🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@kqinfo/ui

Package Overview
Dependencies
Maintainers
1
Versions
738
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@kqinfo/ui

[![NPM version][npm-image]][npm-url] [![Test coverage][codecov-image]][codecov-url] [![npm download][download-image]][download-url]

npmnpm
Version
1.17.4-alpha.2
Version published
Weekly downloads
265
99.25%
Maintainers
1
Weekly downloads
 
Created
Source

凯桥 UI

NPM version Test coverage npm download

使用

$ yarn add @kqinfo/ui

按需加载

安装babel-plugin-import插件

$ yarn add babel-plugin-import -D

修改babel.config.js文件

// babel.config.js
module.exports = {
  plugins: [
+    [
+      'import',
+      {
+        libraryDirectory: 'es',
+        libraryName: '@kqinfo/ui'
+      },
+      '@kqinfo/ui'
+    ]
  ]
};

定制主题

修改remax.config.js文件

module.exports = {
  ...
-  plugins: [less()],
+  plugins: [
+   less({
+     lessOptions: {
+       modifyVars: { '@brand-primary': '#2780d9', '@brand-attract': '#ff9d46' },
+       javascriptEnabled: true
+     }
+   })
+ ]
  ...
};

修改app.tsx文件

+import { ConfigProvider } from '@kqinfo/ui';

const App = (props) => {
-  return props.children;
+  return <ConfigProvider brandAttract={'#ff9d46'} brandPrimary={'#2780d9'}>{props.children}</ConfigProvider>;
};

Icon更新

更新ali图标库后,将其地址复制到根目录下iconfont相关的json中替换。然后执行yarn icon

使用源安装

在项目根目录添加.npmrc文件

canvas_binary_host_mirror=https://npm.taobao.org/mirrors/canvas/
sass_binary_site=https://npm.taobao.org/mirrors/node-sass/
phantomjs_cdnurl=https://npm.taobao.org/mirrors/phantomjs/
electron_mirror=https://npm.taobao.org/mirrors/electron/
chromedriver_cdnurl=https://npm.taobao.org/mirrors/chromedriver/
sentrycli_cdnurl=https://cdn.npm.taobao.org/dist/sentry-cli
cypress_download_mirror=https://npm.taobao.org/mirrors/cypress/

yarn安装的话添加.yarnrc文件

canvas_binary_host_mirror: https://npm.taobao.org/mirrors/canvas
registry: https://registry.npm.taobao.org
ENTRYCLI_CDNURL: https://cdn.npm.taobao.org/dist/sentry-cli
sentrycli_cdnurl: https://cdn.npm.taobao.org/dist/sentry-cli

开发

安装依赖

$ yarn

启动服务

$ yarn start

本地调试

启动调试

$ yarn dev

本地连接

$ yarn link

本地项目调试

$ yarn link @kqinfo/ui

编写测试

开发注意项

  • fork到自己名下,再提merge request
  • 样式不要嵌套
  • 样式用less-modules
  • 表单组件暴露valueonChange
  • 不要用图片当icon
  • 尽量暴露节点的class,缩写用cls,比如暴露子项类名就用itemCls
  • 例子尽量写多点

FAQs

Package last updated on 16 Oct 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Critical Security Vulnerability in React Server Components

Security News

Critical Security Vulnerability in React Server Components

React disclosed a CVSS 10.0 RCE in React Server Components and is advising users to upgrade affected packages and frameworks to patched versions now.

By Sarah Gooding  -  Dec 03, 2025