Research
Security News
Malicious PyPI Package ‘pycord-self’ Targets Discord Developers with Token Theft and Backdoor Exploit
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
@canonical/react-components
Advanced tools
![CI](https://github.com/canonical/react-components/workflows/CI/badge.svg?branch=main)
This is a collection of components designed to be the way to consume Vanilla Framework when using React. The library exposes both a CJS and an ESM build.
Storybook contains component docs with usage instructions.
Canonical react components currently require that your build is configured with sass-loader (or equivalent), to compile Sass.
To use the NPM package do:
yarn add @canonical/react-components
Or if you use NPM:
npm install @canonical/react-components
Please file any issues at GitHub.
You might want to:
You may wish to link this library directly to your projects while developing locally.
You can do this by cloning this repo to your local workspace:
git clone https://github.com/canonical/react-components
If you then drop into that folder and run:
yarn run link-packages
...this will add this project, react
and react-dom
to a local yarn registry.
Switching back to the project you are developing, run:
yarn install
yarn link react
yarn link react-dom
yarn link @canonical/react-components
...to pull the linked deps from the local registry. If you now run yarn build-watch
in your react-components
folder, your project should pick up any changes on refresh or hot module reload.
Note: When you're finished working locally - don't forget to go back and unlink:
cd react-components
yarn run unlink-packages
The following projects are related to, or build upon this library:
FAQs
![CI](https://github.com/canonical/react-components/workflows/CI/badge.svg?branch=main)
We found that @canonical/react-components demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.