Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@cbrazn/aragon-ui
Advanced tools
aragonUI is a React library used to build user interfaces for Aragon and its related projects. It provides the components needed to build experiences that feel integrated with Aragon ecosystem, and can be used both client or server side.
The complete documentation can be found on the aragonUI website.
If you are unfamiliar with aragonUI, we recommend you to start with the getting started page. If you only want to know how to add aragonUI to your project, have a look at the quick setup:
Install aragonUI alongside styled-components from npm:
npm install --save @aragon/ui styled-components
Copy its assets into your public directory:
npx copy-aragon-ui-assets ./public
Wrap your app with the Main
component:
import React from 'react'
import { Main } from '@aragon/ui'
function App() {
return (
<Main>
<h1>Hello aragonUI!</h1>
</Main>
)
}
Your project is now ready to use aragonUI. 💫
Open https://ui.aragon.org/ to see the list of the available components and learn how to use them.
aragonUI require some assets (e.g. fonts) in order to work properly. These need to be copied where they can be accessed by the library, like the public/
directory of a project using Create React App.
Copy these assets using the provided copy-aragon-ui-assets
command:
npx copy-aragon-ui-assets ./public
By default, it will create a directory named aragon-ui
in the specified directory.
This emplacement is communicated to the library through the <Main>
component. The default path is ./aragon-ui/
, but you can change it using the assetsUrl
prop:
import { Main } from '@aragon/ui'
const App = () => (
<Main assetsUrl="http://example.com/aragon-ui-assets/">
<h1>Hello aragonUI!</h1>
</Main>
)
You may also want to add it as a build step in your project, so that aragonUI can be upgraded without having to worry about this.
"scripts": {
"sync-assets": "copy-aragon-ui-assets ./public",
"build": "npm run sync-assets && react-scripts build",
"start": "npm run sync-assets && react-scripts start"
}
See copy-aragon-ui-assets -h
for more information.
Please have a look at CONTRIBUTING.md.
MIT, see LICENSE.
FAQs
Unknown package
We found that @cbrazn/aragon-ui demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.