
Research
/Security News
jscrambler npm Package Compromised in Supply Chain Attack
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
一个基于vue2的移动端组件库,只是定义了一些常用的组件,以便于工作中快速开发的需求
- 本套组件在于用较少的嵌套层级关系和较少的易读的默认样式来搭建web项目,用户可以方便的更改样式来适应
- 1.0版本还在开发中
项目中的swiper组件并非作者开发而是使用了封装的外部swiper的组件
- npm install ca-ui --save
- ca-ui 基于使用在webpack模板的项目所以请先安装vue2的脚手架和创建webpack项目 vue-cli
- vue 常用的组件 vue-router vuex
按照约定使用了webpack模板的项目在入口文件main.js中引入 import 'ca-ui' 即可在任意地方使用
- 组件的使用示例和api
- 注意!在组件中所有单位基于rem,1rem等于100px,使用组件设计时按此约定即可
- 暂无
FAQs
ui for vue2
The npm package ca-ui receives a total of 12 weekly downloads. As such, ca-ui popularity was classified as not popular.
We found that ca-ui demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.