
Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
@celery/ui-components
Advanced tools
Reusable UI components
npm install
npm run build
build/index.html
in browserYou must be an approved npm user for the @celery
namespace/private modules.
npm install @celery/ui-components
All components come with at least config.less
and index.less
. config.less
includes all the configuration/variables and mixins. index.less
actually defines the component rulesets or invokes mixins. If you do not want to include the default components, you can just include the config and use that to create your own components based on the variables and mixins.
npm install
npm run build-watch
This will watch the components
, mixins
, and styleguide
directories. If any of them fail to compile, you have an error.
Open the styleguide by opening build/index.html
in your browser.
Don't forget to document things in the comments of the index files. Use Styledown syntax.
In order to publish, you must be a part of the @celery npm group.
git checkout master
git pull
npm version [major/minor/patch]
git push
npm publish
MIT
FAQs
Shared UI Components and Styles
The npm package @celery/ui-components receives a total of 1 weekly downloads. As such, @celery/ui-components popularity was classified as not popular.
We found that @celery/ui-components demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
Product
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
Security News
Research
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.