
Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
@what3words/react-components
Advanced tools
The what3words react components package extends the [JS API](https://github.com/what3words/w3w-node-wrapper) as a framework wrapper for the custom elements found in the `@what3words/javascript-components` package. This is exclusively for use in [ReactJS](
The what3words react components package extends the JS API as a framework wrapper for the custom elements found in the @what3words/javascript-components
package. This is exclusively for use in ReactJS applications. Depending on your use-case, you can alternatively utilise our native JS custom elements (@what3words/javascript-components
) as these should work given the specification's current browser compatibility and framework support.
This library was generated with Create React App version 5.0.1.
Some bundlers require additional configuration to work with our components.
When using vite, make sure to exclude @what3words/react-components
from the dependency optimization using the optimizeDeps.exclude
option in your vite.config.[js,ts]
file
import { defineConfig } from "vite";
export default defineConfig({
...
optimizeDeps: {
exclude: ["@what3words/react-components"],
},
});
npm install @what3words/react-components@5.0.1
import { What3wordsAutosuggest } from "@what3words/react-components";
const W3W_API_KEY = "<W3W-API-KEY>";
export default function Autosuggest() {
return (
<What3wordsAutosuggest api_key={API_KEY}>
<input
type="text"
placeholder="Find your address"
style={{ width: "300px" }}
autoComplete="off"
/>
</What3wordsAutosuggest>
);
}
npm install @what3words/react-components@5.0.1
import {
What3wordsAutosuggest,
What3wordsMap,
} from "@what3words/react-components";
const W3W_API_KEY = "<W3W-API-KEY>";
const MAP_API_KEY = "<GOOGLE-MAP-API-KEY>";
export default function Map() {
return (
<What3wordsMap
id="w3w-map"
api_key={API_KEY}
map_api_key={MAP_API_KEY}
disable_default_ui={true}
fullscreen_control={true}
map_type_control={true}
zoom_control={true}
current_location_control_position={9}
fullscreen_control_position={3}
search_control_position={2}
words="filled.count.soap"
>
<div slot="map" style={{ width: "100vw", height: "100vh" }} />
<div slot="search-control" style={{ margin: "10px 0 0 10px" }}>
<What3wordsAutosuggest>
<input
type="text"
placeholder="Find your address"
style={{ width: "300px" }}
autoComplete="off"
/>
</What3wordsAutosuggest>
</div>
<div slot="current-location-control" style={{ margin: "0 10px 10px 0" }}>
<button>Current Location</button>
</div>
</What3wordsMap>
);
}
npm install @what3words/react-components@5.0.1
import { What3wordsAutosuggest } from "@what3words/react-components";
const W3W_API_KEY = "<W3W-API-KEY>";
export default function Notes() {
return (
<What3wordsNotes api-key={API_KEY}>
<label slot="label" for="delivery-notes">
Delivery Notes
</label>
<textarea
slot="input"
name="delivery-notes"
placeholder="Type delivery instructions with your what3words address"
></textarea>
</What3wordsNotes>
);
}
FAQs
The what3words react components package extends the [JS API](https://github.com/what3words/w3w-node-wrapper) as a framework wrapper for the custom elements found in the `@what3words/javascript-components` package. This is exclusively for use in [ReactJS](
The npm package @what3words/react-components receives a total of 738 weekly downloads. As such, @what3words/react-components popularity was classified as not popular.
We found that @what3words/react-components demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
Product
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
Security News
Research
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.