Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
bootstrap.native
Advanced tools
bootstrap.native is a JavaScript library that provides native JavaScript components for Bootstrap, eliminating the need for jQuery. It aims to offer the same functionality as Bootstrap's JavaScript components but in a more lightweight and efficient manner.
Modal
This code demonstrates how to create and control a Bootstrap modal using bootstrap.native. It initializes a modal and sets up an event listener to show the modal when a button is clicked.
document.addEventListener('DOMContentLoaded', function() {
var myModal = new Modal(document.getElementById('myModal'));
document.getElementById('openModal').addEventListener('click', function() {
myModal.show();
});
});
Tooltip
This code demonstrates how to create a tooltip using bootstrap.native. It initializes a tooltip with a specified title and placement on a target element.
document.addEventListener('DOMContentLoaded', function() {
var tooltipTrigger = document.getElementById('tooltipTrigger');
var myTooltip = new Tooltip(tooltipTrigger, {
title: 'This is a tooltip',
placement: 'top'
});
});
Dropdown
This code demonstrates how to create a dropdown menu using bootstrap.native. It initializes a dropdown on a specified element.
document.addEventListener('DOMContentLoaded', function() {
var dropdownElement = document.getElementById('myDropdown');
var myDropdown = new Dropdown(dropdownElement);
});
Bootstrap is the original library that bootstrap.native aims to complement. It provides a comprehensive set of CSS and JavaScript tools for building responsive web applications. Unlike bootstrap.native, Bootstrap's JavaScript components rely on jQuery.
Popper.js is a library used to manage poppers in web applications. It is often used in conjunction with Bootstrap for positioning tooltips and popovers. While bootstrap.native provides a more integrated solution for Bootstrap components, Popper.js focuses specifically on positioning elements.
Tether is a JavaScript library for efficiently making an absolutely positioned element stay next to another element on the page. It is similar to Popper.js and can be used with Bootstrap for positioning tooltips and dropdowns. bootstrap.native, on the other hand, provides a more comprehensive set of Bootstrap components without the need for jQuery.
The faster, lighter and more compact set of JavaScript components for Bootstrap 5, sourced with TypeScript and free from major dependecies such as jQuery, Popper.
The bootstrap.native library is available on npm, CDN and comes packed with Vitest powered tests and other goodies.
The library is around 42Kb minified and around 13Kb gZipped. See the demo for components guidelines and examples, or the Wiki/How to use on how to install and use the library.
npm i bootstrap.native
yarn add bootstrap.native
pnpm install bootstrap.native
deno add npm:bootstrap.native@latest
After installation, head over to the usage guides.
Check out the bootstrap.native
Wiki pages for usage guides and relevant information, they're updated with almost every new commit.
The BSN library is released under the MIT license.
FAQs
Bootstrap components build with Typescript
We found that bootstrap.native demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.