axitech-widget 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -18
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -8,21 +8,6 @@ Sooner or later, you will find that creating a component library is much better
|
|
|
8
8
|
|
|
9
9
|
Once the components are in a library, documentation becomes critical. This starter project includes a documentation app powered by VitePress. It not only documents the usage of the component, but also provides a testing bed during the development of components. See the generated documentation app [here](https://sharp-babbage-154f0a.netlify.com/).
|
|
10
10
|
|
|
11
|
-
## Check for vulnerabilities before deploying
|
|
12
|
-
|
|
13
|
-
Check SonarCloud for code vulnerabilities
|
|
14
|
-
|
|
15
|
-
Check Dependabot to find and fix vulnerabilities in dependencies https://docs.github.com/en/code-security/dependabot/working-with-dependabot
|
|
16
|
-
|
|
17
|
-
e.g Found here:
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
Check code against OWASP security tips e.g. https://cheatsheetseries.owasp.org/cheatsheets/Third_Party_Javascript_Management_Cheat_Sheet.html, https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html, https://cheatsheetseries.owasp.org/cheatsheets/NPM_Security_Cheat_Sheet.html, https://cheatsheetseries.owasp.org/cheatsheets/Laravel_Cheat_Sheet.html, https://cheatsheetseries.owasp.org/cheatsheets/PHP_Configuration_Cheat_Sheet.html
|
|
23
|
-
etc
|
|
24
|
-
|
|
25
|
-
|
|
26
11
|
## Setup
|
|
27
12
|
|
|
28
13
|
> When running `docs:dev` for the first time, you may encounter error like `vitepress data not properly injected in app` in your browser. Restart the server and reload the browser. Please refer to [issue #30](https://github.com/wuruoyun/vue-component-lib-starter/issues/30) for more details.
|
|
@@ -79,7 +64,7 @@ module.exports = {
|
|
|
79
64
|
dedupe: ['vue'],
|
|
80
65
|
},
|
|
81
66
|
},
|
|
82
|
-
}
|
|
67
|
+
};
|
|
83
68
|
```
|
|
84
69
|
|
|
85
70
|
> In [vite.config.ts](vite.config.ts), format 'umd' is not present in `build.lib.formats` option
|
|
@@ -118,7 +103,7 @@ If you have your own special set of SVG icons, you may create a font file (`.wof
|
|
|
118
103
|
The client app shall import `style.css`, usually in the entry file:
|
|
119
104
|
|
|
120
105
|
```js
|
|
121
|
-
import 'axitech-widget/dist/style.css'
|
|
106
|
+
import 'axitech-widget/dist/style.css';
|
|
122
107
|
```
|
|
123
108
|
|
|
124
109
|
### Third-party dependencies
|
|
@@ -147,7 +132,7 @@ The dependency to be externalized may be declared as peer dependency in your lib
|
|
|
147
132
|
If you don't expect the client app of your library also needing the same dependency, you may embed cherry-picked functions. For example, to embed the `fill` function of popular library [lodash](https://lodash.com), import the `fill` function like the following:
|
|
148
133
|
|
|
149
134
|
```js
|
|
150
|
-
import fill from 'lodash/fill'
|
|
135
|
+
import fill from 'lodash/fill';
|
|
151
136
|
```
|
|
152
137
|
|
|
153
138
|
Even with tree-shaking, the codes being brought into your library may still be large, as the function may have its own dependencies.
|