@bene-npm/shield-ui

Getting Started

@bene-npm/shield-ui is a security-themed React component library. Zero external dependencies, full TypeScript support, and a 3-theme system out of the box.

Installation

bash

npm install @bene-npm/shield-ui

Requires React 18 or 19 as a peer dependency. No CSS imports or Tailwind configuration needed — all components use inline styles.

Quick Start

tsx

import { ShieldProvider, SeverityBadge, ThreatCard, SecurityScore } from "@bene-npm/shield-ui";

export default function Dashboard() {
  return (
    <ShieldProvider theme="dark">
      <SeverityBadge level="CRITICAL" pulse />
      <SecurityScore score={84} label="Overall Posture" />
      <ThreatCard
        id="CVE-2024-38816"
        severity="HIGH"
        title="Path Traversal"
        pkg="spring-webmvc"
        version="6.1.12"
        fixed="6.1.13"
      />
    </ShieldProvider>
  );
}

ShieldProvider is optional. Components fall back to the dark theme when used without a provider.

Theme System

Wrap your app or a section with ShieldProvider to set the active theme. All child components automatically reflect the theme via the React context-based useTheme() hook.

tsx

import { ShieldProvider, useTheme } from "@bene-npm/shield-ui";

// Wrap once at the root of your app or a section:
<ShieldProvider theme="dark">       {/* default */}
<ShieldProvider theme="hacker">     {/* green-on-black terminal */}
<ShieldProvider theme="corporate">  {/* light, professional */}

// Access the full token set anywhere inside the provider:
function MyComponent() {
  const t = useTheme();
  return (
    <div style={{ background: t.surface, color: t.text, border: `1px solid ${t.border}` }}>
      <span style={{ color: t.critical }}>Critical</span>
      <span style={{ color: t.success }}>Healthy</span>
    </div>
  );
}

Token	Dark	Hacker	Corporate	Description
t.bg	#06080c	#000	#f5f7fa	Page background
t.surface	#0c0f18	#0a0a0a	#fff	Card/panel background
t.surfaceAlt	#111520	#111	#f0f2f5	Input / alt surface
t.text	#e8eaf0	#33ff66	#111827	Primary text
t.textMuted	#8892a4	#00cc44	#374151	Secondary text
t.textDim	#4a5568	#006622	#9ca3af	Disabled / hint text
t.accent	#38bdf8	#00ff41	#2563eb	Primary accent color
t.critical	#ff2d55	#ff0000	#dc2626	Critical / error
t.high	#ff6b35	#ff6600	#ea580c	High severity
t.medium	#f59e0b	#ffaa00	#d97706	Medium severity
t.success	#30d158	#00ff41	#16a34a	Success / low severity
t.warning	#fbbf24	#ffcc00	#ca8a04	Warning
t.mono	JetBrains Mono	monospace	ui-monospace	Monospace font family

Hooks & Utilities

The theme system exports three hooks and one plain function. Use the plain getSevColor() inside .map() callbacks where calling a hook would violate React's rules.

tsx

import { useSev, getSevColor, useAnimVal, useTheme } from "@bene-npm/shield-ui";

// useSev — returns theme-aware color for a severity string (hook, use inside component body)
function Badge({ level }) {
  const color = useSev(level);  // "CRITICAL" → t.critical, "HIGH" → t.high, etc.
  return <span style={{ color }}>{level}</span>;
}

// getSevColor — same result but as a plain function, safe inside .map() callbacks
function List({ items }) {
  const t = useTheme();
  return items.map(item => (
    <div key={item.id} style={{ color: getSevColor(t, item.severity) }}>
      {item.title}
    </div>
  ));
}

// useAnimVal — animates a number from 0 to target over a given duration (ms)
function Counter({ value }) {
  const animated = useAnimVal(value, 800);  // 800ms animation
  return <strong>{animated}</strong>;
}

TypeScript Types

All public types are re-exported from the package root — no deep imports needed.

import type {
  // Theme
  Theme, ThemeName,

  // Severity & status unions
  SeverityLevel,   // "CRITICAL" | "HIGH" | "MEDIUM" | "LOW" | "INFO"
  ScanStatus,      // "scanning" | "complete" | "error" | "warning"
  StatusState,     // "online" | "warning" | "critical" | "offline" | "scanning"
  ShieldStatus,    // "verified" | "warning" | "compromised" | "unknown"
  Size,            // "sm" | "md" | "lg"

  // Component-specific
  TerminalLine,    // string | { text: string; color: string }
  TimelineEvent,   // { time: string; title: string; severity?: SeverityLevel; description?: string }
  RiskItem,        // { label: string; likelihood: number; impact: number }
  ComplianceStandard,  // "SOC2" | "ISO27001" | "GDPR" | "HIPAA" | "PCI" | "NIST"
  ComplianceStatus,    // "compliant" | "in-progress" | "failing" | "not-applicable"
  PortStatus,      // "open" | "filtered" | "closed"
  PortEntry,       // number | { port: number; status: PortStatus }
} from "@bene-npm/shield-ui";

Display & Badges4 components

SeverityBadge

since v1.0.0

Communicates threat severity at a glance. Renders a colored label badge with optional pulse animation and a numeric count bubble. The color is automatically derived from the active theme.

IMPORT

import { SeverityBadge } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
level	"CRITICAL" \| "HIGH" \| "MEDIUM" \| "LOW" \| "INFO"	"MEDIUM"	—	v1.0.0	The severity tier. Controls the badge color and label text.
size	"sm" \| "md" \| "lg"	"md"	—	v1.0.0	Controls padding and font size. sm = compact, lg = prominent.
pulse	boolean	false	—	v1.0.0	Enables a repeating opacity animation to draw attention to the badge.
count	number	—	—	v1.0.0	Renders a small numeric bubble to the right of the badge, useful for issue counts.

EXAMPLE

tsx

<SeverityBadge level="CRITICAL" />
<SeverityBadge level="HIGH" pulse count={12} />
<SeverityBadge level="MEDIUM" size="lg" />
<SeverityBadge level="LOW" />
<SeverityBadge level="INFO" size="sm" />

NOTES

Colors are sourced from the active theme via useTheme(), so they update automatically when ShieldProvider theme changes.
The pulse animation references the badgePulse keyframe defined in globals.css. Ensure your app includes this file, or define the keyframe yourself.

ShieldBadge

since v1.0.0

A shield-icon trust/verification badge for packages, endpoints, or system components. Shows a shield SVG with a status icon and optional label.

IMPORT

import { ShieldBadge } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
status	"verified" \| "warning" \| "compromised" \| "unknown"	"verified"	—	v1.0.0	Determines the shield color and icon. verified = green, warning = amber, compromised = red, unknown = muted.
label	string	—	—	v1.0.0	Optional text label rendered next to the shield icon.

EXAMPLE

tsx

<ShieldBadge status="verified" />
<ShieldBadge status="warning" label="Outdated deps" />
<ShieldBadge status="compromised" label="npm/lodash" />
<ShieldBadge status="unknown" label="Unscanned" />

CveTag

since v1.0.0

A compact inline CVE identifier tag with a colored severity dot. Designed for use in tables, lists, and inline prose.

IMPORT

import { CveTag } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
id	string	"CVE-2024-0001"	—	v1.0.0	The CVE identifier string to display.
severity	SeverityLevel	"HIGH"	—	v1.0.0	Controls the severity dot color next to the CVE ID.

EXAMPLE

tsx

<CveTag id="CVE-2024-38816" severity="CRITICAL" />
<CveTag id="CVE-2024-29041" severity="HIGH" />
<CveTag id="CVE-2024-28863" severity="MEDIUM" />

NOTES

SeverityLevel = "CRITICAL" | "HIGH" | "MEDIUM" | "LOW" | "INFO"

ComplianceBadge

since v2.0.0

Displays a compliance framework badge with an icon, label, and current status. Supports SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, and NIST.

IMPORT

import { ComplianceBadge } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
standard	"SOC2" \| "ISO27001" \| "GDPR" \| "HIPAA" \| "PCI" \| "NIST"	"SOC2"	—	v2.0.0	The compliance framework to display. Each standard has a unique icon and label.
status	"compliant" \| "in-progress" \| "failing" \| "not-applicable"	"compliant"	—	v2.0.0	Current compliance status. Controls the status label color and icon.

EXAMPLE

tsx

<ComplianceBadge standard="SOC2" status="compliant" />
<ComplianceBadge standard="GDPR" status="in-progress" />
<ComplianceBadge standard="HIPAA" status="failing" />
<ComplianceBadge standard="NIST" status="not-applicable" />

NOTES

Exported types: ComplianceStandard, ComplianceStatus

Scanning & Progress4 components

ScanProgress

since v1.0.0

An animated progress bar for scan operations. Displays a shimmer effect while scanning, and switches to solid color on completion or error. Label text sits above the bar.

IMPORT

import { ScanProgress } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
progress	number	0	—	v1.0.0	Progress percentage from 0–100.
status	"scanning" \| "complete" \| "error" \| "warning"	"scanning"	—	v1.0.0	Controls bar color and shimmer animation. scanning = accent + shimmer, complete = success, error = critical, warning = warning.
label	string	"Scanning dependencies..."	—	v1.0.0	Descriptive text shown above the progress bar.

EXAMPLE

tsx

<ScanProgress progress={72} status="scanning" label="Scanning node_modules..." />
<ScanProgress progress={100} status="complete" label="CVE database updated" />
<ScanProgress progress={34} status="error" label="Connection to OSV failed" />
<ScanProgress progress={55} status="warning" label="Rate limit approaching" />

NOTES

The shimmer animation references the scanShimmer keyframe from globals.css.
progress is clamped to 100 internally — passing values above 100 is safe.

SecurityScore

since v1.0.0

An animated SVG circular gauge that visualizes a security posture score. The arc color shifts from red at low scores to green at high scores. The number animates from 0 to the target value on mount.

IMPORT

import { SecurityScore } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
score	number	72	—	v1.0.0	Score from 0–100. Drives both the arc fill percentage and the color.
size	number	120	—	v1.0.0	Diameter of the SVG in pixels.
label	string	"Security Score"	—	v1.0.0	Small caption text below the numeric score.

EXAMPLE

tsx

<SecurityScore score={92} label="Overall" />
<SecurityScore score={67} label="Dependencies" />
<SecurityScore score={38} size={90} label="Headers" />

NOTES

Color thresholds: ≥80 = success (green), ≥60 = warning (amber), <60 = critical (red).
The counter animation uses a setInterval inside a useEffect — it cleans up automatically on unmount.

StatusIndicator

since v1.0.0

A pulsing status dot with optional label. Five semantic states cover the full range of system health monitoring scenarios.

IMPORT

import { StatusIndicator } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
status	"online" \| "warning" \| "critical" \| "offline" \| "scanning"	"online"	—	v1.0.0	Determines dot color and pulse animation. offline = no pulse.
label	string	—	—	v1.0.0	Optional text label rendered next to the dot.
size	"sm" \| "md" \| "lg"	"md"	—	v1.0.0	Controls dot diameter.

EXAMPLE

tsx

<StatusIndicator status="online" label="API Gateway" />
<StatusIndicator status="warning" label="High latency" />
<StatusIndicator status="critical" label="DB Down" />
<StatusIndicator status="scanning" label="Audit running" />
<StatusIndicator status="offline" label="Backup agent" />

MetricCard

since v2.0.0

A security KPI card with an animated counter, trend indicator, and optional sparkline chart. The numeric value smoothly animates from 0 to the target on mount.

IMPORT

import { MetricCard } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
title	string	—	✓	v2.0.0	Card heading. Shown above the value.
value	number \| string	—	✓	v2.0.0	The primary metric value. Numbers animate on mount; strings are displayed statically.
trend	number	—	—	v2.0.0	Trend percentage shown below the value. Positive = red (more = worse for security), negative = green (fewer issues = better). 0 = neutral.
trendLabel	string	—	—	v2.0.0	Context label next to the trend indicator, e.g. "vs last scan".
severity	SeverityLevel	—	—	v2.0.0	If provided, overrides the value color with the severity color from the active theme.
icon	string	—	—	v2.0.0	Optional emoji or character shown in the top-right corner of the card.
sparkData	number[]	—	—	v2.0.0	Array of historical values used to render a sparkline SVG behind the card content.

EXAMPLE

tsx

<MetricCard
  title="CVEs Found"
  value={24}
  trend={-3}
  trendLabel="vs last scan"
  severity="HIGH"
  sparkData={[30, 28, 24, 27, 24]}
/>
<MetricCard title="Shield Score" value={91} trend={5} sparkData={[82, 85, 87, 89, 91]} />

NOTES

trend direction is inverted from financial convention: positive trend = bad (red), negative = good (green). This matches security metric semantics where fewer issues is the goal.
The animation uses useAnimVal() internally — value changes after mount will re-animate.
getSevColor() (not useSev()) is used inside the component to avoid hook-in-callback issues.

Threat & Intelligence5 components

ThreatCard

since v1.0.0

An expandable vulnerability card that presents CVE details in a collapsible format. Shows the CVE ID, severity badge, title, and affected package in the header. Click to expand for full description, version info, and fix version.

IMPORT

import { ThreatCard } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
id	string	"CVE-2024-38816"	—	v1.0.0	The CVE identifier.
severity	SeverityLevel	"HIGH"	—	v1.0.0	Severity level — controls left border color and badge.
title	string	"Path Traversal in Spring Framework"	—	v1.0.0	Short vulnerability title.
pkg	string	"spring-webmvc"	—	v1.0.0	Affected package name.
version	string	"6.1.12"	—	v1.0.0	Vulnerable version string.
fixed	string	—	—	v1.0.0	Version in which the issue was patched. Shown with a green fix indicator.
description	string	—	—	v1.0.0	Full vulnerability description, shown on expand.
published	string	—	—	v1.0.0	Publication date string, e.g. "2024-09-13".

EXAMPLE

tsx

<ThreatCard
  id="CVE-2024-38816"
  severity="CRITICAL"
  title="Path Traversal in Spring Framework"
  pkg="spring-webmvc"
  version="6.1.12"
  fixed="6.1.13"
  description="Allows path traversal via crafted URL segments."
  published="2024-09-13"
/>

AlertBanner

since v1.0.0

A dismissible notification banner for security events. The left border, background tint, and icon all adapt to the chosen severity level. Renders children as the body text.

IMPORT

import { AlertBanner } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
severity	SeverityLevel	"HIGH"	—	v1.0.0	Drives the color scheme of the banner.
title	string	—	—	v1.0.0	Bold heading text.
children	ReactNode	—	—	v1.0.0	Body content of the banner.
dismissible	boolean	true	—	v1.0.0	When true, renders an × button that hides the banner on click.
onDismiss	() => void	—	—	v1.0.0	Optional callback fired when the user dismisses the banner.

EXAMPLE

tsx

<AlertBanner severity="CRITICAL" title="Active Breach Detected">
  Unauthorized access pattern on production API.
</AlertBanner>

<AlertBanner severity="INFO" title="Scan Complete" dismissible={false}>
  847 packages scanned. No new vulnerabilities.
</AlertBanner>

NOTES

The dismiss state is managed internally. The component returns null after dismissal — there is no way to re-show it without re-mounting.
Hooks (useTheme, useSev) are called before the early-return guard to satisfy React's rules of hooks.

SecurityTimeline

since v2.0.0

A vertical chronological event feed with a connecting line, severity-colored dot indicators, and optional description text. Ideal for audit logs, incident timelines, and CVE patch histories.

IMPORT

import { SecurityTimeline, type TimelineEvent } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
events	TimelineEvent[]	[]	—	v2.0.0	Array of timeline events to display, in order from newest to oldest (or whatever order is meaningful).

EXAMPLE

tsx

<SecurityTimeline events={[
  {
    time: "14:32",
    title: "SSH brute-force detected",
    severity: "HIGH",
    description: "42 failed login attempts in 60 seconds",
  },
  {
    time: "13:55",
    title: "Privilege escalation attempt",
    severity: "CRITICAL",
  },
  {
    time: "13:10",
    title: "CVE-2024-38816 patched",
    severity: "INFO",
  },
]} />

NOTES

TimelineEvent = { time: string; title: string; severity?: SeverityLevel; description?: string }
Dot and line colors use getSevColor() to avoid hook-in-loop violations.
Each event entrance uses the sectionIn animation keyframe (staggered by index * 0.05s).

RiskMatrix

since v2.0.0

A 5×5 likelihood/impact risk matrix grid. Each cell is color-coded from green (low risk) to red (critical risk). Pass risk items with likelihood and impact scores (1–5) and they appear as numbered dots inside the matching cell. Hover a populated cell to see the risk labels.

IMPORT

import { RiskMatrix, type RiskItem } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
items	RiskItem[]	[]	—	v2.0.0	Risk items to plot on the matrix. Each item maps to a cell at (likelihood, impact).

EXAMPLE

tsx

<RiskMatrix items={[
  { label: "SQL Injection",    likelihood: 4, impact: 5 },
  { label: "XSS",              likelihood: 3, impact: 3 },
  { label: "Misconfiguration", likelihood: 5, impact: 3 },
  { label: "SSRF",             likelihood: 2, impact: 4 },
]} />

NOTES

RiskItem = { label: string; likelihood: number; impact: number } — likelihood and impact should be integers 1–5.
Multiple items with the same cell coordinates are stacked — the cell shows the count and the tooltip lists all labels.
Color thresholds: ratio ≥ 0.64 = critical, ≥ 0.36 = high, ≥ 0.16 = medium, < 0.16 = success.

AttackChain

since v2.0.0

A MITRE ATT&CK-style kill chain visualization with 7 fixed phases. Active phases are highlighted; inactive phases are dimmed. Click any active phase to expand its technique tags below the chain.

IMPORT

import { AttackChain } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
activePhases	string[]	[]	—	v2.0.0	IDs of phases that should be highlighted as active/observed.
techniques	Record<string, string[]>	{}	—	v2.0.0	Map of phase ID → technique name array. Populated phases show a count badge and expand on click.

EXAMPLE

tsx

<AttackChain
  activePhases={["recon", "weapon", "delivery", "exploit"]}
  techniques={{
    recon:    ["Port scan", "DNS enumeration", "OSINT"],
    exploit:  ["CVE-2024-38816", "Zero-day RCE"],
    delivery: ["Phishing email", "Drive-by download"],
  }}
/>

NOTES

Built-in phase IDs: "recon" | "weapon" | "delivery" | "exploit" | "install" | "c2" | "actions"
Phases not listed in activePhases are rendered at 35% opacity to show the full kill chain context.
Only one phase can be expanded at a time — clicking an already-open phase collapses it.

Terminal & Code2 components

TerminalOutput

since v1.0.0

A macOS-styled terminal window with a traffic-light title bar. Supports static display or an optional character-by-character typing animation. Each line can have an independent color.

IMPORT

import { TerminalOutput, type TerminalLine } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
lines	TerminalLine[]	[]	—	v1.0.0	Lines to display. Each line is either a plain string or an object with text and color.
title	string	"terminal"	—	v1.0.0	Text shown in the terminal title bar.
typing	boolean	false	—	v1.0.0	When true, animates the output character by character at ~18ms per character.

EXAMPLE

tsx

<TerminalOutput
  title="shield-scan"
  typing
  lines={[
    { text: "$ npx shield-ui scan", color: "#fff" },
    { text: "", color: "#fff" },
    { text: "  CRITICAL  CVE-2024-38816", color: "#ff2d55" },
    { text: "  HIGH      CVE-2024-29041", color: "#ff6b35" },
    { text: "", color: "#fff" },
    "  2 vulnerabilities found",
  ]}
/>

NOTES

TerminalLine = string | { text: string; color: string }
Important: wrap the lines array in useMemo() or define it outside your component. The typing animation restarts whenever the lines prop reference changes.
The blink keyframe (cursor blink) and the dark code background (#04060a) adapt to corporate theme automatically.

SecretCodeBlock

since v2.0.0

A code viewer that automatically detects and highlights secrets embedded in source text. Detected patterns are underlined with a colored border and show a tooltip with the secret type on hover. A warning count badge appears in the header when secrets are found.

IMPORT

import { SecretCodeBlock } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
code	string	""	—	v2.0.0	The raw source text to display and scan.
title	string	"source"	—	v2.0.0	Filename or label shown in the header bar.

EXAMPLE

tsx

<SecretCodeBlock
  title="config.env"
  code={`DATABASE_URL=postgres://admin:s3cr3t@db.prod:5432/app
AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
API_KEY=sk-live-aBcDeFgHiJkLmNoPqRsTuV
SESSION_TOKEN=eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoiYWRtaW4ifQ.abc`}
/>

NOTES

Detected patterns: AWS Access Keys (AKIA…), JWTs (eyJ…), API keys (api_key= / apikey=), passwords (password= / passwd=), connection strings (postgres://, mongodb://, redis://…), Bearer tokens.
Detection runs inside useMemo([code]) — no performance impact from re-renders unrelated to code changes.
This component is for display/audit purposes only. It does not transmit or store the code content.

Network & Infrastructure3 components

DataFlowLine

since v1.0.0

An animated directional data flow visualization between two labeled nodes. Shows encryption status with a lock icon and TLS label, and a threat indicator for compromised or untrusted flows.

IMPORT

import { DataFlowLine } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
from	string	"Client"	—	v1.0.0	Label for the source node on the left.
to	string	"Server"	—	v1.0.0	Label for the destination node on the right.
encrypted	boolean	true	—	v1.0.0	Shows a green lock icon and TLS label when true. Shows a red unlocked icon when false.
threat	boolean	false	—	v1.0.0	When true, turns the flow line red and adds a ⚠ threat indicator in the center.

EXAMPLE

tsx

<DataFlowLine from="Browser" to="API Gateway" encrypted />
<DataFlowLine from="API" to="Database" encrypted={false} threat />
<DataFlowLine from="Auth Service" to="Redis Cache" encrypted />

NOTES

The animated dot uses the flowPulse keyframe from globals.css.

PortScanMap

since v2.0.0

Renders port scan results as a grid of labeled tiles. Each tile shows the port number, well-known service name, and a ⚠ RISK label for inherently dangerous ports. Tile colors reflect port status: open = green/red, filtered = amber, closed = muted.

IMPORT

import { PortScanMap, type PortEntry, type PortStatus } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
ports	PortEntry[]	[]	—	v2.0.0	Array of ports to display. Can be plain numbers (treated as open) or objects with port + status.

EXAMPLE

tsx

<PortScanMap ports={[
  22, 80, 443,
  { port: 21,   status: "open"     },
  { port: 3389, status: "open"     },
  { port: 6379, status: "filtered" },
  { port: 27017,status: "closed"   },
]} />

NOTES

PortEntry = number | { port: number; status: PortStatus }
PortStatus = "open" | "filtered" | "closed"
Built-in service names: 21=FTP, 22=SSH, 23=Telnet, 25=SMTP, 53=DNS, 80=HTTP, 443=HTTPS, 445=SMB, 3306=MySQL, 3389=RDP, 5432=Postgres, 6379=Redis, 8080=HTTP-Alt, 27017=MongoDB.
Ports flagged as dangerous by default: 21 (FTP), 23 (Telnet), 25 (SMTP), 445 (SMB), 3389 (RDP).

HeatmapGrid

since v2.0.0

A 2D grid heatmap for visualizing numeric intensity data across two axes (e.g., vulnerability count by day/hour, or error rate by service/region). Cell color intensity scales from the theme border color (zero) to critical red (maximum).

IMPORT

import { HeatmapGrid } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
data	number[][]	[]	—	v2.0.0	2D array of numeric values. Rows are y-axis entries, columns are x-axis entries. Zero cells are rendered as empty.
xLabels	string[]	[]	—	v2.0.0	Labels for the column axis (shown below the grid).
yLabels	string[]	[]	—	v2.0.0	Labels for the row axis (shown to the left of each row).

EXAMPLE

tsx

<HeatmapGrid
  yLabels={["Mon", "Tue", "Wed", "Thu"]}
  xLabels={["00", "06", "12", "18"]}
  data={[
    [0, 1, 5, 2],
    [0, 0, 8, 3],
    [1, 2, 4, 6],
    [0, 0, 2, 1],
  ]}
/>

NOTES

The max value across all cells determines the color scale — a single very high outlier will make all other cells appear pale. Normalize your data if needed.
Cell values are shown as text inside the cell when > 0.

Forms1 component

PasswordStrength

since v2.0.0

A live password strength analyzer. As the user types, it calculates Shannon entropy, maps it to a strength label (Very Weak → Excellent), renders a 5-segment bar, and estimates brute-force crack time at 10 billion guesses/second.

IMPORT

import { PasswordStrength } from "@bene-npm/shield-ui";

PROPS

Prop	Type	Default	Req.	Since	Description
value	string	""	—	v2.0.0	Controlled input value. If omitted, the component manages its own state internally.
onChange	(value: string) => void	—	—	v2.0.0	Callback fired on every keystroke when the component is used in controlled mode.

EXAMPLE

tsx

// Uncontrolled:
<PasswordStrength />

// Controlled:
const [pw, setPw] = useState("");
<PasswordStrength value={pw} onChange={setPw} />

NOTES

Entropy formula: length × log₂(pool size), where pool size is the sum of character-class sizes present (lowercase 26, uppercase 26, digits 10, symbols 32).
Strength thresholds: ≥80 bits = Excellent, ≥60 = Strong, ≥40 = Fair, ≥20 = Weak, <20 = Very Weak.
The input uses type="password" for security — the value is masked by default.
Both entropy and crack time recalculate inside useMemo — no performance overhead.