A fast, portable, flexible JavaScript component framework

Related tags

Learning resource javascript framework component frontend mvvm san
Overview

Logo

SAN

一个快速、轻量、灵活的 JavaScript 组件框架
A fast, portable, flexible JavaScript component framework.

NPM version License Build Status Coverage Status Issues

HomePage 网站

安装(Install)

NPM:

$ npm i san

CDN:

<script src="https://unpkg.com/san@latest"></script>

发布文件说明(Dist Files Information)

快速开始(Quick Start)

<!DOCTYPE html>
<html>

<head>
    <title>Quick Start</title>
    <script src="https://unpkg.com/san@latest"></script>
</head>

<body>
    <script>
        const MyApp = san.defineComponent({
            template: `
                <div>
                    <input type="text" value="{=name=}">
                    <p>Hello {{name}}!</p>
                </div>
            `
        });

        let myApp = new MyApp({
            data: {
                name: 'San'
            }
        });
        myApp.attach(document.body);
    </script>
</body>

</html>

示例(Examples)

文档(Document)

周边(Companions)

说明(Description)
san-devtools 调试应用的工具和扩展
Development tools for debugging applications
san-router 支持 hash 和 html5 模式的 Router
SPA/MPA Router
san-store 应用状态管理套件
Application States Management
san-update Immutable的对象更新库
Immutable Data Update
san-composition 组合式 API
Composition API
san-ssr 服务端渲染框架与工具库
SSR framework and utils
santd Ant Design 风格的组件库
Components Library following the Ant Design specification
san-mui Material Design 风格的组件库
Material Design Components Library
san-xui 百度云控制台风格的组件库
A Set of UI Components that widely used on Baidu Cloud Console
sanny VSCode 插件
VSCode extension for SAN
san-cli 帮助快速搭建应用的命令行工具
A CLI tooling for rapid development
san-loader 支持 sfc 的 Webpack loader
Webpack loader for single-file components
san-factory 组件工厂能帮助你在不同环境下更灵活的装配组件
Component register and instantiation
san-anode-utils ANode 处理工具库
Util Functions for ANode
san-test-utils 单元测试工具库
The unit testing utility library

变更历史(ChangeLog)

Please visit document ChangeLog

License

San is MIT licensed.

Comments
  • [feature request] 异步组件

    [feature request] 异步组件

    现状👀

    san目前并不支持异步组件,这对于业务中强调首屏性能的场景,是一件负担较重的事儿。

    目前的compile过程,遇到components时,要求components对象包含的必须是是san-Component类,这会有些影响。

    有些组件无需首屏加载(Dialog组件等),有些组件需要时才会渲染(Tab组件等),这些不会立即渲染的组件却会拖累应用的首屏性能:

    1. 首屏📱时需要下载不需要的js文件,js文件中可能会有其他依赖(打点、css资源等),影响网络性能
    2. san框架需要一定的时间编译模板和生成组件实例(甚至生成dom),即使并不需要,影响了加载时间

    动态组件一定程度上可以缓解,但是它attach后完全脱离组件树,没有数据绑定、事件绑定、dispatch等能力👣,这可能不是我们想要的结果。

    预期行为

    开发者以一个工厂函数定义组件,san内部异步解析组件类。

    简单示例

    
// App.js
...
components: {
    'san-dialog':function (resolve,reject) {
        setTimeout(function () {
        // 向 `resolve` 回调传递组件定义
              resolve({
                   template: '<div>I am async!</div>'
              })
         }, 1000)
    }
}
...

    如上所示

    配合webpack code-splitting后就很安逸了👇:

    
// App.js
...
components: {
    'san-dialog': () => import('./async-compt.js')
}
...
    opened by jiangjiu 27
  • 关于列表的过渡动画

    关于列表的过渡动画

    这个问题纠结挺久了,趁着吃饱了病好了赶紧整理成文字说一说。

    首先是 san 的更新方式问题。列表更新时,san 会尽可能保留现有的 DOM 元素,并从末尾开始移除或插入接点至目标数量,然后按照自然的顺序从头到尾更新接点的 innerHTML。 因此问题出现了:所有的动画都是从行尾开始的。具体表现为即使你删掉第一个元素,也是最后一个元素在动,并且第一个元素的值瞬间变成了第二个元素的值,这会显得过渡很不自然。

    于是之前讨论时产生了更改更新方式的想法,比如在探测到节点含有正确的 transition 属性时,列表会在与插入或删除的数据索引值相同的位置插入或删除 DOM 元素。 这样看起来问题解决了,但如果细想依然会发现:无法定义一个看上去自然的有时间间隔的过渡动画。 举个栗子:现在有一个 1000 行的列表,每个过渡动画之间间隔 1s 执行。我现在同时删除第一条和最后一条数据,列表开始播放过渡动画。我期望的是第 1 个列表项立即播放动画,然后第 1000 个列表项在 +1s 后执行自己的过渡动画;而事实上,第 1000 项并无法知道自己应该第几个播放动画,于是只能原地傻等 999s 再播放动画。

    问题的矛盾在于,想要实现这个效果需要一个中心来调度这些动画,而 san 在设计上却期望每个过渡动画是互相独立的。 我站在这个立场上,还没能思考出两全的方案,导致 san-transition 至今没有定数。

    opened by Dafrok 24
  • [feature request] 过渡动画

    [feature request] 过渡动画

    过渡动画

    先说一下需求:

    • [ ] 支持单元素和列表过渡动画
    • [ ] 支持 CSS 钩子和 JS 钩子
    • [ ] 支持 transition 动画和 animation 动画
    • [ ] 单元素过渡动画避免在视图上出现两个相同的组件实例
    • [ ] 支持 in-outout-in 两种过渡模式(参考:过渡模式
    • [ ] 列表过渡尽量平滑(参考:列表的交错过渡 / 列表的排序过渡

    再说一下基于目前版本实现动画时踩到的坑(选看):

    • 单个元素的过渡动画

      单元素的过渡动画重构过两次,这是目前的一个简陋实现 https://dafrok.github.io/san-transition/。

      第一个版本是简单地 hack 掉 Component.prototype.attachComponent.prototype.dispose 方法,在适当的时机插入和移除 CSS 钩子,异步销毁组件。但这样做会产生一个问题:在快速切换状态时,由于 dispose 过程是异步的并且没有 VNode 去控制,后进入的组件无法知道先进入的组件是否已经被销毁,于是可以观察到在视图上同时有多个相同组件的实例存在,体验非常不好。

      第二个版本干脆将内部的 updateView 方法一并 hack 掉,将执行动画所需要的临时变量挂在组件的 owner 上。这个实现从动画效果上讲是基本完美的,owner 可以替代 VNode 以上帝视角来观察并控制过渡中的组件是否需要真正的被挂载或销毁,完全不会在快速切换状态时产生多余的 Element。遗憾的是,在实战中发现根组件是没有 owner 的,最直观的影响就是注册在 san-router 上的组件过渡动画全都挂了。

    • 列表的过渡动画

      由于 san 的更新机制是在维持现有节点尽可能不变的情况下修改 innerHTML,因此如果想实现平滑的列表更新,必须 hack 掉现有的节点更新机制,通过频繁地插入和删除节点来实现,这和 san 追求的高性能之间产生了一个微妙的矛盾,并且也难以保证 san 在以后的迭代中会与 hack 产生冲突,因此至今没有想出较为完善解决方案。

    opened by Dafrok 19
  • 关于虚拟元素标签命名的投票

    关于虚拟元素标签命名的投票

    https://vuejs.org/v2/guide/conditional.html#Conditional-Groups-with-v-if-on-lt-template-gt https://baidu.github.io/san/tutorial/if/#%E8%99%9A%E6%8B%9F%E5%85%83%E7%B4%A0

    原先,为减少开发者学习成本,在san里,虚拟元素和vue一致,使用template标签名。但是,在做新功能 支持虚拟元素作为组件根元素 的时候,遇到了问题。反思了下,template作为虚拟元素标签名是不合适的。有两个原因:

    1. 标准里对 template 是有定义的,占用 template 是有问题的
    2. 对于 san 组件,如果根元素是 template,意味着使用外层传入的标签名作为 root element 的标签名

    所以,需要重新命名,废弃template作为虚拟元素标签名。(当然,实现上会保持向下兼容)。下面有如下选项,请投票:

    1. fragment。该选项没有s- prefix,如果标准增加了fragment标签,就又冲突了。该选项就是判断标准会不会增加fragment标签
    2. s-fragment。不会和标准冲突,但是可能和开发者冲突。
    3. 其他。请给出建议

    另外,还有一个问题:

    如果根元素是 template,意味着使用外层传入的标签名作为 root element 的标签名

    这个 feature 的标签名是否合适?如果不合适,应该叫什么

    opened by errorrik 16
  • 关于使用san开发过程中遇到的几个问题请教,谢谢

    关于使用san开发过程中遇到的几个问题请教,谢谢

    10 问题1:如上图中,这是一个自定义的select下拉组件,但是中间显示了 undefined,一直没找到问题在哪里,请教下这样的错误应该怎么样来排查?

    问题2:关于js文件的编码问题,比如 san.js 和 san.dev.js 都是utf-8编码,但是san.min.js确是gbk编码,而我的html页面设置了meta charset 为 utf-8,当开发完成将san.js替换为san.min.js后,页面直接报脚本错,我还使用到了esl和san-router,这两个也是min的js都是gbk编码,不知道我的报错是否跟编码格式有关,可否统一下编码格式?

    问题3:发现一个很奇怪的问题,一个页面第一次打开正常,再次刷新样式就会乱掉,偶发但是相对频繁,基本上刷新3到5次只会有一次是正常的,不报脚本错,只是样式貌似没加载上,不知有人遇到过没有,有什么解决方法?谢谢

    opened by jingxin2015 16
  • 以 fragment 或自定义组件为根元素时,id 修改时无法触发 updated 事件

    以 fragment 或自定义组件为根元素时,id 修改时无法触发 updated 事件

    版本:3.8.5

    代码例子

    // 以 fragment 为根元素,无法触发 updated
<fragment>
  <input id="{{id}}" >
</fragment>

// 以 自定义组件为根元素,也无法触发 updated
<ui-input id="{{id}}" />

// 只有以原生元素为根元素,可以触发 updated
<input id="{{id}}" >

// updated 函数类似
updated: function () {
  this.render();
}

// attached 函数类似
attached: function () {
  if (this.data.get('id')) {
     this.data.set('id', newid());
  }
}

// 后来我以为是 id 名称问题,我把上面的 id 变更名称都改为 compId,也不行,如
<ui-input id="{{compId}}" />

    例子逻辑比较简单,实际会比较复杂,所以做了中间层封装

    对 san 如何处理 id, class, style 这三个特殊变量不甚了解,希望 @errorrik 大大能解惑,谢谢

    opened by zhengmz 15
  • ie8下模板带svg标签会报不支持此属性或者方法

    ie8下模板带svg标签会报不支持此属性或者方法

    首先很高兴有能和san见面了,我们这边的项目要支持ie8,我首先推荐的san,然后就用起来了。

    代码在内网无法搞出来,具体场景就是模板中含有svg时,会报“对象不支持此属性或者方法”。

    目前项目才用的是svg+png兼容方式,提供两套图标,ie就显示png,支持svg的浏览器就用svg,兼容代码如下

    <svg> <image xlink:href='icon.svg' src='icon.png'> </image> </svg>

    而且还有个问题就是模板中svg虽然在其他浏览器下不会报错,但是依然不会显示,只会显示空白。

    opened by mzh1994s 15
  • 初始化数据时ie8报错

    初始化数据时ie8报错

    业务场景

    当子组件需要根据父组件传入的数据来格式化自己的一些默认数据时,会调用一些格式化子组件数据的方法。

    san版本

    3.7.6

    问题

    1.在inited/created/attached三个生命周期钩子函数格式化数据时【就是执行 类似于this.data.set('xxx', ' xxx' )】时,ie8会报错 HTML Parsing Error: Unable to modify the parent container element before the child element is closed (KB927917) 2.格式化方法在以上三个钩子函数中放在 setTimeout 函数中就不会报错。

    期望结果

    在上面的钩子函数中的一个方法里面,正常的格式化数据应该在 ie8上不报错,不需要放到setTimeout里面。

    opened by PreciousDust 15
  • 怎么把数据绑定在attribute的name上

    怎么把数据绑定在attribute的name上

    如:

        template: '<div {{attrName}}>xxxx</div>',
    initData() {
        return {
            attrName: 'disable'
        };
    },

    期望渲染成

    <div disable>xxxx</div>

    但实际渲染成了

    <div attrName>xxxx</div>
    opened by SnailSword 14
  • 如何获得运行时slot是否被插入了内容,插入了什么

    如何获得运行时slot是否被插入了内容,插入了什么 

    <div><slot>default content</slot></div>

    有这么一种需求,slot里面被插入内容时,边框是实线。内容是default content时,边框时虚线。

    这种外部需要基于运行时场景的判断,还是不太容易达到。

    我们可能需要一些方式,来判断?

    opened by errorrik 14
  • [Feature Request] 加入 beforeDetach 生命周期,并允许生命周期钩子中手动控制生命周期向下执行。

    [Feature Request] 加入 beforeDetach 生命周期,并允许生命周期钩子中手动控制生命周期向下执行。

    原因

    在实现 san 的过渡动画 HOC 的过程中,进入阶段可以在 created 和 attached 生命周期中给实例的 el 添加 css hook 来实现淡入效果。但当实例的 san-if 指令变为 false 时,将会自动进行 detach 和 dispose,此时 el 已同步销毁,无法通过插入 css hook 的方法执行淡出动画。

    理想 API 设计

    此段代码仅作抛砖引玉,如果能有更合理的设计或直接将过度动画集成到 core 是缀吼的。

    • 增加 beforeDetach 生命周期,用于在 detach 之前进行一些骚操作。
    • 增加 stopLifeCycle 实例方法,用于阻止当前 life cycle 向下执行。
    • 拟增加 nextLifeCycle 实例方法,手动控制 life cycle 向下执行。
    class SanComponent extends Component {
  async beforeDetach () {
    this.stopLifeCyle()
    await doSomethingAsync()
    this.nextLifeCycle() // 或 this.detach() 
  }
}

    可能引发的问题

    引入了异步的生命周期,可能引发 model 层和视图层不同步的问题。如 san-if 值改变两次后,第一个生命周期还没有结束,导致生命周期混乱。

    opened by Dafrok 14
  • 引入svg标签linearGradient报错

    引入svg标签linearGradient报错

    san版本:3.10.8 代码:

    <template>
        <svg width="300" height="180">
            <defs>
                <linearGradient id="myGradient" gradientTransform="rotate(90)">
                    <stop offset="5%" stop-color="gold" />
                    <stop offset="95%" stop-color="red" />
                </linearGradient>
            </defs>
            <path d="
            M 18,3
            L 46,3
            L 46,40
            L 61,40
            L 32,68
            L 3,40
            L 18,40
            Z
            "></path>
        </svg>
</template>

    报错信息如下: b6f6f5e40c623af266b04868e644a1cd 报错位置: image

    opened by hqqxxf 0
  • 如何使用typescript定义s-ref的类型?

    如何使用typescript定义s-ref的类型?

    在使用ts开发san项目时候遇到了需要通过s-ref指令获取子组件实例并调用子组件上的方法。 类似如下

    <Children s-ref="children"></Children>
// call func 
this.ref("children").func()
// error 类型“Component<{}>”上不存在属性“func”

    ts检测报错,这里有没有好的类型定义方法?

    opened by gnipbao 0
  • Bump qs and body-parser

    Bump qs and body-parser

    Bumps qs and body-parser. These dependencies needed to be updated together. Updates qs from 6.5.2 to 6.5.3

    Changelog

    Sourced from qs's changelog.

    6.5.3

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Fix] utils.merge`: avoid a crash with a null target and a truthy non-array source
    • [Fix] correctly parse nested arrays
    • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
    • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
    • [Fix] when parseArrays is false, properly handle keys ending in []
    • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
    • [Fix] utils.merge: avoid a crash with a null target and an array source
    • [Refactor] utils: reduce observable [[Get]]s
    • [Refactor] use cached Array.isArray
    • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
    • [Refactor] parse: only need to reassign the var once
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
    • [Docs] Clarify the need for "arrayLimit" option
    • [meta] fix README.md (#399)
    • [meta] add FUNDING.yml
    • [actions] backport actions from main
    • [Tests] always use String(x) over x.toString()
    • [Tests] remove nonexistent tape option
    • [Dev Deps] backport from main
    Commits
    • 298bfa5 v6.5.3
    • ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
    • 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
    • 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
    • 12ac1c4 [meta] fix README.md (#399)
    • 0338716 [actions] backport actions from main
    • 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
    • 51b8a0b add FUNDING.yml
    • 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
    • f814a7f [Dev Deps] backport from main
    • Additional commits viewable in compare view

    Updates body-parser from 1.19.0 to 1.20.1

    Release notes

    Sourced from body-parser's releases.

    1.20.0

    1.19.2

    1.19.1

    Changelog

    Sourced from body-parser's changelog.

    1.20.1 / 2022-10-06

    1.20.0 / 2022-04-02

    1.19.2 / 2022-02-15

    1.19.1 / 2021-12-10

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump decode-uri-component from 0.2.0 to 0.2.2

    Bump decode-uri-component from 0.2.0 to 0.2.2

    Bumps decode-uri-component from 0.2.0 to 0.2.2.

    Release notes

    Sourced from decode-uri-component's releases.

    v0.2.2

    • Prevent overwriting previously decoded tokens 980e0bf

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

    v0.2.1

    • Switch to GitHub workflows 76abc93
    • Fix issue where decode throws - fixes #6 746ca5d
    • Update license (#1) 486d7e2
    • Tidelift tasks a650457
    • Meta tweaks 66e1c28

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • 在特定情况下created内的数据操作不生效

    在特定情况下created内的数据操作不生效

    场景:根组件的根元素是另一个有slot的组件,在此slot里面嵌入另一个组件。 操作:在生命周期函数尝试更新数据。 结论:this.data.set写在created无效,在inited和attached里面都有效

    复现demo地址:https://codesandbox.io/s/jovial-gianmarco-ur0tty

    示例代码截图:

    97cfba73915adae2d9b3406be26f1c8f
    opened by asd123freedom 1
  • Bump engine.io and karma

    Bump engine.io and karma

    Bumps engine.io to 6.2.1 and updates ancestor dependency karma. These dependencies need to be updated together.

    Updates engine.io from 3.2.1 to 6.2.1

    Release notes

    Sourced from engine.io's releases.

    6.2.1

    :warning: This release contains an important security fix :warning:

    A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

    Error: read ECONNRESET
    at TCP.onStreamRead (internal/stream_base_commons.js:209:20)
Emitted 'error' event on Socket instance at:
    at emitErrorNT (internal/streams/destroy.js:106:8)
    at emitErrorCloseNT (internal/streams/destroy.js:74:3)
    at processTicksAndRejections (internal/process/task_queues.js:80:21) {
  errno: -104,
  code: 'ECONNRESET',
  syscall: 'read'
}

    Please upgrade as soon as possible.

    Bug Fixes

    • catch errors when destroying invalid upgrades (#658) (425e833)

    6.2.0

    Features

    • add the "maxPayload" field in the handshake details (088dcb4)

    So that clients in HTTP long-polling can decide how many packets they have to send to stay under the maxHttpBufferSize value.

    This is a backward compatible change which should not mandate a new major revision of the protocol (we stay in v4), as we only add a field in the JSON-encoded handshake data:

    0{"sid":"lv_VI97HAXpY6yYWAAAC","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":5000,"maxPayload":1000000}

    Links

    6.1.3

    Bug Fixes

    • typings: allow CorsOptionsDelegate as cors options (#641) (a463d26)
    • uws: properly handle chunked content (#642) (3367440)

    ... (truncated)

    Changelog

    Sourced from engine.io's changelog.

    6.2.1 (2022-11-20)

    :warning: This release contains an important security fix :warning:

    A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

    Error: read ECONNRESET
    at TCP.onStreamRead (internal/stream_base_commons.js:209:20)
Emitted 'error' event on Socket instance at:
    at emitErrorNT (internal/streams/destroy.js:106:8)
    at emitErrorCloseNT (internal/streams/destroy.js:74:3)
    at processTicksAndRejections (internal/process/task_queues.js:80:21) {
  errno: -104,
  code: 'ECONNRESET',
  syscall: 'read'
}

    Please upgrade as soon as possible.

    Bug Fixes

    • catch errors when destroying invalid upgrades (#658) (425e833)

    3.6.0 (2022-06-06)

    Bug Fixes

    Features

    • decrease the default value of maxHttpBufferSize (58e274c)

    This change reduces the default value from 100 mb to a more sane 1 mb.

    This helps protect the server against denial of service attacks by malicious clients sending huge amounts of data.

    See also: https://github.com/advisories/GHSA-j4f2-536g-r55m

    • increase the default value of pingTimeout (f55a79a)

    ... (truncated)

    Commits
    • 24b847b chore(release): 6.2.1
    • 425e833 fix: catch errors when destroying invalid upgrades (#658)
    • 99adb00 chore(deps): bump xmlhttprequest-ssl and engine.io-client in /examples/latenc...
    • d196f6a chore(deps): bump minimatch from 3.0.4 to 3.1.2 (#660)
    • 7c1270f chore(deps): bump nanoid from 3.1.25 to 3.3.1 (#659)
    • 535a01d ci: add Node.js 18 in the test matrix
    • 1b71a6f docs: remove "Vanilla JS" highlight from README (#656)
    • 917d1d2 refactor: replace deprecated String.prototype.substr() (#646)
    • 020801a chore: add changelog for version 3.6.0
    • ed1d6f9 test: make test script work on Windows (#643)
    • Additional commits viewable in compare view

    Updates karma from 4.4.1 to 6.4.1

    Release notes

    Sourced from karma's releases.

    v6.4.1

    6.4.1 (2022-09-19)

    Bug Fixes

    v6.4.0

    6.4.0 (2022-06-14)

    Features

    • support SRI verification of link tags (dc51a2e)
    • support SRI verification of script tags (6a54b1c)

    v6.3.20

    6.3.20 (2022-05-13)

    Bug Fixes

    • prefer IPv4 addresses when resolving domains (e17698f), closes #3730

    v6.3.19

    6.3.19 (2022-04-19)

    Bug Fixes

    • client: error out when opening a new tab fails (099b85e)

    v6.3.18

    6.3.18 (2022-04-13)

    Bug Fixes

    • deps: upgrade socket.io to v4.4.1 (52a30bb)

    v6.3.17

    6.3.17 (2022-02-28)

    Bug Fixes

    • deps: update colors to maintained version (#3763) (fca1884)

    v6.3.16

    ... (truncated)

    Changelog

    Sourced from karma's changelog.

    6.4.1 (2022-09-19)

    Bug Fixes

    6.4.0 (2022-06-14)

    Features

    • support SRI verification of link tags (dc51a2e)
    • support SRI verification of script tags (6a54b1c)

    6.3.20 (2022-05-13)

    Bug Fixes

    • prefer IPv4 addresses when resolving domains (e17698f), closes #3730

    6.3.19 (2022-04-19)

    Bug Fixes

    • client: error out when opening a new tab fails (099b85e)

    6.3.18 (2022-04-13)

    Bug Fixes

    • deps: upgrade socket.io to v4.4.1 (52a30bb)

    6.3.17 (2022-02-28)

    Bug Fixes

    • deps: update colors to maintained version (#3763) (fca1884)

    6.3.16 (2022-02-10)

    Bug Fixes

    • security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

    ... (truncated)

    Commits
    • 0013121 chore(release): 6.4.1 [skip ci]
    • 63d86be fix: pass integrity value
    • 84f7cc3 chore(release): 6.4.0 [skip ci]
    • f2d0663 docs: add integrity parameter
    • dc51a2e feat: support SRI verification of link tags
    • 6a54b1c feat: support SRI verification of script tags
    • 5e71cf5 chore(release): 6.3.20 [skip ci]
    • e17698f fix: prefer IPv4 addresses when resolving domains
    • 60f4f79 build: add Node 16 and 18 to the CI matrix
    • 6ff5aaf chore(release): 6.3.19 [skip ci]
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
Releases(3.12.1)

  • 3.12.1(Jul 19, 2022)

  • 3.12.0(May 16, 2022)

    • 【新特性】- 增加了 template component 的支持,用于纯视图组件
    • 【优化】- 对组件创建过程的预热和事件处理进行了一些小的优化
    Source code(tar.gz)
    Source code(zip)

  • 3.11.3(Apr 25, 2022)

  • 3.11.2(Mar 22, 2022)

  • 3.11.1(Nov 29, 2021)

  • 3.11.0(Nov 25, 2021)

    • 【变更】- 重写了 index.d.ts,提供更强大的类型支持,同时有一些与原先不兼容
    • 【变更】- checkbox 在双向绑定下,选中和非选中的添加删除,使用原始 value 值。对 value 为 number 等类型时有影响
    • 【变更】- 模板 parse 时,取消对 tagName 的小写处理,以允许子组件的 tagName 使用 pascal-case
    • 【优化】- 对 data.set 方法对象遍历过程进行调整,以减少对顺序的影响
    Source code(tar.gz)
    Source code(zip)

  • 3.10.10(Sep 8, 2021)

    • 【bug修复】- 文本中插值为空时,模板解析错误。该问题为 3.10.3 引入
    • 【bug修复】- slot 和 fragment 嵌套或 slot 和 text 相邻时,组件反解可能会出错
    Source code(tar.gz)
    Source code(zip)

  • 3.10.9(Aug 27, 2021)

    • 【bug修复】- 组件根元素应用 s-html 指令无效
    • 【bug修复】- 组件 fire 的 event 参数为 null 时,监听函数接收不到 null 值
    Source code(tar.gz)
    Source code(zip)

  • 3.10.8(Aug 25, 2021)

    【bug修复】- 组件 watch 方法,在变化后的值等于最初值时,监听函数可能不会触发。该问题为 3.10.7 引入

    Source code(tar.gz)
    Source code(zip)

  • 3.10.7(Aug 24, 2021)

    • 【新特性】- 组件增加 error hook 的支持
    • 【新特性】- 组件的 watch 方法,handler 支持第二个参数 {newValue, oldValue, change}
    • 【新特性】- main 入口根据 process.env.NODE_ENV 判断引用的版本
    • 【bug修复】- 元素的 id 属性,当绑定表达式的值为 falsy(false / 0 /'') 时,属性没有正确设置
    • 【bug修复】- 在 IE8-,模板的属性值不支持单引号包裹
    Source code(tar.gz)
    Source code(zip)

  • 3.10.6(Jul 13, 2021)

    • 【优化】- s-is 支持 html 内置标签以及 fragment
    • 【优化】- 模板预热时不再创建 HTMLElement 源节点
    • 【优化】- 优化模板预热的结构与性能
    • 【优化】- nextTick 实现增加对 setImmediate 是否原生方法的判断
    • 【bug修复】- 忽略模板解析时尾部多余的空文本节点。该问题为 3.10.3 引入
    Source code(tar.gz)
    Source code(zip)

  • 3.10.5(Jun 24, 2021)

  • 3.10.4(Jun 18, 2021)

  • 3.10.3(Apr 30, 2021)

  • 3.10.2(Apr 5, 2021)

    • 【新特性】- 为组件实例创建时,增加 construct 钩子
    • 【bug修复】- 当组件的根为异步组件时,视图更新错误
    • 【优化】- 优化 updated 钩子的调用
    • 【删除】- 删除组件的 _callHook 方法
    Source code(tar.gz)
    Source code(zip)

  • 3.10.1(Jan 4, 2021)

    • 【优化】- 模板预热过程,删除不必要的对象复制
    • 【新特性】- dev 模式增加 before 生命周期钩子,应用于 devtools
    • 【bug修复】- s-is 动态组件更新时,如果组件类型发生变化,视图更新错误
    Source code(tar.gz)
    Source code(zip)

  • 3.10.0(Nov 4, 2020)

    • 【新特性】- 支持通过 s-is,声明动态组件类型
    • 【删除】- 移除 getComponentType 的支持,该特性从未正式开放。动态组件支持请使用 s-is
    • 【优化】- 优化模板中标签属性的解析效率
    Source code(tar.gz)
    Source code(zip)

  • 3.9.5(Oct 29, 2020)

  • 3.9.4(Sep 8, 2020)

  • 3.9.3(Sep 2, 2020)

    • 【新特性】- 支持 s-show 指令,用于控制元素的显示/隐藏
    • 【优化】- 对 text 解析结果进行微调,优化文本渲染性能
    • 【优化】- UC浏览器 13.1.0 正则反向引用对中文字符支持有问题,导致模板解析异常(合并 3.8.7 的优化)
    • 【bug修复】- 元素属性中的插值包含 raw 声明时,插值表达式被提取导致 raw 声明信息丢失(合并 3.8.6 的修复)
    Source code(tar.gz)
    Source code(zip)

  • 3.9.2(Jul 13, 2020)

  • 3.9.1(Jul 11, 2020)

    • 【bug修复】- &nbsp; 被解析为 \u0020(space),修复为 \u00a0(non-breaking space)
    • 【优化】- SanData#get() 支持类型参数 data.get<string>()
    Source code(tar.gz)
    Source code(zip)

  • 3.9.0(Jun 22, 2020)

    • 【新特性】- 数据 Data 对象新增 assign 方法
    • 【新特性】- 支持组件 ANode 压缩和解压
    • 【变更】- 移除 compileComponent 方法,增加 parseComponentTemplate 方法
    • 【变更】- 删除组件不必要的 subTag 属性,可从 source.tagName 取得
    • 【优化】- template 的节点属性声明支持不以 "' 包围,提升 html 兼容性
    • 【优化】- 对组件 template 编译的 ANode 信息进行了精简和微调
    • 【优化】- trackBy 循环更新时,如果循环目标是普通节点,对乱序节点进行复用,避免丢弃重建
    • 【bug修复】- 当组件根节点不为 HTMLElement 时,attached 中的数据变更,未触发视图更新
    Source code(tar.gz)
    Source code(zip)

  • 3.8.5(May 20, 2020)

    • 【bug修复】- ie10 和 ie11 下,placeholder 属性可能触发多余的 input 事件,导致组件数据被重置
    • 【bug修复】- 子组件作为父组件根元素时,子组件渲染可能包含多余的 id / style / class 属性
    • 【bug修复】- 使用了 s-bind 的组件位于 slot 中时,在视图二次更新时可能会发生运行时错误
    Source code(tar.gz)
    Source code(zip)

  • 3.8.4(May 11, 2020)

    • 【bug修复】- 组件根元素不是 HTMLElement 时,无法 detach 和 re-attach
    • 【bug修复】- button 的 type 属性,当为单插值声明并值为 null 或 undefined 时,无法被移除
    Source code(tar.gz)
    Source code(zip)

  • 3.8.3(May 6, 2020)

    • 【新特性】- 支持虚拟节点作为组件根元素
    • 【新特性】- 支持组件作为组件根元素
    • 【新特性】- 组件根元素支持应用 for 指令
    • 【优化】- 渲染过程对常用元素的创建进行优化,减少工厂方法调用
    Source code(tar.gz)
    Source code(zip)

  • 3.8.2(Apr 20, 2020)

  • 3.8.1(Jan 17, 2020)

  • 3.8.0(Dec 19, 2019)

    • 【变更】- 元素属性声明为单插值表达式时,如果值为 null 或 undefined,属性被移除
    • 【优化】- ie8- 下对 svg 标签创建进行健壮性处理,避免运行时错误
    • 【bug修复】- 组件根元素无法应用 s-bind
    • 【bug修复】- 双向绑定表达式中间带有动态 ACCESSOR 并发生变化后,可能绑定到错误的目标数据
    • 【bug修复】- 异步组件的结果组件未准备好时更新视图,出现运行错误
    • 【bug修复】- 更新模板解析 keygen / meta / link 标签的自闭合规则
    Source code(tar.gz)
    Source code(zip)

  • 3.7.9(Sep 16, 2019)

    • 【优化】- 模板解析 tagStart 正则优化,避免错判 lt 后数字的场景
    • 【bug修复】- 应用了 trackBy 的 for 指令,列表数据更新时,index 可能不被更新,导致视图渲染错误
    Source code(tar.gz)
    Source code(zip)
Owner
Baidu
Baidu Open Source Projects
Baidu
GitHub https://baidu.github.io/san/
A one-of-a-kind resume builder that keeps your privacy in mind. Completely secure, customizable, portable, open-source and free forever. Try it out today!

A free and open source resume builder. Go to App What is this app all about? Reactive Resume is a free and open source resume builder that’s built to

Reactive Resume 9.7k Jan 3, 2023
A highly portable first person 3D game playable on Desktop or Web!

rust-game Interfaces (*_interface/) are immediately human-playable versions of the game. They use single_player simulations of the game, which in turn

Gerald Nash 2 Jun 7, 2022
Portable Activity Timeline that draws the Timeline based on data given in JSON or CSV format

Portable Activity Timeline that draws the Timeline based on data given in JSON or CSV format. By clicking on any activity a detailed modal window is displayed. Initially developed for post incident investigations to get a overview of the situation in an it-environment.

Daniel 5 Oct 11, 2022
Functions and objects that make it easier to add fields to Portable Text editors for accessibility meta information, like language changes or abbreviations.

Porta11y Porta11y is a collection of accessibility-focused annotations, decorators and validators for Sanity’s Portable Text editor. Portable Text is

Hidde de Vries 21 Aug 25, 2022
Portable, cross platform Stable Diffusion UI

FusionKit Releases FusionKit is a self-contained cross-platform app for generating images with Stable Diffusion. It leverages the InvokeAI project to

FusionKit 13 Dec 17, 2022
Automated testing for single-page applications (SPAs). Small, portable, and easy to use. Click on things, fill in values, await for things exist, etc.

SPA Check Automated testing for single-page applications (SPAs). Small, portable, and easy to use. Click on things, fill in values, await for things e

Cory Leigh Rahman 5 Dec 23, 2022
A dependency-free JavaScript ES6 slider and carousel. It’s lightweight, flexible and fast. Designed to slide. No less, no more

Glide.js is a dependency-free JavaScript ES6 slider and carousel. It’s lightweight, flexible and fast. Designed to slide. No less, no more What can co

null 6.7k Jan 3, 2023
Simple yet flexible charting Lightning Web Component using Chart.js for admins & developers

Lightning Web Chart.js Component Simple yet flexible charting Lightning Web Component using Chart.js for admins & developers Documentation Getting sta

@SalesforceLabs 109 Dec 9, 2022
A flexible, memory compact, fast and dynamic CSG implementation on top of three-mesh-bvh

three-bvh-csg An experimental, in progress, flexible, memory compact, fast and dynamic CSG implementation on top of three-mesh-bvh. More than 100 time

Garrett Johnson 208 Jan 5, 2023
Component oriented framework with Virtual dom (fast, stable, with tooling)

Bobril Main site bobril.com Changelog of npm version: https://github.com/Bobris/Bobril/blob/master/CHANGELOG.md Component oriented framework inspired

Boris Letocha 359 Dec 4, 2022
LazyLoad is a lightweight, flexible script that speeds up your website by deferring the loading of your below-the-fold images, backgrounds, videos, iframes and scripts to when they will enter the viewport. Written in plain "vanilla" JavaScript, it leverages IntersectionObserver, supports responsive images and enables native lazy loading.

LazyLoad is a lightweight (2.4 kB) and flexible script that speeds up your web application by deferring the loading of your below-the-fold images, vid

Andrea Verlicchi 7.1k Jan 2, 2023
Flexible JavaScript library for creating squircley magic ✨

squircley.js squircley.js is the core squirclular magic ✨ from https://squircley.app wrapped up into a simple, 0 dependency JavaScript library. squirc

George Francis 87 Dec 24, 2022
A flexible and extensible javascript library for letters animation simulations.

LetterLoading LetterLoading js is a javascript library for making awesome letter simulations. It default simulation is a letter loading simulation. Co

kelvinsekx 5 Mar 22, 2022
This simple project, show how work with async Fetch, function component and class component

Getting Started with Create React App This project was bootstrapped with Create React App. Available Scripts In the project directory, you can run: np

DaliyaAsel 2 Feb 17, 2022
dynamic-component-app is an angular application for dynamic component template creation

MyApp This project was generated with Angular CLI version 14.1.0. Development server Run ng serve for a dev server. Navigate to http://localhost:4200/

Aniket Muruskar 7 Aug 26, 2022
Easy and flexible jQuery tabbed functionality without all the styling.

JQuery EasyTabs Plugin Tabs with(out) style. EasyTabs creates tabs with all the functionality, no unwanted changes to your markup, and no hidden styli

Steve Schwartz 553 Nov 23, 2022
Modern, Flexible Starknet Dapp Template

cairopal • Modern, Flexible Starknet Dapp Template. Developing Clone the repository git clone [email protected]:a5f9t4/cairopal.git cd cairopal Install D

andreas 38 Sep 28, 2022
A fixed-width file format toolset with streaming support and flexible options.

fixed-width A fixed-width file format toolset with streaming support and flexible options. Features Flexible: lot of options Zero dependencies: small

Evologi Srl 6 Jul 14, 2022
Flexible survey webapp with multi-languages support

Civic-echo Civic-echo is a light app used for dynamic survey generation based on YAML files. Coupled with DeepL, it can handle multiple languages easi

Octree 4 Jul 4, 2022