Research
Security News
Malicious PyPI Package ‘pycord-self’ Targets Discord Developers with Token Theft and Backdoor Exploit
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
@base-ui-components/react
Advanced tools
Base UI is a library of headless ('unstyled') React components and low-level hooks. You gain complete control over your app's CSS and accessibility features.
Base UI is a library of unstyled React components. You gain complete control over your app's CSS and accessibility features.
Install the package in your project directory with:
npm install @base-ui-components/react
Visit base-ui.com to view the full documentation.
For how-to questions that don't involve making changes to the code base, please use Stack Overflow instead of GitHub issues. Use the "base-ui" tag on Stack Overflow to make it easier for the community to find your question.
Read the contributing guide to learn about our development process, how to propose bug fixes and improvements, and how to build and test your changes.
Contributing to Base UI is about more than just issues and pull requests! There are many other ways to support Base UI beyond contributing to the code base.
The changelog is regularly updated to reflect what's changed in each new release.
Future plans and high-priority features and enhancements can be found in the roadmap.
This project is licensed under the terms of the MIT license.
For details of supported versions and contact details for reporting security issues, please refer to the security policy.
FAQs
Base UI is a library of headless ('unstyled') React components and low-level hooks. You gain complete control over your app's CSS and accessibility features.
We found that @base-ui-components/react demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.