Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Social Media Photo by Andrii Ganzevych on Unsplash
uhtml (micro µ html) is one of the smallest, fastest, memory consumption friendly, yet zero-tools based, library to safely help creating or manipulating DOM content.
uhtml
as default { Hole, render, html, svg, attr }
with smart auto-keyed nodes - read keyed or not ? paragraph to know moreuhtml/keyed
with extras { Hole, render, html, svg, htmlFor, svgFor, attr }
, providing keyed utilities - read keyed or not ? paragraph to know moreuhtml/node
with same default exports but it's for one-off nodes creation only so that no cache or updates are available and it's just an easy way to hook uhtml into your existing project for DOM creation (not manipulation!)uhtml/init
which returns a document => uhtml/keyed
utility that can be bootstrapped with uhtml/dom
, LinkeDOM, JSDOM for either SSR or Workers supportuhtml/dom
which returns a specialized uhtml compliant DOM environment that can be passed to the uhtml/init
export to have 100% same-thing running on both client or Web Worker / Server. This entry exports { Document, DOMParser }
where the former can be used to create a new document while the latter one can parse well formed HTML or SVG content and return the document out of the box.uhtml/init example
import init from 'uhtml/init';
import { Document } from 'uhtml/dom';
const document = new Document;
const {
Hole,
render,
html, svg,
htmlFor, svgFor,
attr
} = init(document);
FAQs
A micro HTML/SVG render
The npm package uhtml receives a total of 1,099 weekly downloads. As such, uhtml popularity was classified as popular.
We found that uhtml demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.