Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@dataview/datav-vue3
Advanced tools
Vue3 Large screen data display component library
克隆仓库
// https
git clone https://github.com/DataV-Team/DataV-Vue3.git
// ssh
git clone git@github.com:DataV-Team/DataV-Vue3.git
安装依赖
yarn
启动
yarn dev
目前以 rebase 的方式向 main 分支合并代码,以开发一个 feat 为例:
从 main 分支切出 feat 分支
git checkout -b feat/user/feature
提交代码
git add .
git commit -m 'feat: some feature'
git push
创建 Pull Request
在 GitHub Pull Request 创建 PR,开发中的 feat title 应添加 WIP 标记,已完成的 feat 则不需要
Code Review
目前需要一个 Approve 才允许合并,代码完成后,应进行 CR,并处理 Comments
向 commit 追加代码
用于处理 CR Comments 以及其他场景的追加代码
FYI:如果确有必要可以再添加一个 commit,一般情况为了确保 history 精简,一个 feat 应只有一个 commit
git add .
git commit --amend
git push -f
合并代码
可以在 PR 中选择 auto merge,auto merge 可以在 PR 通过 CI 以及 CR 后自动合并
FAQs
Vue3 Large screen data display component library
The npm package @dataview/datav-vue3 receives a total of 98 weekly downloads. As such, @dataview/datav-vue3 popularity was classified as not popular.
We found that @dataview/datav-vue3 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.