惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

爱范儿
爱范儿
E
Exploit-DB.com RSS Feed
Google DeepMind News
Google DeepMind News
F
Full Disclosure
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
ThreatConnect
Stack Overflow Blog
Stack Overflow Blog
Last Week in AI
Last Week in AI
Martin Fowler
Martin Fowler
G
GRAHAM CLULEY
C
Check Point Blog
T
Threatpost
I
Intezer
Spread Privacy
Spread Privacy
The Register - Security
The Register - Security
Project Zero
Project Zero
月光博客
月光博客
人人都是产品经理
人人都是产品经理
阮一峰的网络日志
阮一峰的网络日志
D
DataBreaches.Net
IT之家
IT之家
Malwarebytes
Malwarebytes
T
The Blog of Author Tim Ferriss
P
Privacy International News Feed
P
Palo Alto Networks Blog
T
The Exploit Database - CXSecurity.com
量子位
李成银的技术随笔
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Cisco Talos Blog
Cisco Talos Blog
Know Your Adversary
Know Your Adversary
美团技术团队
The GitHub Blog
The GitHub Blog
T
Tor Project blog
M
MIT News - Artificial intelligence
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Google Online Security Blog
Google Online Security Blog
P
Proofpoint News Feed
有赞技术团队
有赞技术团队
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
博客园 - 司徒正美
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
C
Comments on: Blog
T
Threat Research - Cisco Blogs
aimingoo的专栏
aimingoo的专栏
Security Latest
Security Latest
NISL@THU
NISL@THU
The Cloudflare Blog
H
Help Net Security
Recent Commits to openclaw:main
Recent Commits to openclaw:main

The Cloudflare Blog

The day my ping took countermeasures Announcing Claude Compliance API support with Cloudflare CASB Announcing Claude Managed Agents on Cloudflare Project Glasswing: what Mythos showed us Our billing pipeline was suddenly slow. The culprit was a hidden bottleneck in ClickHouse Browser Run: now running on Cloudflare Containers, it’s faster and more scalable When "idle" isn't idle: how a Linux kernel optimization became a QUIC bug Building For The Future How Cloudflare responded to the “Copy Fail” Linux vulnerability When DNSSEC goes wrong: how we responded to the .de TLD outage Code Orange: Fail Small is complete. The result is a stronger Cloudflare network Introducing Dynamic Workflows: durable execution that follows the tenant Post-quantum encryption for Cloudflare IPsec is generally available Agents can now create Cloudflare accounts, buy domains, and deploy Shutdowns, power outages, and conflict: a review of Q1 2026 Internet disruptions Making Rust Workers reliable: panic and abort recovery in wasm‑bindgen Moving past bots vs. humans Building the agentic cloud: everything we launched during Agents Week 2026 The AI engineering stack we built internally — on the platform we ship Orchestrating AI Code Review at scale Introducing the Agent Readiness score. Check to see if your site is agent-ready Shared Dictionaries: compression that keeps up with the agentic web Redirects for AI Training enforces canonical content Unweight: how we compressed an LLM 22% without sacrificing quality Agents that remember: introducing Agent Memory Agents Week: network performance update Introducing Flagship: feature flags built for the age of AI Cloudflare’s AI Platform: an inference layer designed for agents Building the foundation for running extra-large language models AI Search: the search primitive for your agents Deploy Postgres and MySQL databases with PlanetScale + Workers Artifacts: versioned storage that speaks Git Email for agents - Cloudflare Email Service now in public beta Project Think: building the next generation of AI agents on Cloudflare Introducing Agent Lee - a new interface to the Cloudflare stack Register domains wherever you build: Cloudflare Registrar API now in beta Browser Run: give your agents a browser Rearchitecting the Workflows control plane for the agentic era Add voice to your agent Managed OAuth for Access: make internal apps agent-ready in one click Securing non-human identities: automated revocation, OAuth, and scoped permissions Scaling MCP adoption: Our reference architecture for simpler, safer and cheaper enterprise deployments of MCP Secure private networking for everyone: users, nodes, agents, Workers — introducing Cloudflare Mesh Building a CLI for all of Cloudflare Durable Objects in Dynamic Workers: Give each AI-generated app its own database Agents have their own computers with Sandboxes GA Dynamic, identity-aware, and secure Sandbox auth Welcome to Agents Week 500 Tbps of capacity: 16 years of scaling our global network From bytecode to bytes- automated magic packet generation Cloudflare targets 2029 for full post-quantum security How we built Organizations to help enterprises manage Cloudflare at scale Why we're rethinking cache for the AI era Our ongoing commitment to privacy for the 1.1.1.1 public DNS resolver Introducing EmDash — the spiritual successor to WordPress that solves plugin security Introducing Programmable Flow Protection: custom DDoS mitigation logic for Magic Transit customers Cloudflare Client-Side Security: smarter detection, now open to everyone How we use Abstract Syntax Trees (ASTs) to turn Workflows code into visual diagrams A one-line Kubernetes fix that saved 600 hours a year Sandboxing AI agents, 100x faster Inside Gen 13- how we built our most powerful server yet Launching Cloudflare’s Gen 13 servers- trading cache for cores for 2x edge compute performance Powering the agents: Workers AI now runs large models, starting with Kimi K2.5 Introducing Custom Regions for precision data control Standing up for the open Internet- why we appealed Italy’s Piracy Shield fine From legacy architecture to Cloudflare One Announcing Cloudflare Account Abuse Protection: prevent fraudulent attacks from bots and humans Slashing agent token costs by 98% with RFC 9457-compliant error responses AI Security for Apps is now generally available Building a security overview dashboard for actionable insights Investigating multi-vector attacks in Log Explorer Translating risk insights into actionable protection: leveling up security posture with Cloudflare and Mastercard Fixing request smuggling vulnerabilities in Pingora OSS deployments Active defense: introducing a stateful vulnerability scanner for APIs Complexity is a choice. SASE migrations shouldn’t take years. From the endpoint to the prompt: a unified data security vision in Cloudflare One Ending the "silent drop": how Dynamic Path MTU Discovery makes the Cloudflare One Client more resilient A QUICker SASE client: re-building Proxy Mode How Automatic Return Routing solves IP overlap Always-on detections: eliminating the WAF “log versus block” trade-off Mind the gap: new tools for continuous enforcement from boot to login Stop reacting to breaches and start preventing them with User Risk Scoring Defeating the deepfake: stopping laptop farms and insider threats Moving from license plates to badges: the Gateway Authorization Proxy Evolving Cloudflare’s Threat Intelligence Platform: actionable, scalable, and ETL-less Introducing the 2026 Cloudflare Threat Report See risk, fix risk: introducing Remediation in Cloudflare CASB How Cloudy translates complex security into human action From reactive to proactive: closing the phishing gap with LLMs Modernizing with agile SASE: a Cloudflare One blog takeover Beyond the blank slate: how Cloudflare accelerates your Zero Trust journey The truly programmable SASE platform Toxic combinations: when small signals add up to a security incident We deserve a better streams API for JavaScript The most-seen UI on the Internet? Redesigning Turnstile and Challenge Pages ASPA: making Internet routing more secure Bringing more transparency to post-quantum usage, encrypted messaging, and routing security How we rebuilt Next.js with AI in one week Cloudflare One is the first SASE offering modern post-quantum encryption across the full platform Cloudflare outage on February 20, 2026
Open Sourcing CloudFlare’s UI Framework
Cloudflare Team · 2016-06-09 · via The Cloudflare Blog

Late last year, the CloudFlare UI team made a huge decision: to change JavaScript frameworks from Backbone & Marionette to React & Redux.

We’ve been one of the single biggest Backbone+Marionette apps on the web for a while now, and the decision to move was not taken lightly. On our team we have a former core team member of the Marionette team (myself), and the author of several popular Backbone projects: Backgrid and Backbone Paginator.

In the spirit of the open web, we want to share more about what we’re doing. This starts by open sourcing the UI framework that we have spent the last few months building.

Introducing cf-ui

While moving to React, we’ve taken our existing Backbone UI framework and rebuilt it from scratch on top of React. This includes over 50 packages that include dozens of components, utilities, test helpers, and more.

cf-ui logo

Examples: https://cloudflare.github.io/cf-uiGitHub: https://github.com/cloudflare/cf-ui

We’re not open sourcing cf-ui because we think our buttons are any better than anyone else’s buttons, but because it’s an opportunity to share some of the technical decisions that we’ve made while building out a massive React application. The hope is that this will be an awesome technical resource for many other devs.

We’ve made some interesting design decisions in cf-ui that we would like to talk about more, starting with the multi-package repo structure.

Improving the development experience with Lerna

Lerna logo

We have several different applications under development at CloudFlare: there’s our primary dashboard that the majority of our customers are familiar with, but also a number of internal and external applications that we build.

For us, being able to share code between repositories is a must have. We could just dump all the shared code into a single repository, but our applications are developed at different speeds and we want to be able to version our shared code using semver. So we use npm to build tons of separate packages.

However, maintaining dozens of packages across all of their repositories is a development nightmare. Making changes across packages is a difficult workflow, and it’s tough to test changes across all the packages.

Using Lerna, we’re able to put all of the packages into a single repository and have our ideal workflow while also versioning packages independently.

The basic idea here is that our cf-ui repository looks like this:

packages/
  cf-builder-card/
  cf-builder-form/
  ...
  cf-util-route-handler/
  cf-util-text/
lerna.json
package.json

Then each of the directories inside packages/ looks like this:

packages/cf-builder-card/
  src/
  test/
  package.json
  README.md

Each of these get built into a separate npm package and gets published whenever they have changed.

The other interesting part of Lerna is that it “links” cross-dependencies within the same repo so that you can test changes made in one package across all of the packages

For example, cf-util-http-poll depends on cf-util-http. If I make a change to cf-util-http, I want to be able to test that it didn’t break cf-util-http-poll and if it did I want to make sure that both packages get updated and versioned properly. Lerna allows us to do exactly that.

There are many more benefits to using this multi-package style repository which is why many other projects choose to use a similar structure. Projects like Babel, React, Ember, Angular, Jest, Meteor, PouchDB, and many many more all do the same thing.

Read more on the Lerna website.

Builder Components

Form Builder Component example

When we built the UI framework initially, we built each component package out to expose multiple components that you compose together like so:

import React from 'react';
import {
  Table,
  TableHead,
  TableHeadCell,
  TableBody,
  TableRow,
  TableCell
} from 'cf-component-table';

export default class MyTableComponent extends React.Component {
  render() {
    return (
      <Table>
        <TableHead>
          <TableRow>
            <TableHeadCell>Name</TableHeadCell>
            <TableHeadCell>Value</TableHeadCell>
          </TableRow>
        </TableHead>
        <TableBody>
          {this.props.data.map(row =>
            <TableRow key={row.id}>
              <TableCell>{row.name}</TableCell>
              <TableCell>{row.value}</TableCell>
            </TableRow>
          }
        </TableBody>
      </Table>
    );
  }
}

This was obviously a lot of repetition, so we wanted some kind of “factory” components that would set it up for us. Something like:

const data = [
  { id: 1, name: 'Foo', value: 'foo' },
  { id: 2, name: 'Bar', value: 'bar' }
];

<TableBuilder
  rows={data.map(item => {
    return { id: item.id, data: item }
  }}
  columns={[{
    label: 'Name',
    cell: (data) => {
      return <TableCell>{data.name}</TableCell>
    }
  }, {
    label: 'Value',
    cell: (data) => {
      return <TableCell>{data.value}</TableCell>
    }
  }]}/>

In addition to that, one of the frustrating things with base components in Redux is hooking them into the state tree all the time. Setting up handlers for every event that dispatches actions and get reduced into state is a tiresome process.

Instead we have defined that these “builder” components can be tied directly to Redux and have their own reducers and actions.

All you have to do is set up the reducer before using the builder component.

import {combineReducers, applyMiddleware, createStore} from 'redux';
import thunk from 'redux-thunk';
import {tableReducer} from 'cf-builder-table';

const reducer = combineReducers({
  tables: tableReducer
});

const store = createStore(reducer, {}, applyMiddleware(thunk));

Then you can use builder components like they were any other component. They each just need a unique ID, which you can store in a ComponentNames.js constants file.

<TableBuilder tableName={ComponentNames.EXAMPLE_TABLE} .../>

You can also dispatch actions that do various things to the builders.

import {tableActions} from 'cf-builder-table';

// ...

dispatch(tableActions.flashRow(
  ComponentNames.EXAMPLE_TABLE,
  'rowId',
  'success'
));

Integrated Test Utilities

cf-ui also includes a number of test utilites that integrate with Mocha, Sinon, and Redux in order to prevent various mistakes while writing tests.

For example using sinon you could stub out a method inside a test:

it('should stub a method', () => {
  sinon.stub(obj, 'methodName');
  // ...
});

But if you forget to restore that stub or maybe an error causes the stub to stick around through the rest of your tests you might run into some problems.

Instead there is a cf-test-stub package that includes a stubMethod() util that is automatically sandboxed and reset in between tests, preventing you from ever making a mistake and making it even easier to use.

There’s a handful of other useful test utils that do similar things.

Wrapping APIs for the sake of it

If you’re browsing the cf-ui packages you might notice there are some packages like cf-util-logger that wrap external APIs like this:

const debug = require(‘debug’);

function createLogger(name) {
  const logger = debug(name);

  return function(message) {
    logger(message);
  };
}

module.exports = createLogger;

This might seem unnecessary, however it forces us to expose a minimal API surface area that allows us to make changes to them confidently, even swapping out the underlying modules without having to update our application code.

For example, if we decided to stop using marked in favor of remarkable or some other markdown engine we could do that in a single pull request in one codebase.

Improving the accessibility of our components

Rewriting all of our components from the ground up was an excellent opportunity to evaluate how well we’ve been following accessibility best practices.

As we rewrote the components, we found a number of improvements that we could make and we took the time to make sure that our components were as accessible as possible.

For example, we greatly improved keyboard navigation across all of our components, even open sourcing some of the libraries we built to do it: react-modal2, a11y-focus-store, a11y-focus-scope.

In closing, we’re really really excited to be open sourcing our UI framework today. A lot of work went into this and it’s great to finally be putting it out there, so please give us a star on GitHub (we love stars).

Also, if this work interests you then you should come join our team!

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。