
Research
/Security News
Compromised npm Packages in the AsyncAPI Namespace Deliver Miasma Botnet Loader
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.
@m860/cerberus
Advanced tools
react-native微应用/微组件纯JS解决方案
安装cerberus-cli
$ npm i -D @m860/cerberus-cli
添加cerberus-cli配置文件 配置参数
$ touch cbs.json
启动本地服务
$ npx cbs start cbs.json
安装cerberus
$ npm i @m860/cerberus
使用useCerberus加载
import * as React from "react"
import {useCerberus} from "@m860/cerberus"
export default function(){
const [status,defined]=useCerberus({
entry:"http://localhost:9000/main.js"
});
if(defined){
const {default:App}=defined;
return <App/>
}
return null;
}
NOTE: 目前只支持hooks
const CerberusStatusCode = {
// 准备
prepare: 0,
// 下载中
downloading: 10,
// 编译中
compiling: 20,
// 错误
error: 90,
// 成功
success: 100
};
type CerberusOption = {
/**
* 入口文件,例如:http://DOMAIN/main.js
*/
entry: ?string
| ?{ url: string, option?: Object },
/**
* 需要注入到小程序的module
*/
injectModules?: ()=>Object,
/**
* 默认需要执行的代码
*/
defaultCode?: string
};
type CerberusState = {
status: $Values<typeof CerberusStatusCode>,
error: ?Error
};
type useCerberus=(option:CerberusOption)=>[CerberusState,any]
type ConfigOption={
// 同webpack.mode
mode:string,
// 同webpack.entry
entry:any,
// 同webpack.output
output:any,
/**
* 需要替换的module
*
* @example
* {
* cerberusTransformOption:{
* modules:["dateformat"]
* }
* }
*
*/
cerberusTransformOption:{
modules:Array<string>,
/**
* 需要处理的资源文件的正则表达式,默认:/\.(gif|png|jpeg|jpg|svg)$/i
*/
resourceTest?:?RegExp
}
}
图片没有显示出来
cli在编译的时候将本地引用的图片编译为uri的方式,所以必须设置width和height才能够正常显示
<Image source={require("image.png")} style={{width:100,height:100}}/>
FAQs
react-native小程序
The npm package @m860/cerberus receives a total of 2 weekly downloads. As such, @m860/cerberus popularity was classified as not popular.
We found that @m860/cerberus demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.