🚨 Shai-Hulud Strikes Again:More than 500 packages and 700+ versions compromised.Technical Analysis
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@commercetools-frontend/assets

Package Overview
Dependencies
Maintainers
3
Versions
1152
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@commercetools-frontend/assets

Assets for building mc apps

Source
npmnpm
Version
0.0.0-canary-20251003160138
Version published
Weekly downloads
3.5K
-43.38%
Maintainers
3
Weekly downloads
 
Created
Source

@commercetools-frontend/assets

Latest release (latest dist-tag) Latest release (next dist-tag) Minified + GZipped size GitHub license

This package contains various assets that can be used in Merchant Center Custom Applications.

Install

$ npm install --save @commercetools-frontend/assets

Using SVG images

The images folder contains SVG images to be imported and used as <img src> URLs.

import React from 'react';
// Import requires a bundler to deal with SVG files
import HourglassIllustration from '@commercetools-frontend/assets/images/hourglass.svg';

const Component = () => (
  <div>
    <img src={HourglassIllustration} />
  </div>
);

Keywords

javascript
frontend
react
toolkit

FAQs

Package last updated on 03 Oct 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Shai Hulud Strikes Again (v2)

Research

/

Security News

Shai Hulud Strikes Again (v2)

Another wave of Shai-Hulud campaign has hit npm with more than 500 packages and 700+ versions affected.

By Socket Research Team  -  Nov 24, 2025