Research
/Security News
Shai Hulud Strikes Again (v2)
Another wave of Shai-Hulud campaign has hit npm with more than 500 packages and 700+ versions affected.
By Socket Research Team - Nov 24, 2025
🚨 Shai-Hulud Strikes Again:More than 500 packages and 700+ versions compromised.Technical Analysis →
wonderful-marrow
Advanced tools
wonderful
- 自定义组件库: 支持微信小程序,移动端,pc 端,响应式布局
- 基本动画组件
Install
npm install wonderful-marrow
组件库使用
import React from 'react'
import ReactDOM from 'react-dom/client'
import { Button, responseRegister } from 'wonderful-marrow/rabbit'
import 'wonderful-marrow/rabbit/index.css'
responseRegister() // 设置为响应式(rem 布局)
ReactDOM.createRoot(document.getElementById('root') as HTMLElement).render(
<div>
<Button type='primary'>按钮</Button>
</div>
)
支持的组件
const componentList = [
{
value: 'currency',
label: '通用',
children: [
{
value: 'Button',
label: '按钮',
},
{
value: 'Icon',
label: '图标',
},
{
value: 'Boundary',
label: '可变边界',
},
],
},
{
value: 'nav',
label: '导航',
children: [
{
value: 'Menu',
label: '导航菜单',
},
{
value: 'Pagination',
label: '分页',
},
{
value: 'Steps',
label: '步骤条',
},
],
},
{
value: 'data-input',
label: '数据录入',
children: [
{
value: 'Cascader',
label: '级联选择',
},
{
value: 'Checkbox',
label: '多选框',
},
{
value: 'Input',
label: '输入框',
},
{
value: 'InputNumber',
label: '数字输入框',
},
{
value: 'Radio',
label: '单选框',
},
{
value: 'Rate',
label: '评分',
},
{
value: 'Select',
label: '选择器',
},
{
value: 'SelectPanel',
label: '选择器(自定义触发器)',
},
{
value: 'Slider',
label: '滑动输入条',
},
{
value: 'Switch',
label: '开关',
},
{
value: 'Upload',
label: '上传',
},
{
value: 'Calendar',
label: '日历',
},
{
value: 'TimePicker',
label: '时间选择器',
},
{
value: 'DatePicker',
label: '日期选择器',
},
{
value: 'Transfer',
label: '穿梭框',
},
{
value: 'TreeSelect',
label: '树形选择器',
},
{
value: 'ColorPicker',
label: '颜色选择器',
},
],
},
{
value: 'data-display',
label: '数据展示',
children: [
{
value: 'Badge',
label: '徽章',
},
{
value: 'Carousel',
label: '轮播',
},
{
value: 'Collapse',
label: '折叠面板',
},
{
value: 'Popover',
label: '气泡卡片',
},
{
value: 'PopoverHandle',
label: '气泡卡片(自定义触发器)',
},
{
value: 'Tab',
label: '标签页',
},
{
value: 'Tag',
label: '标签',
},
{
value: 'Tree',
label: '树形控件',
},
{
value: 'Timeline',
label: '时间线',
},
{
value: 'List',
label: '列表',
},
{
value: 'Tour',
label: '导游',
},
{
value: 'Table',
label: '表格',
},
],
},
{
value: 'feedback',
label: '反馈',
children: [
{
value: 'Message',
label: '全局提示',
},
{
value: 'Modal',
label: '对话框',
},
{
value: 'Loading',
label: '加载中',
},
{
value: 'Progress',
label: '进度条',
},
],
},
]
动画库使用
import { Marrow, Build, Render } from 'wonderful-marrow/marrow'
import 'wonderful-marrow/marrow/index.css'
function handleChange(data: Marrow[]) {
console.log(data)
}
function handleSave(data: Marrow[]) {
console.log(data)
}
const data: Marrow[] = []
function App() {
return (
<div style={{ width: '100vw', height: '100vh', display: 'flex' }}>
<div style={{ width: '50%', height: '100%', borderRight: '1px solid #ccc' }}>
<Build
marrows={data}
onChange={handleChange}
onSave={handleSave}
/>
</div>
<div style={{ width: '50%', height: '100%' }}>
<Render marrows={data} />
</div>
</div>
)
}
FAQs
The npm package wonderful-marrow receives a total of 109 weekly downloads. As such, wonderful-marrow popularity was classified as not popular.
We found that wonderful-marrow demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 20 Feb 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Webhook Events for Alert Changes
Add real-time Socket webhook events to your workflows to automatically receive software supply chain alert changes in real time.
By Phil Gates-Idem - Nov 21, 2025
Security News
ENISA Becomes a CVE Root, Expanding Its Role in Europe’s Vulnerability Ecosystem
ENISA has become a CVE Program Root, giving the EU a central authority for coordinating vulnerability reporting, disclosure, and cross-border response.
By Sarah Gooding - Nov 21, 2025