Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@artsy/detect-responsive-traits
Advanced tools
This package provides information about devices, based on their reported user-agent, that gives insight into what responsive traits the device has. This can be used with a package such as @artsy/fresnel to only render markup on the server that the device actually supports and reduce the amount of bytes that need to be sent.
This package only cares about the viewport ‘width’ that the device supports, as that’s the only dimension that Artsy’s designs take into consideration.
The package exports a single findDevice
function, which given a user-agent string finds the first entry from the
exported Devices
list that matches. The result has the following fields of interest:
{
minWidth: number
maxWidth: number
resizable: boolean
touch: boolean
}
In case resizing is supported, the device should be considered as being able to display at any size between minWidth
and maxWidth
. In case resizing is not supported, minWidth
and maxWidth
should be considered as the only two
possible width values.
The touch
value indicates if the device has a touch-screen.
The react-responsive-media example app for a demonstration of how to use this with server-side rendered React.
We only cover user-agents of which we’ve seen more than 1000 visits over the past 2 weeks on artsy.net. When new devices appear in that list we’ll add those to the existing coverage. Having said that, we very much appreciate additional coverage in the form of pull-requests!
In our current Android coverage we have many devices defined with a minWidth
of 0
, because we haven’t yet determined
what the minimum width is on these devices that Chrome will display at when resizing the window. In case you own these
devices, please visit a site that reports the viewport and test what the minimum width is both in portrait and
landscape mode.
git clone https://github.com/artsy/detect-responsive-traits.git
cd detect-responsive-traits
yarn install
# Open VS Code with `code .`
# Run tests
yarn jest
This project uses auto-release to automatically release on every PR. Every PR should have a label that matches one of the following
No release will happen on a Trivial
update.
FAQs
Get responsive size traits from a user agent
We found that @artsy/detect-responsive-traits demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.