Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
AlloyUI is a framework built on top of YUI3 (JavaScript) that uses Bootstrap 3 (HTML/CSS) to provide a simple API for building high scalable applications.
As an user interface framework we do care about browser support. Most of our modules use all the power of HTML5, so for old browsers we provide fallbacks in Flash.
IE 8+ ✔ | Latest ✔ | Latest ✔ | Latest ✔ | Latest ✔ |
We use Gulp, a task-runner in Node, to automate things.
gulp <command>
To discover the most commonly used tasks, run:
gulp help
Install NodeJS <= v0.12.0, if you don't have it yet.
Install global dependencies:
[sudo] npm install -g gulp
npm install
gulp init
gulp build
Rebuild AUI components:
gulp build-aui
If run at the root level, it will build all AUI components.
If run within a component folder (ie. cd src/aui-datatable
), it will only build that specific component.
Watch for changes and rebuild automatically:
gulp watch
The basic structure of the project is given in the following way:
bower_components/
Contains all dependencies fetched via Bower. However, this directory is unnecessary for versioning, so it is ignored (.gitignore).build/
Contains AlloyUI and YUI generated files, once build task has been run. However, this directory is unnecessary for versioning, so it is ignored (.gitignore).demos/
Contains basic examples of the AlloyUI modules.src/
Contains the source code of the AlloyUI modules.tasks/
Contains the source code of the Gulp tasks..alloy.json
Specifies all dependencies and some configurations..editorconfig
Specifies the coding style for different editors/IDEs..jsbeautifyrc
Specifies the coding format rules for JSBeautify..jshintrc
Specifies the linting configurations for JSHint..yeti.json
Specifies the testing configurations for Yeti.LICENSE.md
Defines the license agreement for AlloyUI.README.md
Explains the AlloyUI project.package.json
Lists all NodeJS dependencies.AlloyUI is maintained by Liferay's Frontend Infrastructure team and a bunch of awesome contributors.
Liferay Frontend Infrastructure Team |
Discover all versions in the Releases page.
Each module (located under src/
) contains a HISTORY.md
file, check them for detailed changelog.
BSD-3-Clause License (c) Liferay, Inc.
FAQs
AlloyUI
We found that alloy-ui demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 20 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.