Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

bel

Package Overview
Dependencies
Maintainers
5
Versions
29
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

bel

A simple extension to native elements

  • 5.1.7
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
783
increased by11.7%
Maintainers
5
Weekly downloads
 
Created
Source

bel

NPM version build status Downloads js-standard-style experimental

A simple library for composable DOM elements using tagged template strings.

If you're looking for a higher level front end framework, try yo-yo. Or even higher than that, try choo.

usage

For a more in depth tutorial on getting started, please check out the wiki.

A Simple Element

Create an element:

// list.js
var bel = require('bel')

module.exports = function (items) {
  return bel`<ul>
    ${items.map(function (item) {
      return bel`<li>${item}</li>`
    })}
  </ul>`
}

Then pass data to it and add to the DOM:

// app.js
var createList = require('./list.js')
var list = createList([
  'grizzly',
  'polar',
  'brown'
])
document.body.appendChild(list)

Data Down, Actions Up

// list.js
var bel = require('bel')

// The DOM is built by the data passed in
module.exports = function (items, onselected) {
  function render () {
    return bel`<ul>
    ${items.map(function (item) {
      return bel`<li>${button(item.id, item.label)}</li>`
    })}
    </ul>`
  }
  function button (id, label) {
    return bel`<button onclick=${function () {
      // Then action gets sent up
      onselected(id)
    }}>${label}</button>`
  }
  var element = render()
  return element
}
// app.js
var bel = require('bel')
var morphdom = require('morphdom')
var list = require('./list.js')

module.exports = function (bears) {
  function onselected (id) {
    // When a bear is selected, rerender with the newly selected item
    // This will use DOM diffing to render, sending the data back down again
    morphdom(element, render(id))
  }
  function render (selected) {
    return bel`<div className="app">
      <h1>Selected: ${selected}</h1>
      ${list(bears, onselected)}
    </div>`
  }
  // On first render, we haven't selected anything
  var element = render('none')
  return element
}

use with/without hyperx

hyperx is built into bel but there may be times when you wish to use your own version or implementation of hyperx. Or if you prefer to create elements using bel without using tagged template literals:

var createElement = require('bel').createElement
var hyperx = require('hyperx')
var bel = hyperx(createElement)

var element = bel`<div class="heading">Hello!</div>`

// ...

var sameElement = createElement('div', { className: 'heading' }, ['Hello!'])

use yo-yoify to build

Transform bel template strings into pure and fast document calls with browserify.

e.g. browserify entry.js -g yo-yoify -o bundle.js

See also

note

Please use yo-yoify which will transform any Function.caller into plain strings until an alternative solution to identify element creators is implemented.

yo-yoify can resolve the error like below:

TypeError: Function.caller used to retrieve strict caller

or

TypeError: access to strict mode caller function is censored

security

bel sets attributes with element.setAttribute() and element.setAttributeNS(), and creates text nodes with document.createTextNode(). These approaches mitigate some Cross-Site Scripting (XSS) attacks. You should still code carefully every time you put content from users in the DOM.

unescaping

bel escapes ${values} within template literals. Sometimes that is not desirable; for instance, when parsing a string with markdown, which returns HTML.

To unescape values, use the raw method:

var bel = require('bel')
var raw = require('bel/raw')

function example () {
  var output = '<strong>hello there</strong>'
  return bel`
    <div>${raw(output)}</div>
  `
}

Make sure that you are sticking to the security suggestions above, and sanitize any input for malicious code before using raw.

similar projects

  • vel minimal virtual-dom library
  • base-element An element authoring library for creating standalone and performant elements
  • virtual-dom A Virtual DOM and diffing algorithm
  • hyperscript Create HyperText with JavaScript.

license

(c) 2016 Kyle Robinson Young. MIT License

Keywords

FAQs

Package last updated on 23 Feb 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc