpress/element is built upon. While @wordpress/element provides a WordPress-specific abstraction, React is more general-purpose and widely used across various web applications.
Preact is a fast 3kB alternative to React with the same modern API. It is designed to be a lightweight replacement for React, offering similar functionalities but with a smaller footprint. Unlike @wordpress/element, Preact is not tailored specifically for WordPress.
Inferno is an insanely fast, React-like library for building high-performance user interfaces on both the client and server. It aims to provide a similar API to React but with a focus on performance. Like Preact, it is not WordPress-specific.
Element is a package that builds on top of React and provide a set of utilities to work with React components and React elements.
Install the module
npm install @wordpress/element --save
This package assumes that your code will run in an ES2015+ environment. If you're using an environment that has limited or no support for such language features and APIs, you should include the polyfill shipped in @wordpress/babel-preset-default
in your code.
At the risk of igniting debate surrounding any single "best" front-end framework, the choice to use any tool should be motivated specifically to serve the requirements of the system. In modeling the concept of a block, we observe the following technical requirements:
At its most basic, React provides a simple input / output mechanism. Given a set of inputs ("props"), a developer describes the output to be shown on the page. This is most elegantly observed in its function components. React serves the role of reconciling the desired output with the current state of the page.
The offerings of any framework necessarily become more complex as these requirements increase; many front-end frameworks prescribe ideas around page routing, retrieving and updating data, and managing layout. React is not immune to this, but the introduced complexity is rarely caused by React itself, but instead managing an arrangement of supporting tools. By moving these concerns out of sight to the internals of the system (WordPress core code), we can minimize the responsibilities of plugin authors to a small, clear set of touch points.
Object that provides utilities for dealing with React children.
Creates a copy of an element with extended props.
Parameters
Element
: Element?Object
: Props to apply to cloned elementReturns
Element
: Cloned element.A base class to create WordPress Components (Refs, state and lifecycle hooks)
Concatenate two or more React children objects.
Parameters
...?Object
: Array of children arguments (array of arrays/strings/objects) to concatenate.Returns
Array
: The concatenated value.Creates a context object containing two components: a provider and consumer.
Parameters
Object
: A default data stored in the context.Returns
Object
: Context object.Returns a new element of given type. Type can be either a string tag name or another function which itself returns an element.
Parameters
?(string|Function)
: Tag name or element creatorObject
: Element properties, either attribute set to apply to DOM node or values to pass through to element creator...Element
: Descendant elementsReturns
Element
: Element.This function creates an interpolated element from a passed in string with specific tags matching how the string should be converted to an element via the conversion map value.
Usage
For example, for the given string:
"This is a string with a link and a self-closing tag"
You would have something like this as the conversionMap value:
{
span: <span />,
a: <a href={ 'https://github.com' } />,
CustomComponentB: <CustomComponent />,
}
Parameters
string
: The interpolation string to be parsed.Record<string, Element>
: The map used to convert the string to a react element.Returns
Element
: A wp element.Creates a portal into which a component can be rendered.
Related
Parameters
import('react').ReactElement
: Any renderable child, such as an element, string, or fragment.HTMLElement
: DOM node into which element should be rendered.Returns an object tracking a reference to a rendered element via its current
property as either a DOMElement or Element, dependent upon the type of element rendered with the ref attribute.
Returns
Object
: Ref object.Creates a new React root for the target DOM node.
Related
Changelog
6.2.0
Introduced in WordPress core.
Finds the dom node of a React component.
Parameters
import('react').ComponentType
: Component's instance.Forces React to flush any updates inside the provided callback synchronously.
Parameters
Function
: Callback to run synchronously.Component enhancer used to enable passing a ref to its wrapped component. Pass a function argument which receives props
and ref
as its arguments, returning an element using the forwarded ref. The return value is a new component which forwards its ref.
Parameters
Function
: Function passed props
and ref
, expected to return an element.Returns
Component
: Enhanced component.A component which renders its children without any wrapping element.
Deprecated since WordPress 6.2.0. Use
hydrateRoot
instead.
Hydrates a given element into the target DOM node.
Related
Creates a new React root for the target DOM node and hydrates it with a pre-generated markup.
Related
Changelog
6.2.0
Introduced in WordPress core.
Checks if the provided WP element is empty.
Parameters
*
: WP element to check.Returns
boolean
: True when an element is considered empty.Checks if an object is a valid React Element.
Parameters
Object
: The object to be checked.Returns
boolean
: true if objectToTest is a valid React Element and false otherwise.Related
Related
Component used to detect the current Platform being used. Use Platform.OS === 'web' to detect if running on web enviroment.
This is the same concept as the React Native implementation.
Related
Usage
import { Platform } from '@wordpress/element';
const placeholderLabel = Platform.select( {
native: __( 'Add media' ),
web: __(
'Drag images, upload new ones or select files from your library.'
),
} );
Related
Component used as equivalent of Fragment with unescaped HTML, in cases where it is desirable to render dangerous HTML without needing a wrapper element. To preserve additional props, a div
wrapper will be created if any props aside from children
are passed.
Parameters
RawHTMLProps
: Children should be a string of HTML or an array of strings. Other props will be passed through to the div wrapper.Returns
JSX.Element
: Dangerously-rendering component.Deprecated since WordPress 6.2.0. Use
createRoot
instead.
Renders a given element into the target DOM node.
Related
Serializes a React element to string.
Parameters
import('react').ReactNode
: Element to serialize.[Object]
: Context object.[Object]
: Legacy context object.Returns
string
: Serialized element.Related
Component that activates additional checks and warnings for its descendants.
Related
Switches the nodeName of all the elements in the children object.
Parameters
?Object
: Children object.string
: Node name.Returns
?Object
: The updated children object.Deprecated since WordPress 6.2.0. Use
root.unmount()
instead.
Removes any mounted element from the target DOM node.
Related
Related
Related
Related
Related
Related
Related
Related
Related
Related
Related
Related
Related
Related
Related
Related
This is an individual package that's part of the Gutenberg project. The project is organized as a monorepo. It's made up of multiple self-contained software packages, each with a specific purpose. The packages in this monorepo are published to npm and used by WordPress as well as other software projects.
To find out more about contributing to this package or Gutenberg as a whole, please read the project's main contributor guide.
FAQs
Element React module for WordPress.
The npm package @wordpress/element receives a total of 141,872 weekly downloads. As such, @wordpress/element popularity was classified as popular.
We found that @wordpress/element demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 23 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.