npmpackage.info

Gathering detailed insights and metrics for @elastic/eui

@elastic/eui

Elastic UI Framework 🙌

98.1.0

NOASSERTION

TypeScript

13,268,905 5.1

Installations

npm install @elastic/eui

Pull Requests

Open

18

Total

4,719

Closed

473

Merged

4,228

Issues

Open

170

Total

3,332

Closed

3,162

Releases

253

v98.1.0

Published on 27 Nov 2024

v98.0.0

Published on 20 Nov 2024

v97.3.1

Published on 06 Nov 2024

v97.3.0

Published on 28 Oct 2024

v97.2.0

Published on 18 Oct 2024

v97.1.0

Published on 15 Oct 2024

View all 253 releases

Developer

elastic

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

16.x || 18.x || >=20.x

Typescript Support

Yes

Node Version

20.15.1

NPM Version

10.7.0 Statistics

58 Stars

6,254 Commits

842 Forks

137 Watching

10 Branches

2,177 Contributors

Updated on 28 Nov 2024

Languages

TypeScript (67.8%)

JavaScript (17.46%)

MDX (13.84%)

SCSS (0.68%)

Shell (0.19%)

HTML (0.02%)

Dockerfile (0.01%)

Total Downloads

Cumulative downloads

Total Downloads

13,268,905

Last day

66.7%

51,835

Compared to previous day

Last week

104.1%

173,829

Compared to previous week

Last month

54.6%

512,525

Compared to previous month

Last year

28.4%

4,628,068

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Peer Dependencies

react moment react-dom typescript @emotion/css @types/react @emotion/react @types/react-dom @elastic/datemath

Dev Dependencies

165

yo glob jest loki path sass chalk pegjs react redux yargs assert buffer dedent enzyme eslint findup moment rimraf core-js cssnano cypress postcss process resolve shelljs webpack axe-core chokidar get-port inquirer jest-cli prettier react-16 react-17 cross-env expose-gc react-dom storybook stylelint @babel/cli @svgr/core babel-jest css-loader raw-loader react-view typescript @babel/core @types/jest @types/uuid codesandbox cypress-axe file-loader html-format postcss-cli react-redux redux-thunk sass-loader webpack-cli @emotion/css @types/react autoprefixer babel-loader cache-loader react-dom-16 react-dom-17 react-helmet style-loader @emotion/jest @types/enzyme @types/stylis dts-generator react-refresh @cypress/react @emotion/cache @emotion/react @types/cheerio enzyme-to-json postcss-loader @babel/template @elastic/charts @faker-js/faker @storybook/test @types/prettier @types/react-is moment-timezone @cypress/react18 @storybook/react @svgr/plugin-jsx @types/chroma-js @types/react-dom @types/url-parse react-router-dom yeoman-generator @babel/preset-env @elastic/datemath @storybook/blocks @svgr/plugin-svgo @types/classnames cypress-plugin-tab eslint-plugin-jest postcss-inline-svg webpack-dev-server @babel/preset-react cypress-real-events eslint-plugin-local eslint-plugin-mocha eslint-plugin-react html-webpack-plugin @types/vfile-message eslint-plugin-import @loki/is-loki-running @storybook/docs-tools babel-plugin-istanbul postcss-styled-syntax start-server-and-test terser-webpack-plugin @cypress/code-coverage @emotion/eslint-plugin @storybook/addon-links @storybook/manager-api @storybook/preview-api @testing-library/react eslint-config-prettier eslint-plugin-jsx-a11y eslint-plugin-prettier jest-environment-jsdom @types/react-router-dom enzyme-adapter-react-16 eslint-plugin-storybook react-docgen-typescript uglifyjs-webpack-plugin @babel/preset-typescript buildkite-test-collector @storybook/react-webpack5 @testing-library/jest-dom @typescript-eslint/parser eslint-plugin-react-hooks stylelint-config-standard circular-dependency-plugin @cypress/webpack-dev-server @loki/create-async-callback @storybook/addon-essentials @testing-library/user-event @testing-library/react-16-17 @testing-library/react-hooks @storybook/addon-interactions babel-plugin-inline-react-svg @emotion/babel-preset-css-prop eslint-import-resolver-webpack fork-ts-checker-webpack-plugin stylelint-config-prettier-scss stylelint-config-standard-scss @babel/plugin-transform-runtime babel-plugin-add-module-exports @types/testing-library__jest-dom @typescript-eslint/eslint-plugin @cfaester/enzyme-adapter-react-18 @wojtekmaj/enzyme-adapter-react-17 @pmmmwh/react-refresh-webpack-plugin babel-plugin-pegjs-inline-precompile @babel/plugin-proposal-class-properties @storybook/addon-webpack5-compiler-babel @babel/plugin-proposal-object-rest-spread @babel/plugin-transform-async-to-generator

Versions

Elastic UI Framework

The Elastic UI Framework is a collection of React UI components for quickly building user interfaces at Elastic.

Check out our full documentation site which contains many examples of components in the EUI framework aesthetic, and how to use them in your products. Our FAQ below covers common usage questions — for other general questions regarding EUI, check out the Discussions tab.

[!NOTE] We're in the process of migrating this repository to a monorepo structure. You can find @elastic/eui files in the packages/eui directory.

Frequently Asked Questions

What is the Elastic UI Framework?

The Elastic UI Framework (EUI) is a design library in use at Elastic to build React applications that need to share our branding and aesthetics. It distributes typed UI React components and static assets for use in building web layouts. Alongside the React components, we ship theme & style utilities that can be used independently on their own.

The primary goal of this library is to provide reusable UI components that can be used throughout Elastic's web products. As React components, they remove CSS from the process of building UIs. As a single source of truth, the framework allows our designers to make changes to our aesthetic directly in the code. And unit test coverage for the UI components allows us to deliver a stable "API for user interfaces".

Can I use EUI?

Please see Elastic's licensing FAQ: I’m using EUI or Elastic Charts in my application outside of Kibana, how does this affect me?

Why is EUI open source?

Many of Elastic's products are open source and rely upon this library to function. The Elastic UI Framework began as a folder of code in Kibana and we decided it could be used beyond that codebase. It exists as an independent library so that patterns can be shared across teams and design standards can be scaled across our organization. Since most of our products are open source, we treat this one similarly as far as public publishing and conversation even if its usage tends to focus more inward towards Elastic itself.

What is the versioning, release, and upgrade strategy?

We use semver for versioning and use that to denote breaking changes in EUI upgrades. Traditionally we consider API changes in our prop names or existing component functionality to be a reason for a breaking change, but do not track the renaming of CSS selectors, mixins or other style changes under this same rigor.

Traditionally releases are made weekly against whatever is in the main branch and you can upgrade from NPM as you see fit.

Can I contribute to EUI?

Yes! We welcome community-contributed PRs, especially around feature requests that the EUI team may not have bandwidth to carry out alone. You can find documentation around creating and submitting new components in our wiki.

What about reporting bugs and feature requests?

Bug reports and feature requests are most welcome, but our roadmap and prioritization are driven primarily by internal Elastic usage.

Please note that in order to keep our backlog manageable and focused on tasks we intend to complete, feature requests & tech debt issues that are inactive for a year will be auto-closed (bugs will remain open if determined to be reproducible and valid).

This activity counter can be soft reset by commenting on the issue directly, but please do so mindfully. We would ask that you proactively let the EUI team know why this request matters to you or how it impacts you or your users, in order to help us prioritize accordingly.

The EUI team, like everyone else, has a finite amount of time and resources, and it is not humanly possible for us to implement every task or feature requested of us. However, that's where the beauty of open source comes in - if your request is important to you, we strongly encourage you to contribute code directly to EUI that addresses your issue or request!

I have more questions!

The EUI team has ongoing FAQs for more transient or component-specific questions. Please see the FAQ section in our GitHub discussions here.

Wiki

Our wiki docs contain instructions and guidelines on multiple areas of EUI usage and development that are too detailed for an initial README. For more information, see:

License

Dual-licensed under Elastic v2 and Server Side Public License, v1. See Elastic's licensing FAQ for details.

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Maintained

Determines if the project is "actively maintained".

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Security-Policy

Determines if the project has published a security policy.

9

License

Determines if the project has defined a license.

6

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

5

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/changelog.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/elastic/eui/changelog.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/changelog.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/elastic/eui/changelog.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/community_contribution.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/elastic/eui/community_contribution.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/label_commenter.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/elastic/eui/label_commenter.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/label_commenter.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/elastic/eui/label_commenter.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale_issues.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/elastic/eui/stale_issues.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale_issues.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/elastic/eui/stale_issues.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale_issues.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/elastic/eui/stale_issues.yml/main?enable=pin
Warn: containerImage not pinned by hash: packages/eui/scripts/docker-ci/Dockerfile:5: pin your Docker image by updating node:20.15.1-slim to node:20.15.1-slim@sha256:b21bcf3e7b6e68d723eabedc6067974950941167b5d7a9e414bd5ac2011cd1c4
Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 2 third-party GitHubAction dependencies pinned
Info: 0 out of 1 containerImage dependencies pinned

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

80 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99
Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-257v-vj4p-3w2h
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-36jr-mh4h-2g58
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-7r28-3m3f-r2pr
Warn: Project is vulnerable to: GHSA-r8j5-h5cx-65gg
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-f98m-q3hr-p5wq
Warn: Project is vulnerable to: GHSA-39q4-p535-c852
Warn: Project is vulnerable to: GHSA-h86x-mv66-gr5q
Warn: Project is vulnerable to: GHSA-3xq5-wjfh-ppjc / GHSA-wc69-rhjr-hc9g
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4
Warn: Project is vulnerable to: GHSA-56x4-j7p9-fcf9
Warn: Project is vulnerable to: GHSA-v78c-4p63-2j6c
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-h9rv-jmmf-4pgx
Warn: Project is vulnerable to: GHSA-hxcc-f52p-wc94
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-jv35-xqg7-f92r
Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6
Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj
Warn: Project is vulnerable to: GHSA-325j-24f4-qv5x
Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-cf4h-3jhx-xvhq
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp

Score

5.1

/10

Last Scanned on 2024-11-25

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More