Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
github.com/nandi95/vue-toastify
🔥Vue Toastify🔥
Simple and dependency free notification plugin.
npm i vue-toastify
import { createApp } from 'vue';
import plugin from 'vue-toastify';
// base styles
import 'vue-toastify/index.css';
// theme styles
import 'vue-toastify/themes/dark.css';
import type { Settings } from 'vue-toastify';
const app = createApp({ });
app.use<Settings>(plugin, { });
app.mount('#app');
useToast()
composableStyles include a 'dark'
(default) and a 'light'
theme. If you would like to create your own styles you may use the following helpers:
import { createVtTheme, getCssRules } from 'vue-toastify';
// this will create a stylesheet if doesn't exists and insert it into the head
createVtTheme('myThemeName', '#8f6b42');
// then you can set the theme of the status or the global settings
// alternatively, you can get an array of css rules using getCssRules
getCssRules('myThemeName', '#8f6b42').forEach(rule => {...});
// this will give you a good starting point to customise the theme
You may create some methods on the useToast()
so it will shortcut any repetition you may have in your app. To register them add a customNotifications
key to the settings when registering the plugin.
app.use<Settings>(plugin, {
customNotifications: {
authenticationError: {
body: 'Authentication error',
// ... rest of the toast options here
}
}
});
// then later you can use it as
useToast().authenticationError();
import type { ToastPluginAPI, CustomMethods } from 'vue-toastify';
declare module 'vue-toastify' {
interface MyMethods extends CustomMethods {
authenticationError(): string;
}
function useToast(): ToastPluginAPI & MyMethods;
}
The plugin emits events that you can listen to which allows for using callbacks at different points in the toast's lifecycle.
import { useVtEvents, useToast } from 'vue-toastify';
const toast = useToast().success({ body: 'Hello world', canTimeout: true });
useVtEvents().once('vtPaused', payload => {
if (payload.id === toast.id) {
// do something
}
})
The recommended way to install is by creating a plugin. As notifications are expected to be responses to user actions, we can lazy load the plugin to reduce the initial bundle size.
Be sure to familiarise yourself with the Nuxt plugin documentation.
// plugins/toast.client.ts
// .client will only run the plugin on the client side.
import type { Settings } from 'vue-toastify';
export default defineNuxtPlugin({
name: 'toast',
// can load the same time as the rest of the plugins
parallel: true,
setup: nuxt => {
// this will lazy load the plugin therefore won't be included in the entry point
void import('vue-toastify').then(exports => {
nuxt.vueApp.use<Settings>(exports.default, {
pauseOnHover: true,
theme: 'light',
position: 'top-right'
});
});
}
});
Then specify the auto-imported preset in your configuration.
// nuxt.config.ts
export default defineNuxtConfig({
css: [
// required base themes
'vue-toastify/index.css',
// include the theme you want to use
'vue-toastify/themes/light.css'
// or generate one of your own as described in the custom styling section
],
imports: {
// this will include the composables that the plugin provides
// which is negligable in size compared to the plugin itself
presets: [
{
from: 'vue-toastify',
imports: [
// include only the composables you need auto-imported
'useToast',
// 'useVtEvents',
// 'useVtSettings'
]
}
]
},
})
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.