Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
weex-loader
Advanced tools
A webpack loader for Weex.
npm install weex-loader babel-loader --save
.we
file..js/.css/.html
) via src
attribute..we
file.weex-components
under v0.1, please update it to v0.2.@weex-module/xxxx
in .js
file. see issue.we
file.make a webpack config
module.exports = {
entry: './main.we?entry',
output: {
path: './dist',
filename: 'main.js'
},
module: {
loaders: [
{
test: /\.we(\?[^?]+)?$/,
loader: 'weex'
}
]
}
};
specify src
attribute
<template src="./main.html"></template>
<style src="./main.css"></style>
<script src="./main.js"></script>
append a weex config in webpack config
weex: {
lang: {
jade: ['jade-html'] // a jade langauge will chain "jade-html-loader"
}
}
main.we
<template lang="jade">
div
text Hello Weex
</template>
.we
file as component elementpath/to/component.we
in script
like require('./foo.we')
or write inline element like <element name="foo" src="./foo.we"></element>
.template
like <foo></foo>
.<element name="foo" src="./foo.we"></element>
<template>
<div>
<foo></foo>
<bar></bar>
</div>
</template>
<script>
require('./bar.we')
</script>
require('./foo.we?name="fooo"')
. Or specify a name attribute in element, like <element name="fooo" src="./foo.we" ></element>
template
like <fooo></fooo>
.<element name="fooo" src="./foo.we"></element>
<template>
<div>
<fooo></fooo>
<baar></baar>
</div>
</template>
<script>
require('./bar.we?name=baar')
</script>
npm run test
will run mocha testing.
And you can check the specs in test/spec
folder.
src
attrBug
Source Map Offset. Encoding to this problem, please use devtool:"eval-source-map"
instead of devtool:"source-map"
.Bug
Can't set debugger breakpoint. I still don't know the reason, but you can debug with debugger
keyword.FAQs
a webpack loader for weex
We found that weex-loader demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.