Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
@coveord/plasma-react
Advanced tools
Coveo Administration Console's design system.
This repository uses some external libraries defined as peer dependencies. You must install those libraries in you own project in order for @coveord/plasma-react
to work properly. All peer dependencies are listed in the package.json file along with their respective version requirements.
npm install @coveord/plasma-react
If you want to use @coveord/plasma-react
in a TypeScript context, the package already includes its types.
In a .jsx
context:
const React = require('react');
const createRoot = require('react-dom/client').createRoot;
const Badge = require('@coveord/plasma-react').Badge;
const root = createRoot(document.getElementById('SomewhereInYourApp'));
root.render(<Badge label="Hello Plasma!" />);
In a .tsx
context:
import {createRoot} from 'react-dom/client';
import {Badge} from '@coveord/plasma-react';
const root = createRoot(document.getElementById('SomewhereInYourApp'));
root.render(<Badge label="Hello Plasma!" />);
All components that implement a dropdown behaviour like the SingleSelect or the MultiSelect will render their content outside the normal DOM hierachy using react portals to avoid some overlapping issues.
The target of that portal is given by the Defaults.DROP_ROOT
selector, but you can change this value to something else if you need.
Defaults.DROP_ROOT = '#plasma-dropdowns'; // default
If no DOM element match the specified selector an error will be thrown, so make sure this selector points to an element that always exists in the DOM. Preferably, that element should be outside the hierarchy of the whole app.
Example of a working DOM structure:
<html>
<head>
<!-- ... -->
</head>
<body className="coveo-styleguide">
<div id="App"><!-- Your app renders here --></div>
<div id="plasma-dropdowns"></div>
</body>
</html>
See our main page.
@coveord/plasma-react
is distributed under Apache 2.0 license.
FAQs
Plasma components implemented with React!
The npm package @coveord/plasma-react receives a total of 3,257 weekly downloads. As such, @coveord/plasma-react popularity was classified as popular.
We found that @coveord/plasma-react demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.