Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
@coorpacademy/components
Advanced tools
This library provide sharable components for web applications, either :
This library provide sharable components for web applications, either :
yarn
npm run start
# OR
npm run start:ie # for Internet Explorer
Then open http://localhost:3004
.
The props
is the contract your app should fill in order to use the component.
If the props
are not properly set, it is not the role of you component to change them in order to render somehow.
The propTypes
are the representation of this contract.
Keep this workflow in mind:
props -> propTypes -> fixtures -> component
Then your app will just have to read propTypes
to know which props
to provide to render a view.
template
, organism
, molecule
, atom
button
you should have this tree:atom
└── button
├── index.js
├── style.css
└── test
└── fixtures
└── default.js
└── disabled.js
└── hovered.js
index.js
contains the React code + jsx, and exports your componentstyle.css
contains the css module style for your componenttest/fixtures/*.js
are files representing all the possible states for your component, thus export props accordinglynote that whenever you add new component or new fixtures you have to generate the storybook index:
npm run generate
which is also launched automatically whenever you run npm start
translate: Provider.childContextTypes.translate
in the contextTypes object of your componentexample:
....
const YourComponent = (props, context) => {
const {translate} = context;
return <p>{translate('your new locale')}</p>
}
YourComponent.contextTypes = {
translate: Provider.childContextTypes.translate
};
...
To use a lottie animation, you need to use the LottieWrapper Atom.
Among the Lottie Atom's props, there are two important props: animationSrc & ie11ImageBackup, that need an additional step, the ie11ImageBackup is needed as it's name implies because ie11 doesn't support Lottie (more specifically Web Components due to the Shadow DOM).
First, you must upload to AWS S3 any new animation, in one of the static buckets (depending on the desired env), ex:
https://static-staging.coorpacademy.com/animations/review/
.
This animation must be paired with a backup image (svg) that'll be used for the ie11 scenario.
Then, use the urls as props for animationSrc & ie11ImageBackup, ex:
const props = {
'aria-label': 'aria lottie',
'data-name': 'default-lottie',
className: undefined,
animationSrc: 'https://static-staging.coorpacademy.com/animations/review/rank.json',
loop: true,
height: 200,
width: 200,
ie11ImageBackup:
'https://static-staging.coorpacademy.com/animations/review/rank_icon_congrats.svg',
// autoplay: true // autoplay is true by default
}
If you need to control the animation (play/pause/stop), then you must set autoplay to false &
add your desired state, among the available states: play, pause, stop, loading
const props = {
'aria-label': 'aria lottie',
'data-name': 'default-lottie',
className: undefined,
animationSrc: 'https://static-staging.coorpacademy.com/animations/review/rank.json',
loop: true,
height: 200,
width: 200,
ie11ImageBackup:
'https://static-staging.coorpacademy.com/animations/review/rank_icon_congrats.svg',
autoplay: false,
animationControl: 'loading' // play can be passed directly without using loading first
}
The props include classNames && size control to handle additional styling.
Link your dependencies:
[@coorpacademy-components] > npm link
[your-app] > npm link @coorpacademy/components
Build modifications:
[@coorpacademy-components] > npm run build:es
Run npm run build:watch
For more info see the mobile documentation
You may need to install these optional libs depending on which native components you use:
colorjs.io
react-native-modal
react-native-render-html
react-native-linear-gradient
@coorpacademy/react-native-slider
@react-native-community/blur
Error when trying to launch the storybook:
Try to delete your node_modules
, go to the project's root and launch: yarn
To check the content of the bundle and optimize it if needed, we set up webpack-bundle-analyzer
, which generates a bundle analysis report. This visualizes the size of webpack output files with an interactive zoomable treemap.
To generate it, just run npm run build:stats
.
FAQs
This library provide sharable components for web applications, either :
The npm package @coorpacademy/components receives a total of 2,226 weekly downloads. As such, @coorpacademy/components popularity was classified as popular.
We found that @coorpacademy/components demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.