![Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack](https://cdn.sanity.io/images/cgdhsj6q/production/6af25114feaaac7179b18127c83327568ff592d1-1024x1024.webp?w=800&fit=max&auto=format)
Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
react-ssml-dom
Advanced tools
Readme
Utilize the full power of React to develop voice UIs. ReactSSML provides a simple custom React renderer that let's you use React and JSX to create SSML output.
This project is brand new, so if you run into issues or have questions, open up an issue and let me know! Any feedback is highly appreciated.
I wrote a small article about my motivation.
What we hate
const reply = `
<speak>
${ firstSession ? 'helloLong' : 'helloShort' }
<audio src='https://s3-bucket/niceSound.mp3'/>
${ i18n.t(keys.offerHelp) }
${ showHint ? newFeatureHint : '' }
${ i18n.t(keys.promptSearch) }
</speak>`;
What we want
const reply = `
<App>
<SearchProvider>
<Introduction long={firstSession} />
<BrandedAudio />
<OfferHelp />
{
showHint && <NewestFeatureHint />
}
</SearchProvider>
</App>`;
Get the package from npm.
npm i react-ssml-dom
Create an App component
import React from 'react';
const App = () => <s>Hello World</s>;
export default App;
Render your App
import ReactSMML, { Document, Node } from 'react-ssml-dom';
// create a document similar to the DOM's document
const ssmlDocument = new Document();
// create a root node similar to the body in HTML
const root = new Node('speak');
ssmlDocument.body = root;
ReactSMML.render(<App />, root);
Done!
console.log(ssmlDocument.toString())
<speak>
<s>Hello World!</s>
</speak>
Clone this repo and play around with the demo application
Get the source code
git clone https://github.com/andrelandgraf/react-ssml-dom.git
Build the demo
npm run build:demo
Run the demo
npm run start:demo
> react-ssml@1.0.2 start:demo /react-ssml
> node dist/main.js
Express backend listening on port 8888! 🚀
Express server is now running on port 8888!
Use Postman or a tool of your choice to hit the fulfillment endpoint.
curl -X POST http://localhost:8888
And there we go!
{
"reply": "<speak> <audio src=\"https://s3-bucket.com/mock-song.ogg\"> Oh, I am sorry, this file seems not to work, please try another song</audio> </speak>"
}
This project is using react-reconciler
to implement a custom renderer for React.
See: ./src/ReactSSML.js
which replaces react-dom
On top of that this project implements a (proof-of-concept) version of the web's DOM for SSML.
See: ./src/ssml-dom/*
The demo folder contains a demo React App. The demo express server runes via .index.js
Set receivedError
in ./demo/Reply.jsx
to true
and see how the response SSML changes.
Also, try to set the timeout time in ./demo/Reply.jsx
from 3000
to 8000
which is higher as our global timeout in index.js
. See what happens to get an idea of how this project works.
FAQs
Utilize React to render SSML output for voice applications.
The npm package react-ssml-dom receives a total of 0 weekly downloads. As such, react-ssml-dom popularity was classified as not popular.
We found that react-ssml-dom demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.