Security News
Supply Chain Attack Detected in @solana/web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
By Sarah Gooding - Dec 03, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@zhike/queen-editor
Advanced tools
Queen Editor
一个易于二次开发、与业务解耦的编辑器。
1 使用
(待完善)
1.1 安装要求:
- node v10.15
- npm v5.6.0
1.2 安装部署
npm install @zhike/queen-editor
1.3 使用方式
import { QueenEditor } from 'queen-editor' ReactDom.render(, mountNode)
1.4 测试样例
(待完善)
2 开发
2.1 本地运行
npm install
npm run start
# 浏览器访问 http://127.0.0.1:7777/dist/index.html
2.2 本地开发
2.2.1 分支类型
master发包分支,仅在此分支才能进行发包操作(🈲️在此分支开发)develop开发分支,用来合并开发人员的分支 (🈲️在此分支开发)feature/\<name\>开发人员的分支
2.2.2 工作流
从develop分支上切自己的分支进行开发
git checkout develop
git checkout -b feature/a
开发完后合develop分支的代码
git add .
git commit -m 'xxx'
git checkout develop
git pull origin develop
git checkout feature/a
git merge develop
发包
可以执行npm run try-release体验发包流程,以下代码是正式发包流程
git checkout master
git pull origin master
git merge develop
npm run release
tips:
不要在master上开发,原则上master的改动都来自于merge develop
npm run release会帮开发人员检查是否有未提交的修改,只有所有修改都提交了,才能发包。
npm run release会自动创建一个带版本号的commit,并提交到master分支上。
2.3 项目结构
2.3.1 技术选型
- 语言:
typescript、less - 打包:
webpack - 依赖框架和工具:无
2.3.1 源码目录
开发相关目录
src编辑器代码buildwebpack配置server服务端,主要用于调试资源上传功能dist开发调试目录、打包产物目录、npm包发布目录
src目录
(待完善)
配置相关目录
这里倾向于把devDependencies中需要配置的包的配置,单独写成配置文件放在项目根目录下。
.huskyhusky配置(precommit阶段检查代码格式).release-it.jsnpm发包配置.sh自定义shell脚本 (检查发包前工作目录是否干净).eslintrc.js、.eslintignoreeslint配置.gitlab-ci.yml、deploy线上部署配置.vscodevscode配置
3 Refs
wangEditor (respect)
FAQs
queen-editor
The npm package @zhike/queen-editor receives a total of 0 weekly downloads. As such, @zhike/queen-editor popularity was classified as not popular.
We found that @zhike/queen-editor demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Package last updated on 06 Aug 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024