Security News
NVD Backlog Tops 20,000 CVEs Awaiting Analysis as NIST Prepares System Updates
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Metal.js is a JavaScript library for building UI components in a solid, flexible way.
Even though it's powerful, Metal.js is very small, being only around 9kb after compressed with gzip. It's also really well tested, currently with 99% coverage of unit tests, besides having great performance.
Install via npm, or download as a zip:
npm install metal
With the code already available, you can use Metal.js by just importing the desired module on your js file and calling what you wish on it. For example:
import core from './node_modules/metal/src/core';
// You can now call any function from Metal.js's core module.
core.isString('Hello World');
Note that Metal.js is written in ES6 (a.k.a ECMAScript 2015), so you can also use ES6 on your code like we did on the example. Since ES6 isn't fully implemented on browsers yet though, either a polyfill or a build process is necessary before using Metal.js on a website.
Metal.js comes together with a set of gulp tasks designed to help develop with it. To learn more about them and use them, take a look at gulp-metal.
BSD License © Liferay, Inc.
FAQs
Core functions from Metal.js, with utilities for dealing with arrays, objects and others.
The npm package metal receives a total of 1,404 weekly downloads. As such, metal popularity was classified as popular.
We found that metal demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.