Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
react-boxplot
Advanced tools
Simple SVG box plots in React.
yarn add react-boxplot
npm install --save react-boxplot
import React, { Component } from 'react'
import { Boxplot, computeBoxplotStats } from 'react-boxplot'
const values = [
14,
15,
16,
16,
17,
17,
17,
17,
17,
18,
18,
18,
18,
18,
18,
19,
19,
19,
20,
20,
20,
20,
20,
20,
21,
21,
22,
23,
24,
24,
29,
]
const Example = () => (
<Boxplot
width={400}
height={20}
orientation="horizontal"
min={0}
max={30}
stats={computeBoxplotStats(values)}
/>
)
Or you can compute the stats yourself:
const Example = () => (
<Boxplot
width={400}
height={25}
orientation="horizontal"
min={0}
max={300}
stats={{
whiskerLow: 194.3,
quartile1: 201,
quartile2: 234.5,
quartile3: 254.6,
whiskerHigh: 257.95,
outliers: [50, 75, 184.25, 268, 290],
}}
/>
)
In one terminal, start the build for the library:
npm
npm start
And, in a second terminal, start the build for the example app:
cd example
npm
npm start
Pull requests welcome!
This library was developed by Paul Melnikow while working at Body Labs. This is a fork of the original repo, now abandoned, being maintained by its original author.
The project is licensed under the two-clause BSD license.
3.0.0 -- Jan 1, 2019
simple-statistics
to 7.0.0, dropping support for IE11.FAQs
Simple SVG box plots in React
The npm package react-boxplot receives a total of 1,038 weekly downloads. As such, react-boxplot popularity was classified as popular.
We found that react-boxplot demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.