Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@comparaonline/assets
Advanced tools
Readme
This project has as objective have a single point to store and access common assets among multiple applications. The output files will be uploaded to a CDN with a long duration cache.
yarn add @comparaonline/assets
import image from '@comparaonline/assets/image';
Then, you can explicity include an image
image('logos/comparaonline.svg');
The output will be like this:
'https://cdnjs.comparaonline.com/assets/images/af6085a0e7e3f3af17c78f30e3384e0e.svg';
The TypeScript definitions let us discover the available assets using a IDE with autocomplete support
The source of the assets
is the src
folder. Place them according to its type. The convention is to have an entry file per each asset, in the image
case, there is a folder with a small function to map the keys in the manifest file. The idea of have multiple entries by asset type is take advance of the tree shaking features or only use the required portions of the assets gallery.
If you need to check the output, you'll need to run the optimize step:
yarn optimize:images
Note: This step is automatically executed in the Jenkins workflow.
FAQs
[![code style: prettier](https://img.shields.io/badge/code_style-prettier-ff69b4.svg?style=flat-square)](https://github.com/prettier/prettier) [![npm version](https://badge.fury.io/js/%40comparaonline%2Fassets.svg)](https://badge.fury.io/js/%40comparaonli
The npm package @comparaonline/assets receives a total of 0 weekly downloads. As such, @comparaonline/assets popularity was classified as not popular.
We found that @comparaonline/assets demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.