Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@qooxdoo/framework
Advanced tools
qooxdoo is a universal JavaScript framework that enables you to create applications for a wide range of platforms. With its object-oriented programming model you build rich, interactive applications (RIAs), native-like apps for mobile devices, light-weight traditional web applications or even applications to run outside the browser.
You leverage its integrated tool chain to develop and deploy applications of any scale, while taking advantage of modern web technologies like HTML5 and CSS3, its comprehensive feature set and a state-of-the-art GUI toolkit. qooxdoo is open source under liberal licenses, led by a dedicated developer team, with a vibrant community.
For more information please see http://qooxdoo.org .
qooxdoo may be used under the terms of the MIT License.
It is easy to get started with qooxdoo. For detailed information please see our Get Started Guide.
If you develop with qooxdoo, you would normally use a stable
NPM release, which,
since v6.0.0, contains the compiler and the CLI called with with
npx qx <command>
.
In contrast, if you want to be hacking qooxdoo itself, please refer to our documentation.
There are many ways you can contribute to qooxdoo, ranging from providing feedback, making translations, providing a custom library to full-blown patches to the code. Please check our web site for details. Mind that for every patch to the repository we require an open bug in our issue tracker, and that commits to the repository will fall under qooxdoo's license terms.
Qooxdoo source code is hosted on github/qooxdoo and we use the standard Issue Tracker and Pull Requests feature.
Online chat is available via Gitter at https://gitter.im/qooxdoo/qooxdoo (or using one of the Gitter desktop or mobile clients) - the core team hang out there, as do other developers who use Qooxdoo.
Documentation
Online Demos http://qooxdoo.org/demos
API Documentation http://qooxdoo.org/api
FAQs
The JS Framework for Coders
We found that @qooxdoo/framework demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.