Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@a-cloud-guru/skittles-ui
Advanced tools
Live Storybook from latest Skittles build! 📖
Skittles UI is ACG's Mobile design system..
Skittles handles Theming for you, not just for colours, but also spacing, typography & more!
The idea is to give designers & devs the same toolbox that is constraint-based so both parties can focus on what matters most: delivering a world-class user experience; and not nit-picking the margin sizes required for a container etc.
Through the power of react-native-web
we are able to showcase Skittles UI on the web.
In order to start using Skittles UI quickly in your React Native project, it's as simple as:
yarn add @a-cloud-guru/skittles-ui
You will also need to have the following libraries configured and installed iny our project:
react-native-svg
react-native-vector-icons
Once you've setup Skittles UI, you can use like so...
// MyComponent.tsx
import {
Layout,
Text,
Button,
SkittlesThemeProvider,
} from '@a-cloud-guru/skittles-ui';
export const MyComponent = () => (
<SkittlesThemeProvider>
<Layout>
<Text variant={'h2'}>My Styled Heading 2</Text>
<Button>Click Me!</Button>
</Layout>
</SkittlesThemeProvider>
);
If you're wondering how we just set bg
to danger
& it knows the value, see Styling.
Skittles UI uses styled-system
which allows us to provide you components w/ 'theme-aware' props..
This means you can do cool things like:
<Layout mb="small" bg="danger">
...
</Layout>
Which will give our Layout the right margin bottom & background color according to our theme!
Check out the official Styled System site/docs for more info. Don't worry about the setup parts though, focus on consumption & usage of the props.
When you setup your ConfigProvider
, you will to pass it a theme
as a prop (otherwise falls back to default).
This theme object you provide can be one you import directly from the Rainbow package.. OR it can be entirely yours (or an override on top of an existing one)
Skittles uses SVGR to generate React components out of the SVG icons used. To add a new Icon add the SVG to assets/icons
and run yarn generateIcons
.
If you'd like to setup Skittles UI for local development, please follow the steps below!
And thank you in advance 🙇♀️
Clone the ACG packages monorepo: git clone git@github.com:ACloudGuru/a-cloud-guru.git
Navigate to the repo: cd a-cloud-guru
Add a .envrc
w/ contents: export NPM_TOKEN=x
; this is to keep the .npmrc
file happy 🙄, you don't actually need a valid token!
Make sure you have Direnv installed & setup correctly for your Shell environment: https://direnv.net/#getting-started
Run direnv allow
, you should see a few logs, one setting NPM_TOKEN
if successfull.
Navigate to Skittles: cd packages/skittles-ui
Install dependencies: yarn
Run storybook: yarn storybook
🌈
If you're just making an update to an existing Component, theme or token, you should look at the relevant stories to make sure everything looks/behaves as expected.
If you're adding a new variant of a Component (eg. new Button type), please ensure you update the relevant story for it to reflect this enhancement. Eg. for Button, you'd update the Variants story & add your new type/variant there!
Adding entirely new components will require you to setup brand new stories for them.
Please follow the same pattern for setting up stories as per existing ones (folder structure, grouping, naming, ..).
Story files demo a single or set of components, with sub items for different states or alternate implementations. e.g.
Decorators can (optionally) wrap stories, providing layout and/or context for components using themes.
Our Storybook utilises DocsPage w/ the new CSF syntax!
Read more here.
import React from 'react';
import { MyComponent } from '../src/components';
import { ContainerDecorator, ContextDecorator } from './decorators';
export default {
title: 'MyComponent',
component: MyComponent,
decorators: [ContextDecorator, ContainerDecorator],
};
export const first = () => <MyComponent />;
export const withProp = () => <MyComponent prop={true} />;
Everytime you make a change to any code (not docs), you MUST increment the version number field in the package.json.
We are adhering to the SemVer (semantic versioning) guidelines for our releases.
It goes like this: MAJOR.MINOR.PATCH
Once a PR is merged w/ a bumped version, release will be automated via the acg-packages
Buildkite pipeline!
As explained above, major releases equals breaking changes.
A great way to avoid small breaking changes (eg. renaming a token, theme key or component), is to create a NEW one & put a @DEPRECATED
comment on the old one.
This allows users to update to the latest version w/o breaking the existing code.
However, on every major release you must do 2 things:
Document all migration steps necessary in Migration Guides
Ensure that any code w/ comment @DEPRECATED
is deleted
FAQs
A Cloud Guru Mobile UI Kit
We found that @a-cloud-guru/skittles-ui demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.