
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
@cpelements/cp-comments
Advanced tools
This web component is intended to be used with the red_hat_comments
Drupal module.
This component had a rocky development process and is a bit different from working on most components. It's recommended to develop on this with a local Drupal environment, possibly many Drupal development environments.
See CP Elements Docs for general instructions getting setup, there's helpful info about getting your environment setup and other helpful information.
To get a proper dev setup get CP-comments setup in a Drupal environment:
Also see the architecture documentation.
From inside this folder run:
npm run dev
From CP Elements git root run:
# Only watches and compiles CP-Comments and it's dependencies
npm run dev cp-comments
# Or this command that launches a web server and watches/compiles all components:
npm start
The web server is not helpful for CP Elements at time of writing, it only works well in a Drupal context.
CSS Property Name | Default | Description |
---|---|---|
--cp-comments__loader__color | #ccc | Color of the loading spinner |
cp-comments:comments-loaded
Fires when the first/another batch of comments have been loaded
event.detail.commentCount
: Total comments (from all pages)event.detail.cpComments
: A reference to the cp-comments elementcp-comments:comment-added
Fires when a comment has been successfully added. Includes:
event.detail.commentCount
: Total comments (from all pages)event.detail.cpComments
: A reference to the cp-comments elementcp-comments:comment-deleted
Fires when a comment is successfully deleted. Includes:
event.detail.commentCount
: Total comments (from all pages)event.detail.cpComments
: A reference to the cp-comments elementpfeconfig-query
Fires when component loads and is ready for config from the host site. See docroot/modules/contrib/red_hat_comments/templates/comments-block.html.twig
on the Commenting Platform, which captures the event and sets the config on cp-comments.
At time of writing, we're in the middle of heavy development, and need to coordinate multiple folks working on the code, pushing code to QA, and code review.
The process (for now) is:
epic/cp-comments-1x/integration
, it's recommended to use DAT branch naming for consistency:
feature/USERNAME/TICKET--SHORT-DESCRIPTION
For example:
feature/wruvalca/CPCORE-9212--fixing-authentication`
npm run dev cp-comments
from CP Elements git root, or npm run dev
from the CP Comments folder to watch and build code.main
.Check with devs working on cp-comments to see if they're close to needing a release to combine efforts.
epic/cp-comments-1x/integration
epic/cp-comments-1x/integration
to GitLabnvm use
or similar for CP Elements gitroot)elements/cp-comments
npm version patch
(assuming you want a patch and not )npm run build
(this ensures the component will report the right version from it's API)npm publish --access=public
epic/cp-comments-1x/integration
j/public_modules/package.json
FAQs
Comments web component made for Red Hat Customer Portal
The npm package @cpelements/cp-comments receives a total of 2,333 weekly downloads. As such, @cpelements/cp-comments popularity was classified as popular.
We found that @cpelements/cp-comments demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 16 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.