Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@coreui/react
Advanced tools
React.js Components Library built on top of Bootstrap 5 and TypeScript.
Explore CoreUI for React.js docs »
Report bug
·
Request feature
·
Blog
Several quick start options are available:
git clone https://github.com/coreui/coreui-react.git
npm install @coreui/react
yarn add @coreui/react
Read the Getting started page for information on the framework contents, templates and examples, and more.
React components are styled using @coreui/coreui
CSS library, but you can use them also with bootstrap CSS library. That is possible because @coreui/coreui
library is compatible with bootstrap, it just extends its functionalities. The only exception are custom CoreUI components, which don't exist in the Bootstrap ecosystem.
yarn add @coreui/coreui
or
npm install @coreui/coreui --save
import '@coreui/coreui/dist/css/coreui.min.css'
yarn add bootstrap
or
npm install bootstrap
import "bootstrap/dist/css/bootstrap.min.css";
Have a bug or a feature request? Please first read the issue guidelines and search for existing and closed issues. If your problem or idea is not addressed yet, please open a new issue.
The documentation for the CoreUI & CoreUI PRO is hosted at our website CoreUI for React
yarn install
or npm install
to install the Node.js dependencies.yarn bootstrap
or npm run bootstrap
to link local packages together and install remaining package dependencies.yarn docs:dev
or npm run docs:dev
(or a specific npm script) to rebuild distributed CSS and JavaScript files, as well as our docs assets.http://localhost:8000/
in your browser, and voilà.CoreUI supports most popular frameworks.
Fully featured, out-of-the-box, templates for your application based on CoreUI.
Please read through our contributing guidelines. Included are directions for opening issues, coding standards, and notes on development.
Editor preferences are available in the editor config for easy use in common text editors. Read more and download plugins at https://editorconfig.org/.
Stay up to date on the development of CoreUI and reach out to the community with these helpful resources.
You can also follow @core_ui on Twitter.
For transparency into our release cycle and in striving to maintain backward compatibility, CoreUI is maintained under the Semantic Versioning guidelines.
See the Releases section of our project for changelogs for each release version.
Łukasz Holeczek
Andrzej Kopański
The CoreUI Team
CoreUI is an MIT-licensed open source project and is completely free to use. However, the amount of effort needed to maintain and develop new features for the project is not sustainable without proper financial backing. You can support development by buying the CoreUI PRO or by becoming a sponsor via Open Collective.
Support this project by becoming a Platinum Sponsor. A large company logo will be added here with a link to your website.
Support this project by becoming a Gold Sponsor. A big company logo will be added here with a link to your website.
Support this project by becoming a Silver Sponsor. A medium company logo will be added here with a link to your website.
Support this project by becoming a Bronze Sponsor. The company avatar will show up here with a link to your OpenCollective Profile.
Thanks to all the backers and sponsors! Support this project by becoming a backer.
Copyright 2024 creativeLabs Łukasz Holeczek. Code released under the MIT License. Docs released under Creative Commons.
FAQs
UI Components Library for React.js
We found that @coreui/react demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.