Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@a-la/bulma
Advanced tools
@a-la/bulma
is Bulma Class Properties And Types Definitions For JSX.
yarn add -D @a-la/bulma
npm i --save-dev @a-la/bulma
By installing this package, you will be able to specify classes on tags and components as JSX properties when using alamode
transpiler.
To receive access to auto-completions, you'll need to import the @a-la/bulma
package in your source code:
import '@a-la/bulma'
// or when using Preact 8:
import '@a-la/bulma/preact'
export const Component =
() => (<div modal>Hello World</div>)
The actual import doesn't do anything as the source file is blank. It is needed only for VSCode to pick up distributed typings.
Because of a bug in VSCode, you won't see properties with hyphens, e.g., is-loading
and will only see isLoading
, but you can actually use both. The camel cases are added for discoverability of classes.
See the 📙 full list of Bulma classes in Wiki.
An annotated version of Bulma 0.8.0 is available in bulma/bulma.css
where /* @alternate */
annotations were added for compatibility with Closure Stylesheets.
GNU Affero General Public License v3.0
© Art Deco™ for À La Mode 2020 |
---|
FAQs
Bulma Class Properties And Types Definitions For JSX.
We found that @a-la/bulma demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.