Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
react-live
Advanced tools
react-live is a React component that enables you to render live, editable code samples in your application. It provides a live code editor and preview, making it ideal for documentation, tutorials, and interactive coding environments.
Live Code Editing
This feature allows users to edit code in a live editor and see the results immediately. The LiveProvider component wraps the code, and LiveEditor, LiveError, and LivePreview components handle the editing, error display, and preview respectively.
import { LiveProvider, LiveEditor, LiveError, LivePreview } from 'react-live';
const code = `<strong>Hello World!</strong>`;
function App() {
return (
<LiveProvider code={code}>
<LiveEditor />
<LiveError />
<LivePreview />
</LiveProvider>
);
}
export default App;
Custom Scope
This feature allows you to provide custom components and variables to the live code editor. By passing a scope object to the LiveProvider, you can use external components and libraries in the live code.
import { LiveProvider, LiveEditor, LiveError, LivePreview } from 'react-live';
import { Button } from 'my-ui-library';
const code = `<Button>Click me</Button>`;
const scope = { Button };
function App() {
return (
<LiveProvider code={code} scope={scope}>
<LiveEditor />
<LiveError />
<LivePreview />
</LiveProvider>
);
}
export default App;
Theming
This feature allows you to apply custom themes to the live code editor. By passing a theme object to the LiveProvider, you can style the code editor to match your application's design.
import { LiveProvider, LiveEditor, LiveError, LivePreview } from 'react-live';
import { dracula } from 'react-syntax-highlighter/dist/esm/styles/prism';
const code = `<strong>Hello World!</strong>`;
function App() {
return (
<LiveProvider code={code} theme={dracula}>
<LiveEditor />
<LiveError />
<LivePreview />
</LiveProvider>
);
}
export default App;
react-syntax-highlighter is a syntax highlighting component for React using Prism or Highlight.js. Unlike react-live, it does not provide live editing or preview capabilities but focuses on syntax highlighting for static code snippets.
react-codemirror2 is a React component for CodeMirror, a versatile text editor implemented in JavaScript. It provides a rich code editing experience but does not include live preview functionality out of the box like react-live.
react-ace is a React component for the Ace editor. It offers a powerful code editing experience with various features like syntax highlighting, themes, and keybindings. However, it does not provide live code preview capabilities like react-live.
A flexible playground for live editing React code
React Live brings you the ability to render React components with editable source code and live preview.
The library is structured modularly and lets you style and compose its components freely.
Come learn more at our docs site!
Have a question about react-live? Submit an issue in this repository using the "Question" template.
Notice something inaccurate or confusing? Feel free to open an issue or make a pull request to help improve the documentation for everyone!
The source for our docs site lives in this repo in the docs
folder.
Please see our contributing guide.
Active: Formidable is actively working on this project, and we expect to continue for work for the foreseeable future. Bug reports, feature requests and pull requests are welcome.
FAQs
A production-focused playground for live editing React code
The npm package react-live receives a total of 127,333 weekly downloads. As such, react-live popularity was classified as popular.
We found that react-live demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 40 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.