Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@culturehq/components
Advanced tools
CultureHQ's component library.
You can import all of the components as separate named exports from the main package. As in:
import { Button } from "@culturehq/components";
const App = () => (
<Button primary icon="clipboard">
Take Survey
</Button>
);
export default App;
To get the styles, be sure to also import @culturehq/components/dist/main.css
into whatever stylesheet you're using.
Ensure you have node
and yarn
installed on your system. Then run yarn
in the root of the repository to install the dependencies. You can then start the storybook server with yarn start
and view the output at http://localhost:6006
.
Bug reports and pull requests are welcome on GitHub at https://github.com/CultureHQ/components.
The code is available as open source under the terms of the MIT License.
[20.3.0] - 2024-11-13
FAQs
CultureHQ's component library
The npm package @culturehq/components receives a total of 119 weekly downloads. As such, @culturehq/components popularity was classified as not popular.
We found that @culturehq/components demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.