Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
qf-flora-wxui
Advanced tools
Readme
步骤 1:安装到项目根目录下
cnpm i qf-flora-wxui -S
步骤 2:构建 npm 包 (将 node_modules 变成公共组件直接用
开发工具左上角工具菜单 -》 构建npm包
开发工具右上角详情菜单 -》 本地设置 -》 使用npm模块
{
"usingComponents": {
"qf-btn": "qf-flora-wxui /button/button",
"qf-dashboard": "qf-flora-wxui/dashboard/dashboard",
"qf-popup": "qf-flora-wxui /popup/popup"
}
}
<qf-btn bindtap="handleClick">
Tomorrow is another day
</qf-btn>
<qf-btn type="warn" bindtap="handleClick">
明天又是崭新的一天
</qf-btn>
<!-- <weapp-plugin-dashboard
min="0" // 最小值
max="100" // 最大值
val="50" // 当前值
width="750" // 组件宽度,单位rpx
height="400" // 组件高度,单位rpx
colors="{{myColors}}" // 仪表盘颜色分布
>
</weapp-plugin-dashboard> -->
<qf-dashboard
min="0"
max="100"
val="{{val}}"
width="750"
height="400"
colors="{{myColors}}"
>
</qf-dashboard>
<qf-btn bindtap="handleRandom">随机</qf-btn>
<qf-popup id='popup'
image='https://img1.baidu.com/it/u=1131661788,2256032093&fm=26&fmt=auto'
content='申请成功'
btn_no='立即发起活动'
btn_ok='成为认证用户'
bind:error="_error"
bind:success="_success">
</qf-popup>
<qf-btn bindtap="handlePopup">点击显示弹出层</qf-btn>
Page({
handleClick() {
console.log('handleClick')
},
handleRandom() {
const max = 100
const min = 0
this.setData({
val: Math.floor(Math.random() * (max - min + 1) - 1)
})
},
handlePopup() {
this.popup.showPopup()
},
onReady() {
// 获得popup组件
this.popup = this.selectComponent('#popup')
},
// 取消事件
_error() {
console.log('你点击了取消')
this.popup.hidePopup()
},
// 确认事件
_success() {
console.log('你点击了确定')
this.popup.hidePopup()
},
data: {
val: 30,
myColors: [{
percent: 50,
color: '#67C23A'
}, {
percent: 80,
color: '#E6A23C'
}, {
percent: 100,
color: '#F56C6C'
}]
},
})
FAQs
🧨 微信小程序UI组件库
We found that qf-flora-wxui demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.