Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
react-flex
Advanced tools
Flex component built for React
$ npm i react-flex --save
import { Flex, Item } from 'react-flex';
import 'react-flex/index.css';
<Flex row alignItems="center">
<div>a first div</div>
<Item flex={1}>flexes to 1</Item>
</Flex>
DONT FORGET to import react-flex/index.css
as well.
Ideally, we could write <div style={{flex: 1}} />
, but the browser landscape has to catch up with prefixing, latest syntax, etc.
So instead, <Item flex={2} />
adds a className
on the rendered item. Since you are also importing react-flex/index.css
, you get a all the cross-browser syntax and prefixing that autoprefixer
offers.
There are two components in the react-flex
module: Flex
and Item
. They both support flex
as a prop.
inline: Boolean
- for display: inline-flex
.row: Boolean
- for flex-direction: row
. Defaults to true
column: Boolean
- for flex-direction: column
reverse: Boolean
- for reverse direction (eg. flex-direction: column-reverse or row-reverse
)wrap: Boolean
- for flex-wrap: wrap
. Defaults to true.flex: Number/String/Boolean
- a number/string from 0 to 24 for the flex
css property. false
for none
.alignItems: String
- a value for the align-items
css property.justifyContent: String
- a value for the justify-content
css property.alignContent: String
- a value for the align-content
css property.display: String
- you can customize the display to be 'flex'
or 'inline-flex'
The Flex
component has the following default props (which Item
does not):
row=true
wrap=true
alignItems='center'
display='flex'
Our experience shows those are the most common configs, so we made them the defaults.
flex: Number/String/Boolean
- a number/string from 0 to 24 for the flex
css property. false
for none
. Defaults to 1
.flexGrow: Number/Boolean/String
- a number/string from 0 to 24 for flex-grow
. Most of the times, using flex
is just enough.flexShrink: Number/String
- a value for the flex-shrink
css property. From 0
to 24
.flexBasis: String
- a value for the flex-basis
css property. Valid values are: 0
(and 'none'
, which is the same), 'auto'
, 'content'
, 'fit-content'
, 'min-content'
, 'max-content'
, 'fit'
.
<Flex alignItems="start"> //or "flex-start"
<Item flex={2}>
content here
</Item>
</Flex>
<Flex column wrap={false}>
<Flex flex={false}>
Flex also supports the `flex` prop
</Flex>
<Item flex={3} />
<Item flex={12} />
</Flex>
$ git clone https://github.com/zippyui/react-flex.git
$ npm i
$ npm run dev
scss
variable $REACT-FLEX_MAX-SIZE
default to 100
instead of 24
alignSelf
15.0.0
in peerDependecies
react-flex-item
classes & add BEM conventiondisplay
prop to Flex
& Item
. In this way, you can make even flex Item
have display flex or inline-flexscss
variable $REACT-FLEX_MAX-SIZE
take previously defined value if one exists.If you wish to use index.scss
, you can import that directly.
Now navigate to http://localhost:8181/dev.html, modify index.jsx and see the changes happen live in the browser.
FAQs
Unknown package
The npm package react-flex receives a total of 526 weekly downloads. As such, react-flex popularity was classified as not popular.
We found that react-flex demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.