Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
@innodata/react-yandex-maps
Advanced tools
Readme
Yandex.Maps JS API bindings for React
You can find the documentation at https://react-yandex-maps.now.sh
Feel free to submit issues and/or PRs if you found bugs 🐞 or have some features in mind! The documentation improvements will be super appreciated, if you feel that docs are lacking in some places 📝👩🔬
If you want to work on the library locally:
npm install
dist
foldernpm run dev
cd docs && npm install
npm run dev
If everything went well, you now have documentation running on
http://localhost:3000
You can find special sandbox page on
http://localhost:3000/sandbox
Now you can make changes to the library and see them applied to the sandbox in real time.
When you commit changes, eslint will make sure that there are no linting errors and prettier will format your code based on the repo settings.
When you push changes, jest will run a set of unit tests to make sure that all of them are passing.
Thanks to all contributors for help with supporting the library
Thanks to @effrenus and his yandex-map-react for inspiring this library
FAQs
Yandex.Maps API bindings for React
The npm package @innodata/react-yandex-maps receives a total of 0 weekly downloads. As such, @innodata/react-yandex-maps popularity was classified as not popular.
We found that @innodata/react-yandex-maps demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.