Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
react-medium-editor-es6
Advanced tools
ES6 version of React wrapper for medium-editor
This repository is a fork of the original react-medium-editor react-wrapper by @wangzuo
npm install react-medium-editor-es6 --save
However, since this package exports an ES6 class, you'll need to load this with an appropriate handler (e.g babel). Here's an example of how you can do that if you're using webpack. Doing this with browserify is similar:
module.exports = {
module: {
loaders: [
{
test: /\.js$/,
include: ([
/react-medium-editor-es6\/src/,
path.resolve(__dirname, 'src'),
]),
loader: 'babel',
}
]
}
}
And you're good to go. This package is very little amount of code, so if you find some feature missing, just clone this repostory and npm link
this package. No pesky rebuilding required for development.
import React, {
Component,
} from 'react';
// load theme styles with webpack
import 'medium-editor/dist/css/medium-editor.css';
import 'medium-editor/dist/css/themes/default.css';
import MediumEditor from 'react-medium-editor-es6';
class App extends Component {
render() {
return (
<div>
<MediumEditor
tag='pre'
flushEditorDOM={shallFlushEditorDOM}
text={'content'}
options={
...mediumOptions,
}
onChange={handleChangeEditorContent}
/>
</div>
);
}
}
<pre></pre>
element will be creaed and handed over to Medium editorUndo
operation won't work, since react would re-render the component, set new editor content, and for the browser, the undo
is lost. So because I am lazy, I decided to not write to DOM at all. I mean it does write to DOM, but not to the knowledge of react. This means that props.text
don't change the actual content of the Editor. To do so, you need to pass flushEditorDOM=true
. There's probably a better way to do this, feel free to fork and create a PR may be; or you can wait for me to solve it which might or might not happen depending on whether I see it as a problem at some point or not.Well, mostly because:
build
ing that was required. ES6 modules will be here soon anyway and it's much easier to work with them directly rather than requiring to build in 2 places (first the component, then the app) imo, so I forked it to an ES6 versionprops
, no internal state, and pay for the consequences too.MIT
FAQs
React wrapper for medium-editor
We found that react-medium-editor-es6 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.