Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@dialpad/dialtone-vue
Advanced tools
Dialtone Vue is a library of Vue components for Dialtone. The goal is to simplify and standardize the use of common UI patterns and behaviour across all Dialpad projects.
Component Documentation Site ↗️
Dialtone Vue is a new project, and as such it is under constant development as we add new components and refine existing ones. Please refer to the jira board to see the status of Dialtone Vue components and request new components that should be in the Dialtone Vue library.
Dialtone Vue components can be imported directly from the package. Some components also export named constants, which can be imported as well:
import { DtInput, VALIDATION_MESSAGE_TYPES } from '@dialpad/dialtone-vue';
Projects using Dialtone Vue should be aware of the requirements:
<style>
blocks.These requirements are enforced via peerdependencies of Dialtone Vue when possible.
If you would like to contribute to Dialtone Vue the first step is to get the project running locally. Follow the below quickstart to do so.
git clone https://github.com/dialpad/dialtone-vue.git
npm run storybook:install
npm install
npm start
Next read the more detailed contributor documentation in CONTRIBUTING.md.
FAQs
Vue component library for Dialpad's design system Dialtone
The npm package @dialpad/dialtone-vue receives a total of 254 weekly downloads. As such, @dialpad/dialtone-vue popularity was classified as not popular.
We found that @dialpad/dialtone-vue demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.