
Security News
GitHub Actions Supply Chain Attack Puts Thousands of Projects at Risk
A compromised GitHub Action exposed secrets in CI/CD logs, putting thousands of projects at risk and forcing developers to urgently secure their workflows.
@douyinfe/semi-foundation
Advanced tools
> The infrastructure layer is used to build modern component libraries.
The infrastructure layer is used to build modern component libraries.
Semi UI adopts a set of cross-front-end framework technical solutions to split the JavaScript of each component into two parts: Foundation
and Adapter
.
This allows us to reuse Foundation code across frameworks by only re-implementing the adapter, e.g, React and Vue. Quickly build common component libraries on different platforms.
Foundation
Foundation
contains the business logic that best represents Semi Design
without actually referencing any DOM elements. Foundation
delegates Adapter
methods for any logic that requires DOM manipulation
Adapter
Adapter
is an interface that has all the methods needed by Foundation
to implement Semi Design
business logic. Adapter
can have many implementations, allowing interoperability with different frameworks.
├── semi-foundation // Foundation and Stylesheet of component
│ ├── utils
│ └── tooltip
│ ├── constants.js // Constant definition, including numbers, strings, cssClass
│ ├── foundation.js // Core foundation
│ ├── tooltip.scss // Stylesheet
│ ├── mixin.scss // Scss mixin
│ ├── rtl.scss // Rtl
│ ├── variables.scss // Scss variable
MIT
FAQs
> The infrastructure layer is used to build modern component libraries.
The npm package @douyinfe/semi-foundation receives a total of 4,802 weekly downloads. As such, @douyinfe/semi-foundation popularity was classified as popular.
We found that @douyinfe/semi-foundation demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A compromised GitHub Action exposed secrets in CI/CD logs, putting thousands of projects at risk and forcing developers to urgently secure their workflows.
Research
Security News
A malicious Maven package typosquatting a popular library is secretly stealing OAuth credentials on the 15th of each month, putting Java developers at risk.
Security News
Socket and Seal Security collaborate to fix a critical npm overrides bug, resolving a three-year security issue in the JavaScript ecosystem's most popular package manager.