Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
atom-web-compiler
Advanced tools
支持 Atom
的服务端渲染
npm install atom-web-compiler --registry http://registry.npm.baidu-int.com
index.js
: 编译工具,输入.atom.html
文件内容,输出编译后的js/php/css等信息首先,需要引入 atom-web-compiler
const compiler = require('atom-web-compiler');
输入一个 .atom
文件的内容, 返回一个包含编译后各个信息的对象,对象形式如下:
{
blocks: Object, // 各个block中的源代码
compiled: {
js: String, // 编译后的js代码
css: String, // 编译后的css代码
php: String // 编译后的php代码
},
paths: {
js: Object, // 编译后js中引用的各个组件的路径
php: Object // 编译后php中引用的各个组件的路径
},
props: Array // 当前atom组件定义props
}
.atom
文件的内容,必选amd/commonjs/umd/global
,默认值amd
path
和组件的key
。插件函数应返回相应的js代码(如require("path/to/component")
)。path
和组件的key
。插件函数返回相应的php代码(如"path/to/component"
)。code
和所在的 style 标签的参数 attrs
(目前只有 attrs.lang
,表示用户设置的预处理语言),该函数只支持同步的方式,返回处理后的 css 代码。输入一个template
字符串,返回一个用module.exports
包裹,包含render
函数和staticRenderFns
的字符串
atom模板字符串
由于不同语言的限制,我们在使用进行服务端渲染时也有一些限制:
.atom
文件中,组件的data
、props
和components
属性必须单独放到<config>
中template
中模板使用js表达式时,不能调用函数,不能使用计算属性一个.atom
文件示例
<template>
<div class="c-container">
<div>{{a}}</div>
<div><p>123</p></div>
<div v-if="b">i am b</div>
<ala />
</div>
</template>
<style>
.c-container {
color: red;
}
</style>
<script>
var sth = require('something');
module.exports = {
created: function () {
sth();
}
};
</script>
<config>
{
props: ['x', 'y'],
data: {
a: 123,
b: true
},
components: {
ala: 'path/to/ala'
}
};
</config>
FAQs
atom web cpmiler
The npm package atom-web-compiler receives a total of 5 weekly downloads. As such, atom-web-compiler popularity was classified as not popular.
We found that atom-web-compiler demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.