Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
react-vlist
Advanced tools
react-virtual-list
This is a list component that support viartualize rendering. It can be easly customize by providing its own item renderer.
- Super fast. 😛
- Responsive Components!
- Easy to use.
- Easy to Customize with Item Renderers.
- Support thousand of records.
Demo
Check out a working demo here
Some Demo Code
Simple Demo.- Demo with select Item,highlight selected and on click handler.
Installation
npm install react-vlist
Configuration
This is an example with a minimal use of the VirtualList component
import React from "react";
import ReactDOM from "react-dom";
import VirtualList from "react-vlist";
import "./Application.css";
const data = [{ name: "hola" }];
for (let i = 0; i < 1000; i++) {
data.push({ name: `Row ${i}` });
}
function App() {
return (
<div className="app-container">
<h1>Virtual List</h1>
<VirtualList
className="list"
data={data}
itemheight={50}
renderItems={(item, index, style) => (
<div className="itemRenderer" key={index} style={style}>
<img
className="itemImage"
src="https://i.stack.imgur.com/4QkvN.jpg?s=64&g=1"
/>
<div className="itemTitleContainer">
<div className="itemTitle">{item.name}</div>
<div className="itemContent">{item.name}</div>
</div>
</div>
)}
/>
</div>
);
}
const rootElement = document.getElementById("root");
ReactDOM.render(<App />, rootElement);
So the first thing is to create some data
const data = [{ name: "hola" }];
for (let i = 0; i < 1000; i++) {
data.push({ name: `Row ${i}` });
}
The next thing we implement a render method that use the list.
<VirtualList
className="list"
data={data}
itemheight={50}
renderItems={(item, index, style) => (
<div className="itemRenderer" key={index} style={style}>
<img
className="itemImage"
src="https://i.stack.imgur.com/4QkvN.jpg?s=64&g=1"
/>
<div className="itemTitleContainer">
<div className="itemTitle">{item.name}</div>
<div className="itemContent">{item.name}</div>
</div>
</div>
)}
/>
The list recive 3 params:
- data: Data is an array of elements to be render by the list
- itemheight: is the height of each item of the list
- renderItems: It is a hight order function where you can set what component is to be use to render the list elements.
- The function recive the following params:
- item:A element from the data object.
- index:The cardinal order of the element, it positio in the data array.
- style:The style to be applied to position the element.
- This function returns:
- A react component.(Make sure you assign the style to the returning component so it get position properly)
- The function recive the following params:
Other Free Apps we have created:
- Profile Me - Creates Professional Profile pictures.
- Background RM - Remove pictures Background.
- MetersApp - Create Quotes using measures from floorplan.
FAQs
A virtual list component with customizable item renderers
The npm package react-vlist receives a total of 2 weekly downloads. As such, react-vlist popularity was classified as not popular.
We found that react-vlist demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 20 Jun 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025