Research
Security News
Malicious npm Package Wipes Codebases with Remote Trigger
A malicious npm typosquat uses remote commands to silently delete entire project directories after a single mistyped install.
By Kush Pandya - May 30, 2025
š Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more ā
uiw
The official documentation site for uiw. A high quality UI Toolkit, A Component Library for React 16+. š
Installation
npm install uiw --save
You can use kkt to quickly create a react + uiw project.
npx create-kkt my-app -e uiw
You can use the uiw v1.x version. Please see here for instructions. (npx comes with npm 5.2+ and higher.)
Basic Usage
import React from "react";
import ReactDOM from "react-dom";
import { Button } from "uiw";
ReactDOM.render(
<Button type="primary">Hello</Button>,
document.getElementById("app")
);
Documentation
Visit the uiwjs.github.io website for more information.
Or Open in VSCode Preview :
Packages
This git repository is a repo built using Lerna. It contains several packages:
Development
Use Gitpod, a free online dev environment for GitHub.
Or clone locally:
$ git clone git@github.com:uiwjs/uiw.git
Install dependencies & compile component code.
$ npm install # Install dependencies
$ npm run hoist
$ npm run build
To develop, run the self-reloading build:
# Run the app
# Restart the app automatically every time code changes.
# Useful during development.
$ npm run lib:watch
$ npm run start
$ lerna run --scope uiw watch --stream
$ lerna exec --scope @uiw/button -- tsbb types --outDir lib/esm --target ESNEXT --watch
$ lerna exec --scope @uiw/button -- tsbb watch --target react --env-name esm:dev --env-name cjs
Folders
āāā LICENSE
āāā README.md
āāā package.json
āāā website
ā āāā uiw # Documentation website source code
āāā packages
āāā uiw # Component library source code
āāā react-alert
āāā react-tree
āāā ...
āāā react-affix
Contributors
License
Licensed under the MIT License.
FAQs
A high quality UI Toolkit, A Component Library for React 16+.
The npm package uiw receives a total of 192 weekly downloads. As such, uiw popularity was classified as not popular.
We found that uiw demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 29 Nov 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Monkey-Patched PyPI Packages Use Transitive Dependencies to Steal Solana Private Keys
Malicious PyPI package semantic-types steals Solana private keys via transitive dependency installs using monkey patching and blockchain exfiltration.
By Kirill Boychenko - May 29, 2025
Security News
OpenJS Foundation Is Now a CNA for 40+ JavaScript Projects Under Its Umbrella
New CNA status enables OpenJS Foundation to assign CVEs for security vulnerabilities in projects like ESLint, Fastify, Electron, and others, while leaving disclosure responsibility with individual maintainers.
By Sarah Gooding - May 29, 2025