![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@uppy/dashboard
Advanced tools
Package description
@uppy/dashboard is a versatile file uploader UI plugin for Uppy, a modular file uploader for web applications. It provides a drag-and-drop interface, file previews, and progress indicators, making it easy to integrate file uploading capabilities into your web application.
Drag-and-Drop File Upload
This feature allows users to drag and drop files into a designated area for uploading. The code sample demonstrates how to set up the Uppy Dashboard with drag-and-drop functionality.
const Uppy = require('@uppy/core');
const Dashboard = require('@uppy/dashboard');
const uppy = Uppy();
uppy.use(Dashboard, {
target: '#drag-drop-area',
inline: true
});
File Previews
This feature provides previews of the files that are being uploaded. The code sample shows how to configure the Uppy Dashboard to display file previews and upload progress details.
const Uppy = require('@uppy/core');
const Dashboard = require('@uppy/dashboard');
const uppy = Uppy();
uppy.use(Dashboard, {
target: '#file-preview-area',
inline: true,
showLinkToFileUploadResult: true,
showProgressDetails: true
});
Progress Indicators
This feature shows progress indicators for file uploads. The code sample demonstrates how to set up the Uppy Dashboard to display detailed progress indicators for each file being uploaded.
const Uppy = require('@uppy/core');
const Dashboard = require('@uppy/dashboard');
const uppy = Uppy();
uppy.use(Dashboard, {
target: '#progress-indicator-area',
inline: true,
showProgressDetails: true
});
react-dropzone is a simple React component for creating a file dropzone. It provides a basic drag-and-drop interface for file uploads but lacks the advanced features and customization options available in @uppy/dashboard.
fine-uploader is a comprehensive JavaScript library for file uploads. It offers a wide range of features, including drag-and-drop, file previews, and progress indicators, similar to @uppy/dashboard. However, it is not as modular and may require more configuration.
dropzone is a popular JavaScript library for drag-and-drop file uploads. It provides a straightforward API and a customizable UI, but it does not offer the same level of modularity and extensibility as @uppy/dashboard.
Changelog
1.10.0
| Package | Version | Package | Version | |-|-|-|-| | @uppy/companion | 1.10.0 | uppy | 1.10.0 |
This release offers a bunch of Companion improvements and bug fixes.
endpoint
and region
to AWS SDK constructor (#2113 / @goto-bus-stop)Readme
Dashboard is a universal UI plugin for Uppy:
Uppy is being developed by the folks at Transloadit, a versatile file encoding service.
const Uppy = require('@uppy/core')
const Dashboard = require('@uppy/dashboard')
const uppy = Uppy()
uppy.use(Dashboard, {
target: 'body',
inline: true
})
$ npm install @uppy/dashboard --save
We recommend installing from npm and then using a module bundler such as Webpack, Browserify or Rollup.js.
Alternatively, you can also use this plugin in a pre-built bundle from Transloadit's CDN: Edgly. In that case Uppy
will attach itself to the global window.Uppy
object. See the main Uppy documentation for instructions.
Documentation for this plugin can be found on the Uppy website.
FAQs
Unknown package
We found that @uppy/dashboard demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.