Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
ckeditor5-math
Advanced tools
ckeditor5-math is a TeX-based mathematical plugin for CKEditor 5. You can use it to insert, edit, and view mathematical equations and formulas. This plugin supports MathJax, KaTeX and custom typesetting engines.
If you get duplicated modules error, you have mismatching versions.
Use official classic or inline build as a base:
Install plugin with NPM or Yarn
npm install ckeditor5-math --save-dev
yarn add ckeditor5-math --dev
Add import into ckeditor.js file
import Mathematics from 'ckeditor5-math/src/math';
Add it to built-in plugins
InlineEditor.builtinPlugins = [
// ...
Mathematics
];
Add math button to toolbar
InlineEditor.defaultConfig = {
toolbar: {
items: [
// ...
'math'
]
}
};
Copy theme/ckeditor5-math folder from https://github.com/isaul32/ckeditor5/tree/master/packages/ckeditor5-theme-lark to your lark theme repository
InlineEditor.defaultConfig = {
// ...
math: {
engine: 'mathjax', // or katex or function. E.g. (equation, element, display) => { ... }
lazyLoad: undefined, // async () => { ... }, called once before rendering first equation if engine doesn't exist. After resolving promise, plugin renders equations.
outputType: 'script', // or span
forceOutputType: false, // forces output to use outputType
enablePreview: true, // Enable preview view
previewClassName: [], // Class names to add to previews
popupClassName: [], // Class names to add to math popup balloon
katexRenderOptions: {} // KaTeX only options for katex.render(ToString)
}
}
MathJax
KaTeX
katexRenderOptions
- pass options.
InlineEditor.defaultConfig = {
// ...
math: {
engine: 'katex'
katexRenderOptions: {
macros: {
"\\neq": "\\mathrel{\\char`≠}",
},
},
}
}
Custom typesetting
Custom typesetting is possible to implement with engine config. For example, custom typesetting feature can be used when use back end rendering.
InlineEditor.defaultConfig = {
// ...
math: {
engine: ( equation, element, display, preview ) => {
// ...
}
}
}
Supported input and output formats are:
<!-- MathJax style http://docs.mathjax.org/en/v2.7-latest/advanced/model.html#how-mathematics-is-stored-in-the-page -->
<script type="math/tex">\sqrt{\frac{a}{b}}</script>
<script type="math/tex; mode=display">\sqrt{\frac{a}{b}}</script>
<!-- CKEditor 4 style https://ckeditor.com/docs/ckeditor4/latest/features/mathjax.html -->
<span class="math-tex">\( \sqrt{\frac{a}{b}} \)</span>
<span class="math-tex">\[ \sqrt{\frac{a}{b}} \]</span>
Paste TeX equations with delimiters. For example:
\[ x=\frac{-b\pm\sqrt{b^2-4ac}}{2a} \]
or
\( x=\frac{-b\pm\sqrt{b^2-4ac}}{2a} \)
Ctrl+M can be used to add easily math formulas in inline mode.
Autoformat for math can be used to add formula in display mode on a new line by adding \[
or $$
. This feature requires additional autoformat plugin to be added.
Add following lines into your build
// ...
import AutoformatMathematics from 'ckeditor5-math/src/autoformatmath';
InlineEditor.builtinPlugins = [
// ...
AutoformatMathematics
];
.ck-reset_all *
css rules from ckeditor5-ui and ckeditor5-theme-lark break rendering in preview mode.
My solution for this is use rendering element outside of CKEditor DOM and place it to right place by using absolute position. Alternative solution could be using iframe, but then typesetting engine's scripts and styles have to copy to child document.
Contributions, improvements and bug fixes are welcome. To aid in this, try out our developer environment w/ live reload support and CKEditor 5 inspector.
To enter a development loop with hot reload support:
git clone https://github.com/isaul32/ckeditor5-math.git
cd ckeditor5-math
yarn
yarn start
36.0.2 (2023-02-14)
previewClassName
(#86)FAQs
Math feature for CKEditor 5.
We found that ckeditor5-math demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.