Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
vue-md-loader
Advanced tools
Webpack loader for converting Markdown files to Vue components.
NPM:
npm install vue-md-loader --save-dev
Yarn:
yarn add vue-md-loader --dev
Simply use vue-md-loader
to load .md
files and chain it with your vue-loader
.
module.exports = {
// ...
module: {
rules: [
// ...
{
test: /\.md$/,
loader: 'vue-loader!vue-md-loader'
}
]
}
}
module.exports = {
// ...
module: {
rules: [
// ...
{
test: /\.md$/,
loaders: [
'vue-loader',
{
loader: 'vue-md-loader',
options: {
// your preferred options
}
}
]
}
]
}
}
A live demo is:
<template>
<div class="cls">{{msg}}</div>
</template>
<script>
export default {
data () {
return {
msg: 'Hello world!'
}
}
}
</script>
<style>
.cls {
color: red;
background: green;
}
</style>
<!-- some-live-demo.vue -->
becomes something like:
<some-live-demo/>
<pre><code>...</code></pre>
A Vue component with all it's <template>
, <script>
and <style>
settled will be inserted before it's source code block.
Multiple lives inside a single markdown file is supported by:
<script>
from different code blocks:
export default
will be extract into it's own Vue component with no conflicts.export default
will be extract into the same top-level component.<style>
from different code blocks will be extract into the same top-level component.Note:
<template>
found in live block.module.exports = {
// ...
resolve: {
alias: {
'vue$': 'vue/dist/vue.esm.js' // 'vue/dist/vue.common.js' for webpack 1
}
}
}
String. Default: section
The wrapper of entire markdown content, can be HTML tag name or Vue component name.
Array. Default: []
Markdown-It plugins list. For example:
// ...
plugins: [
// Without option
require('markdown-it-plugin-1'),
// With options
[
require('markdown-it-plugin-2'),
{
// ...
}
]
]
// ...
Object.
Use this to replace the Markdown-It instance inside the loader. For example:
new MarkdownIt({
// options
})
Boolean. Default: true
Enable / Disable live detecting and assembling.
Regex. Default: /<!--[\s]*?([-\w]+?).vue[\s]*?-->/i
A code block with livePattern
inside itself becomes a live block. The matched body will become the live Vue component's name and reference.
Function. Default: null
Use this if you wish to change the live template manually (e.g. add wrappers). For example:
function wrapIt (template) {
return `<div class="live-wrapper">${template}</div>`
}
# install dependencies
npm install
# serve example with hot reload at localhost:8888
npm run dev
# run all tests
npm test
MIT
FAQs
Webpack loader for converting Markdown files to ALIVE Vue components.
The npm package vue-md-loader receives a total of 444 weekly downloads. As such, vue-md-loader popularity was classified as not popular.
We found that vue-md-loader demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.