
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
@avalabs/k2-alpine
Advanced tools
Component library to be used for Core applications.
In order to use K2 Alpine, you must do some client-side setup.
You will need to set the following scripts in your head
tag to install fonts.
<link rel="preconnect" href="https://fonts.googleapis.com" />
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin="anonymous" />
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,400..700;1,14..32,400..700&display=swap" />
pnpm storybook
will allow you to start Storybook and be able to visualize the component library. Read more details in the Storybook documentation.
K2 Alpine Components uses the following libraries:
FAQs
Component library to be used for Core applications.
The npm package @avalabs/k2-alpine receives a total of 235 weekly downloads. As such, @avalabs/k2-alpine popularity was classified as not popular.
We found that @avalabs/k2-alpine demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 43 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.