Security News
The Code You Didn't Write Is Still Yours to Defend
AI agents are pulling packages into environments no scanner is watching, creating exposure before security teams can see it.
By Brad Arkin - Jun 23, 2026
🚀 Socket Launch Week Day 5:Introducing Repository Access Permissions and Custom Roles.Learn more →
uve-utils
一个功能丰富的通用工具库,专为现代 Web 开发和政务端(浙政钉、浙里办)应用设计。
特性
- 🚀 单文件打包:基于 Vite 构建,输出精简的 ESM 和 CJS 单文件。
- 🛠️ 通用工具:包含正则表达式校验、日期格式化、数据类型判断、金额格式化等常用工具。
- 🔒 加密算法:集成 AES 以及国密算法(SM2, SM3, SM4)。
- 🏛️ 政务端支持:专门针对浙政钉和浙里办环境的初始化、埋点和授权封装。
- 📦 开箱即用:支持 TypeScript,提供完整的类型定义。
安装
npm install uve-utils
# 或者
yarn add uve-utils
快速使用
通用工具
import { utils } from 'uve-utils';
// 手机号校验
utils.checkPhoneNumber('13800138000'); // true
// 身份证校验
utils.checkIdentityId('330101199001011234');
// 日期格式化
utils.dateFormat(new Date(), 'YYYY-MM-DD HH:mm:ss');
// AES 加密
const encrypted = utils.encryptAes('Hello World');
const decrypted = utils.decryptAes(encrypted);
浙政钉/浙里办初始化
import { initZhezhengding, initZheliban } from 'uve-utils';
// 初始化浙政钉配置
initZhezhengding({
enable: true,
bid: 'your_bid',
signkey: 'your_signkey',
sapp_id: 'your_sapp_id',
sapp_name: 'your_sapp_name'
});
// 初始化浙里办配置
initZheliban({
enable: true,
appTitle: '应用名称',
bid: 'your_bid'
});
API 说明
utils (常用工具)
| 方法 | 说明 |
|---|---|
checkPhoneNumber(phone) | 验证手机号码格式 |
checkIdentityId(id) | 验证身份证号码合法性 |
isNumber(val) | 判断是否为纯数字 |
numberChinese(num) | 数字转中文大写 |
dateFormat(date, format) | 日期格式化 |
getOsType() | 获取系统类型 (1:IOS, 2:Android, 3:Win, 4:Mac) |
getBrowserType() | 获取浏览器环境 (浙里办, 浙政钉, 微信等) |
hideString(str, start, len) | 字符串脱敏 |
uuid() | 生成唯一标识 |
moneyFormat(num) | 金额千分位格式化 |
encryptAes / decryptAes | AES 加解密 |
encryptSm2 / decryptSm2 | 国密 SM2 加解密 |
encryptSm4 / decryptSm4 | 国密 SM4 加解密 |
浙政钉埋点与授权
| 方法 | 说明 |
|---|---|
createBaseBurialPointZzd(config) | 基础埋点 |
createUserInfoBurialPointZzd(config) | 用户信息埋点 |
getAuthCodeZzd() | 获取免登授权码 (Promise) |
浙里办埋点
| 方法 | 说明 |
|---|---|
zwlogGlobalZlb(config) | 浙里办全局日志埋点 |
开发与构建
项目采用 Vite 进行构建,输出单文件 bundle。
# 安装依赖
yarn install
# 构建项目
yarn build
构建产物位于 dist 目录:
index.js: ESM 模块index.cjs: CommonJS 模块index.d.ts: 类型声明文件zzd.html/zlb.html: 预置资产文件
License
ISC
FAQs
The npm package uve-utils receives a total of 0 weekly downloads. As such, uve-utils popularity was classified as not popular.
We found that uve-utils demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 12 Jan 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
GitHub Actions Checkout Now Blocks Risky pull_request_target Checkouts
GitHub Actions checkout now blocks risky pull_request_target checkouts by default to help prevent pwn request supply chain attacks.
By Sarah Gooding - Jun 20, 2026
Product
Introducing Repository Access Permissions and Custom Roles
Socket now supports Custom Roles and Repository Access Permissions so organizations can control who can access specific repositories and actions.
By Joe Werle - Jun 19, 2026