![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@dataforsyningen/designsystem
Advanced tools
Readme
Common design system for SDFI with CSS, icons, UI components, and logo images.
Documentation is available at sdfidk.github.io/designsystem/
You can also build and read the docs locally.
designsystem
or node_modules/@dataforsyningen/designsystem
index.html
in a browser.Assuming you have Node.js and NPM installed:
First, install dependencies:
npm install
Then, run this script to build the project:
npm run build
New files will appear in the assets
folder.
You can find designsystem stylesheets in assets/designsystem.css. Copy it to your project and include the stylesheet by add a reference in the head
section of your HTML pages.
<head>
...
<link rel="stylesheet" href="YOUR_PATH/designsystem.css">
...
<head>
You can find all designsystem icons in assets/icons. You can copy and use them individually or use the entire icon set as a single SVG file: assets/designsystem-icons.svg
When using the single SVG, you just add an svg
element to your markup and display your icon of choice with use
.
Here is an example where we display the notification
icon:
<svg><use href="YOUR_PATH/designsystem-icons.svg#notification" /></svg>
You can find designsystem Javascript in assets/designsystem.js. Copy it to your project and include the script by adding a reference in the body
section of your HTML pages.
Here is an example where we import all of designsystem Javascript:
<body>
...
<script type="module" src="YOUR_PATH/designsystem.js"></script>
<body>
Here is an example where we import the Tabs
component from designsystem Javascript:
<body>
...
<script type="module">
import { Tabs } from YOUR_PATH/designsystem.js
</script>
<body>
Add @dataforsyningen/designsystem
to your package.json:
"dependencies": {
...
"@dataforsyningen/designsystem": "SDFIdk/designsystem"
}
(Will publish an NPM package later)
Assuming you installed @dataforsyningen/designsystem with NPM, you can import various parts of designsystem into your esbuild-project.
Include and build stylesheets in your esbuild script like this:
require('esbuild').buildSync({
entryPoints: ['@dataforsyningen/designsystem/designsystem.css'],
bundle: true,
outfile: 'mystyles.css',
})
Esbuild needs to support loading SVG files. You can setup the file
loader in your esbuild script like this:
require('esbuild').buildSync({
...
loader: { '.svg': 'file' },
...
})
Then you can import a reference to the svg sprites file and use them in your .js files.
import svgIcon from '@dataforsyningen/designsystem/designsystem-icons.svg'
// Using the **notification** icon
const templateString = `
<svg><use href="${ svgIcon }#notification" /></svg>
`
Import designsystem Javascript like you would import any other script. Example with ShowToast:
import { showToast } from '@dataforsyningen/designsystem'
showToast('Hello! I am a toast.')
FAQs
Unknown package
We found that @dataforsyningen/designsystem demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.