Research
Security News
Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
By Kush Pandya - May 08, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
@carbon/import-once
Advanced tools
@carbon/import-once
Sass helper for importing files only once. Used in the Carbon Design System
@carbon/import-once
Sass helper for importing files only once. Used in the Carbon Design System
Getting started
To install @carbon/import-once in your project, you will need to run the
following command using npm:
npm install -S @carbon/import-once
If you prefer Yarn, use the following command instead:
yarn add @carbon/import-once
Usage
@carbon/import-once is helpful when needing to guarantee that a module is
loaded only once. It does this by exporting a exports mixin that you can use.
This mixin is particularly useful when you have a situation where your work
might share common dependencies that you don't want duplicated. For example,
imagine we had modules a.scss and b.scss that both import c.scss. Using
the exports mixin from @carbon/import-once will guarantee that c.scss is
loaded only once.
This looks like:
// a.scss
@import 'c';
// b.scss
@import 'c';
// c.scss
@import '@carbon/import-once/scss/import-once';
@include exports('c') {
// ...
}
🙌 Contributing
We're always looking for contributors to help us fix bugs, build new features, or help us improve the project documentation. If you're interested, definitely check out our Contributing Guide! 👀
📝 License
Licensed under the Apache 2.0 License.
FAQs
Sass helper for importing files only once. Used in the Carbon Design System
The npm package @carbon/import-once receives a total of 9,949 weekly downloads. As such, @carbon/import-once popularity was classified as popular.
We found that @carbon/import-once demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 20 open source maintainers collaborating on the project.
Package last updated on 25 Feb 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Backdooring the IDE: Malicious npm Packages Hijack Cursor Editor on macOS
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.
By Kirill Boychenko - May 07, 2025
Security News
AI Slop Is Polluting Bug Bounty Platforms with Fake Vulnerability Reports
AI-generated slop reports are making bug bounty triage harder, wasting maintainer time, and straining trust in vulnerability disclosure programs.
By Sarah Gooding - May 06, 2025