Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
@axelspringer/vue
Advanced tools
Supporting Vue.js
Vue.js is an MIT-licensed open source project. It's an independent project with its ongoing development made possible entirely thanks to the support by these awesome backers. If you'd like to join them, please consider:
- Become a backer or sponsor on Patreon.
- Become a backer or sponsor on Open Collective.
- One-time donation via PayPal or crypto-currencies.
What's the difference between Patreon and OpenCollective?
Funds donated via Patreon go directly to support Evan You's full-time work on Vue.js. Funds donated via OpenCollective are managed with transparent expenses and will be used for compensating work and expenses for core team members or sponsoring community events. Your name/logo will receive proper recognition and exposure by donating on either platform.
Special Sponsors
|
|
|
Sponsors via Patreon
Platinum
|
|
|
Gold
|
|
|
|
|
|
|
|
|
|
|
|
|
| ||||
Sponsors via Open Collective
Platinum
Gold
Introduction
Vue (pronounced /vjuː/, like view) is a progressive framework for building user interfaces. It is designed from the ground up to be incrementally adoptable, and can easily scale between a library and a framework depending on different use cases. It consists of an approachable core library that focuses on the view layer only, and an ecosystem of supporting libraries that helps you tackle complexity in large Single-Page Applications.
Browser Compatibility
Vue.js supports all browsers that are ES5-compliant (IE8 and below are not supported).
Ecosystem
| Project | Status | Description |
|---|---|---|
| vue-router |  | Single-page application routing |
| vuex |  | Large-scale state management |
| vue-cli |  | Project scaffolding |
| vue-loader |  | Single File Component (*.vue file) loader for webpack |
| vue-server-renderer |  | Server-side rendering support |
| vue-class-component |  | TypeScript decorator for a class-based API |
| vue-rx |  | RxJS integration |
| vue-devtools |  | Browser DevTools extension |
Documentation
To check out live examples and docs, visit vuejs.org.
Questions
For questions and support please use the the official forum or community chat. The issue list of this repo is exclusively for bug reports and feature requests.
Issues
Please make sure to read the Issue Reporting Checklist before opening an issue. Issues not conforming to the guidelines may be closed immediately.
Changelog
Detailed changes for each release are documented in the release notes.
Stay In Touch
Contribution
Please make sure to read the Contributing Guide before making a pull request. If you have a Vue-related project/component/tool, add it with a pull request to this curated list!
Thank you to all the people who already contributed to Vue!
License
Copyright (c) 2013-present, Yuxi (Evan) You
Keywords
FAQs
Reactive, component-oriented view layer for modern web interfaces.
We found that @axelspringer/vue demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Package last updated on 08 Jun 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025