Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@gemlightbox/core-kit
Advanced tools
Readme
Following steps will allow you to run the project locally
node -v
git clone git@bitbucket.org:picupmedia/core-kit.git
cd core-kit
git config user.name "YOUR_NAME"
git config user.email "YOUR_EMAIL"
git checkout origin development
npm i
npm run start
Following steps will describe you how to use deployed npm
package
Ask your management stuff to invite you to the private npm package as developer.
You will receive invitation on your email and should proceed to account creation flow to npm
Login to npm in your terminal (due to package is private)
npm login
npm whoami
npm logout
npm i @gemlightbox/core-kit
// If you try to do that being not logged under valid npm account - you will see 401 Unauthorized error.
import "@gemlightbox/core-kit/dist/assets/styles/index.css"; <-- compiled css
import "@gemlightbox/core-kit/dist/assets/styles/root.css"; <-- css variables
In the project directory, you can run:
npm run start
Open http://localhost:4444 to view it in the browser
Runs the docs app in the development mode
Here you can see and play with components templates
npm run build
Builds the docs app with all templates for production to the build
folder
Those folder will be deployed to firebase hosting here
You can share with your team, so they can see what components we have and how they behave
npm run build-package
Builds the app as package for production to the dist
folder
Those folder will be deployed to npm private package here
You need access to it due to it is private package
Please, check bitbucket-pipelines.yml file to check what CI/CD currently executed
See Learn More for details
FIREBASE_PROJECT
& FIREBASE_TOKEN
- used to be able to deploy documentation to firebase
hosting by bitbucket pipelines. See Learn MoreNPM_TOKEN
- used to be able to publish @gemlightbox/core-kit
package by bitbucket pipelines to
npm
. You need automation token of user with access to @gemlightbox/core-kit
. See
Learn MoreTo learn React, check out the React documentation
You can learn more in the Create React App documentation
See the section about create-react-app deployment for more information
See information about how to install firebase
See information about firebase token
See information about firebase project ID
See information about npm tokens here and here
See information about bitbucket pipelines here and here
See information about bitbucket cache here
FAQs
Picupmedia dev kit tools
We found that @gemlightbox/core-kit demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 12 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.