
Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
@automattic/color-studio
Advanced tools
The color palette for Automattic products, exported in multiple formats.
npm install @automattic/color-studio
This package is dependency-free.
@import "~@automattic/color-studio/dist/color-variables";
button {
background: $studio-pink-50;
color: $studio-white;
}
const PALETTE = require( '@automattic/color-studio' );
console.log( PALETTE.colors[ 'Pink 50' ] );
The above imports the contents of the JSON file.
# Spin up Color Studio
yarn install
yarn test
yarn start
# Generate the JSON file, the stylesheets, and the Sketch Palettes file
yarn palette
# Build the documentation and the examples from `docs/source`
yarn docs
# Build and link the Sketch extension
yarn sketch
# Generate the preview image (by taking a screenshot of the documentation)
yarn meta
All the build commands run automatically before every commit.
Color Studio is licensed under GNU General Public License v2.0 (or later).
4.1.0
FAQs
The color palette for Automattic products.
The npm package @automattic/color-studio receives a total of 9,697 weekly downloads. As such, @automattic/color-studio popularity was classified as popular.
We found that @automattic/color-studio demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 59 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.