Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@dialpad/dialtone-tokens
Advanced tools
Design tokens for Dialpad's design system Dialtone and everything related to building and publishing them.
Design tokens are all the defined values that are part of the design system, such as color, spacing, typography, and more. The goal is to store design tokens as JSON and output and publish them to many different formats (CSS, LESS, Android, iOS, etc.) upon build.
To use Dialtone Tokens in your project:
npm install @dialpad/dialtone-tokens
@import "@dialpad/dialtone-tokens/dist/tokens-base-light.css"; // Light variables
@import "@dialpad/dialtone-tokens/dist/tokens-base-dark.css"; // Dark variables
dialtone-tokens provides a postcss plugin that you can use to convert all tokens using rem to px. This could be useful if you are using dialtone in an embedded situation where you don't have control over the root font size.
You can reference this script from:
@dialpad/dialtone-tokens/dist/postcss/rem-to-px.js
@dialpad/dialtone/tokens/postcss/rem-to-px.js
To use this script you will have to run it as part of your build process on the tokens files you are importing. There are various ways to run postcss as part of your build process, please see the documentation here: https://github.com/postcss/postcss?tab=readme-ov-file#usage
.my-css-class {
color: var(--dt-color-purple-200)
}
Or
@import "@dialpad/dialtone-tokens/dist/less/tokens-base-light.less"; // Light variables
@import "@dialpad/dialtone-tokens/dist/less/tokens-base-dark.less"; // Dark variables
.my-css-class {
color: @dt-color-purple-200
}
import "@dialpad/dialtone-tokens/dist/tokens-base-light.json" // Light tokens
import "@dialpad/dialtone-tokens/dist/tokens-base-dark.json" // Dark tokens
File > Swift Packages > Add Package Dependency
https://github.com/dialpad/dialtone-tokens-swift
<dependency>
<groupId>design.dialpad.tokens</groupId>
<artifactId>dialtone-tokens</artifactId>
<version>1.2.0</version>
</dependency>
mvn install
pnpm install
nx run dialtone-tokens:build
to build tokens. Built tokens will be output to the dist folder.base.json
Contains tokens exported from figma.tokens/tokens.json
Contains tokens in style dictionary format (generated from base.json
).dist
Contains tokens in their final output form, in multiple different formats.FAQs
Design tokens for Dialtone.
The npm package @dialpad/dialtone-tokens receives a total of 265 weekly downloads. As such, @dialpad/dialtone-tokens popularity was classified as not popular.
We found that @dialpad/dialtone-tokens demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.