Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
hyperscript
Advanced tools
Create HyperText with JavaScript, on client or server.
[] (https://ci.testling.com/dominictarr/hyperscript)
See also mercury is a modular ui framework influenced by hyperscript but much more heavily optimized.
var h = require('hyperscript')
h('div#page',
h('div#header',
h('h1.classy', 'h', { style: {'background-color': '#22f'} })),
h('div#menu', { style: {'background-color': '#2f2'} },
h('ul',
h('li', 'one'),
h('li', 'two'),
h('li', 'three'))),
h('h2', 'content title', { style: {'background-color': '#f22'} }),
h('p',
"so it's just like a templating engine,\n",
"but easy to use inline with javascript\n"),
h('p',
"the intension is for this to be used to create\n",
"reusable, interactive html widgets. "))
you can still use hyperscript on the server, the limitation is that events don't make sense any more, but you can use it to generate html:
console.log(h('h1', 'hello!').outerHTML)
=> '<h1>hello!</h1>'
Create an HTMLElement
. The first argument must be the tag name, you may use a
fully qualified tagname for building e.g. XML documents: `h('ns:tag').
If the tag name is of form name.class1.class2#id
that is a short cut
for setting the class and id.
If the tag name begins with a class or id, it defaults to a <div>
.
If an {}
object is passed in it will be used to set attributes.
var h = require('hyperscript')
h('a', {href: 'https://npm.im/hyperscript'}, 'hyperscript')
Note that hyperscript sets properties on the DOM element object, not
attributes on the HTML element. This makes for better consistency across
browsers and a nicer API for booleans. There are some gotchas, however.
Attributes such as colspan
are camel cased to colSpan
, and for
on the
label element is htmlFor
to avoid collision with the language keyword. See the
DOM HTML specification
for details.
If an attribute is a function, then it will be registered as an event listener.
var h = require('hyperscript')
h('a', {href: '#',
onclick: function (e) {
alert('you are 1,000,000th visitor!')
e.preventDefault()
}
}, 'click here to win a prize')
If an attribute has a style property, then that will be handled specially.
var h = require('hyperscript')
h('h1.fun', {style: {'font-family': 'Comic Sans MS'}}, 'Happy Birthday!')
or as a string
var h = require('hyperscript')
h('h1.fun', {style: 'font-family: Comic Sans MS'}}, 'Happy Birthday!')
You may pass in attributes in multiple positions, it's no problem!
If an argument is a string, a TextNode is created in that position.
If a argument is a Node
(or HTMLElement
), for example, the return value of a call to h
thats cool too.
This is just ignored.
Each item in the array is treated like a ordinary child. (string or HTMLElement) this is uesful when you want to iterate over an object:
var h = require('hyperscript')
var obj = {
a: 'Apple',
b: 'Banana',
c: 'Cherry',
d: 'Durian',
e: 'Elder Berry'
}
h('table',
h('tr', h('th', 'letter'), h('th', 'fruit')),
Object.keys(obj).map(function (k) {
return h('tr',
h('th', k),
h('td', obj[k])
)
})
)
If you need to clean up a widget created using hyperscript - deregistering all its event handlers and observable listeners, you can use context()
.
var h = require('hyperscript').context()
var o = require('observable')
var text = o()
text('click here to win a prize')
h('a', {href: '#',
onclick: function (e) {
text('you are 1,000,000th visitor!')
e.preventDefault()
}
}, text)
// then if you want to remove this widget from the page
// to cleanup
h.cleanup()
MIT
FAQs
Create HyperText with JavaScript, on client or server.
The npm package hyperscript receives a total of 31,346 weekly downloads. As such, hyperscript popularity was classified as popular.
We found that hyperscript demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.