Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@bulb/patterns
Advanced tools
Welcome to the Bulb Design repository π
The latest version of the design system documentation is published at http://design.bulb.co.uk where you can browse the library and try new pattern arrangements in the playgrounds.
To use the patterns in your project, first, add the @bulb/design
package.
Note: this is a private package, and you will need to login to npm and be added to the Bulb npm organisation.
yarn add @bulb/design
You can then simply import the components you wish to use, if you're using the full project.
import { Dropdown } from '@bulb/design/modules/Dropdown';
<Dropdown {...props} />;
This repository is split into multiple yarn workspaces:
./packages/design
) - component library for the design system../e2e
) - end to end tests for the various components in this repo,
mainly vr-tests for the component library../website
) - documentation website for the design system.Working with yarn workspaces is very similar to normal packages. Just prefix the
yarn command with workspace <workspacename>
(where <workspacename>
is the
name
key in the package.json
of the workspace).
For example, to run yarn test
in the component library package, you should
type:
yarn workspace @bulb/design test
To install dependencies, just run yarn install
in any workspace folder
(preferably the repo root).
See the yarn workspaces documentation for more information.
To run the documentation website locally run the following command.
yarn workspace website start
This will run it in a hot mode and will update any browser windows (on modern browsers) with any changes you make locally.
See the Solar technical styleguide for details about how to structure and write new patterns.
We use changelogs for patterns to help document the changes to components over time.
This helps us when consuming components that have been changed by one another to see why and how components have changed.
When updating components, we update the adjacent CHANGELOG.md
file with an entry describing the change where appropriate.
New changes should be added under the vNext
section at the top of the changelog file.
# CHANGELOG
## vNext
- [major] short description of breaking change
- [minor] short description of new feature
- [patch] short description of bug fix
- short description of non breaking change
## v17.0.1
// ...previous changes
We utilise docz to create a visual reference to all the patterns we've built in here and mdx to write both JSX and component documentation.
When you add a new pattern to this repo, the README.mdx
should be filled with details of this pattern.
It is generally the same Markdown as with Github, with the addition of Specimens - read about those over here to make your documentation amazing.
If you need to do any styling or functional changes to specimens - docz theme solar is a separate repository
Static values and CSS variables are in the src/styles
directory.
In your components, you can import these,
import { palette } from '../../styles/palette';
At Bulb we use styled-components
to enable styles to be developed at a component level.
However, not everything should be a component style in the first place, things like font-families, line-heights, and focus styles are better placed as global (base) styles because:
With focus styles, itβs particularly helpful because
We commit to having focus styles written for each component but it is not systemically robust and dependable to rely on the development process to ensure these are always present and well setup.
import { createGlobalStyle } from 'styled-components';
import { global } from '@bulb/design/styles/Global';
// with default responsive behaviour
const GlobalStyle = createGlobalStyle`
${global()}
`;
// with custom responsive behaviour
const GlobalStyle = createGlobalStyle`
${global({
responsiveBehaviours: [
{ fontSize: '16px' },
{ minWidth: '731px', fontSize: '20px' },
{ minWidth: '1695px', fontSize: '26px' },
],
})}
`;
span: 3
rows:
- Responsive Step: initial
Font Size: 16px
- Responsive Step: 667px
Font Size: 20px
- Responsive Step: 1695px
Font Size: 26px
Used with two column layouts ie. magenta (bulb account)
span: 3
rows:
- Responsive Step: initial
Font Size: 16px
- Responsive Step: 1024px
Font Size: 20px
- Responsive Step: 1695px
Font Size: 26px
The test command is
yarn workspace @bulb/design test
You can add any of the Jest CLI options to test specific files.
Your tests should cover any interactions your component may have.
The command is
yarn workspace @bulb/design test -u
We use visual regression tests to give us confidence in our component's visual behaviour when making changes.
Visual regression tests should be setup for component's in adjacent {ComponentName}.vr-test.tsx
files, and generate snapshots into an adjacent image_snapshots folder.
This command only needs to be run once per development machine. Docker will save browserless/chrome
locally for you to use any time in the future.
docker pull browserless/chrome:release-puppeteer-1.10.0
In order to run the visual regression tests in development, you will need to be running the browserless/chrome:release-puppeteer-1.10.0
docker image locally running on port 8080
.
To do so run the following command prior to running the visual regression tests. You can leave it running in the background for future test runs, or terminate and rerun before running tests again.
yarn workspace e2e run docker-vr
The test command is
yarn workspace e2e vr-test
If there are any changes to the snapshots, a diff file is generated next to the existing snapshots.
Once you have confirmed that the snapshot diffs are expected, you can update the snapshots by running:
yarn workspace e2e vr-test -u
- /ElementName
- /**image_snapshots**
- elementname-vr-test-tsx-execution-one-large-1.snap.png
- elementname-vr-test-tsx-execution-one-small-1.snap.png
- elementname-vr-test-tsx-execution-two-large-1.snap.png
- elementname-vr-test-tsx-execution-two-small-1.snap.png
- index.tsx
- styled.tsx
- ElementName.test.tsx
- ElementName.vr-test.tsx
// ElementName.vr-test.tsx
import { snapshotComponent, largeViewport, smallViewport } from 'e2e/vr-test';
const screenshotOptions = {
// by default we use the bounding box of the components container
// this allows you to test for components that break out of this
clip: {
width: 250,
height: 100,
x: 0,
y: 0,
},
};
describe('execution-one', () => {
const componentExecutionOne = <Component execution="one" />
it('large', async () => {
const snapshot = await snapshotComponent(componentExecutionOne, {
viewport: 'large',
});
expect(snapshot).toMatchImageSnapshot();
})
it('narrow', async () => {
const snapshot = await snapshotComponent(componentExecutionOne, {
viewport: 'narrow',
screenshotOptions,
});
expect(snapshot).toMatchImageSnapshot();
})
}
describe('execution-two', () => {
const componentExecutionTwo = <Component execution="two" />
it('large', async () => {
const snapshot = await snapshotComponent(componentExecutionTwo, {
viewport: 'large',
});
expect(snapshot).toMatchImageSnapshot();
})
it('narrow', async () => {
const snapshot = await snapshotComponent(componentExecutionTwo, {
viewport: 'narrow',
screenshotOptions,
});
expect(snapshot).toMatchImageSnapshot();
})
}
Use the troubleshooting guide for resolving any errors when updating the design library
FAQs
Welcome to the Bulb Design repository π
The npm package @bulb/patterns receives a total of 66 weekly downloads. As such, @bulb/patterns popularity was classified as not popular.
We found that @bulb/patterns demonstrated a not healthy version release cadence and project activity because the last version was released a year ago.Β It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.