
Security News
Next.js Patches Critical Middleware Vulnerability (CVE-2025-29927)
Next.js has patched a critical vulnerability (CVE-2025-29927) that allowed attackers to bypass middleware-based authorization checks in self-hosted apps.
@b-design/fusion
Advanced tools
Supply Chain Security
Vulnerability
Quality
Maintenance
License
B-Design 是阿里云推出的一套面向企业服务领域的设计系统,为阿里云生态及合作伙伴的 SaaS 系统上云提供标准化的设计规范和产品解决方案。作为云计算生态的一部分,B-Design 开放给所有阿里云伙伴和客户,帮助企业完成自己的产品设计与构建。
目前组件库处于内测期(beta), 请留意版本的变化与迭代。
npm i @b-design/fusion -S
引用组件
import { Button } from '@b-design/fusion';
引用样式
import '@b-design/fusion/dist/theme/variables.blue.css'; // 引入指定主题包样式文件
import '@alifd/next/dist/next-noreset.var.min.css'; // 引入@alifd/next指定样式文件
import '@b-design/fusion/dist/index.css'; // 引入@b-design/fusion全量组件样式文件
更多使用方式及详细说明,见官网。
FAQs
A configurable component library for web built on React.
The npm package @b-design/fusion receives a total of 93 weekly downloads. As such, @b-design/fusion popularity was classified as not popular.
We found that @b-design/fusion demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Next.js has patched a critical vulnerability (CVE-2025-29927) that allowed attackers to bypass middleware-based authorization checks in self-hosted apps.
Security News
A survey of 500 cybersecurity pros reveals high pay isn't enough—lack of growth and flexibility is driving attrition and risking organizational security.
Product
Socket, the leader in open source security, is now available on Google Cloud Marketplace for simplified procurement and enhanced protection against supply chain attacks.