Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
CMUI is a UI framework for mobile web. It provides rich widgets and simple interfaces out-of-the-box, which helps developers get ride of details of styling and troubles of compatibility, and focus on building their own applications.
CMUI 是一个专攻移动网页的 UI 框架,它提供了丰富的组件和简洁的接口,开箱即用。CMUI 帮助开发者摆脱样式细节和兼容性困扰,从而腾出更多精力投入到业务开发中。
支持以下移动平台的主流浏览器:
同样支持以下桌面浏览器:
(更多细节参见 CMUI 的浏览器分级支持策略。)
通过 npm 3 安装:
$ npm install cmui
在页面中加载 CMUI 的样式文件、脚本文件及必要的依赖:
<!DOCTYPE html>
<html>
<head>
...
<link rel="stylesheet" href="node_modules/cmui/dist/cmui.css">
</head>
<body>
...
<script src="node_modules/underscore/underscore-min.js"></script>
<script src="node_modules/zepto.js/dist/zepto.min.js"></script>
<script src="node_modules/cmui-gearbox/dist/gearbox.min.js"></script>
<script src="node_modules/cmui/dist/cmui.js"></script>
</body>
</html>
如果你的项目以 Stylus 作为 CSS 预处理器语言,则可以在你的源码中直接引入 CMUI 的样式入口文件:
@import './node_modules/cmui/src/css/theme/baixing/index'
在这种方式下,你可以在源码中使用 CMUI 提供的高级 API:
建议使用 iOS/Android 设备访问:CMUI Demo
以下网站基于 CMUI 构建(请使用 iOS/Android 设备访问):
CMUI 的部分模块已经分离出去,成为独立项目。这些模块以开发依赖的方式引入,并打包到发布文件中。因此,参与这些独立项目的开发即可修改这些模块。
npm install
,安装必要的依赖。npm run dist
,运行构建脚本。/dist
目录下。npm install
,安装必要的依赖。test/test-dev.html
- 测试源码(用于开发阶段的测试)CMUI is based on these open source projects:
CMUI team is using JetBrains IDE (WebStorm) with Open Source License:
FAQs
Lightweight UI solution for mobile web.
The npm package cmui receives a total of 0 weekly downloads. As such, cmui popularity was classified as not popular.
We found that cmui demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.