Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
@gitlab-org/gitlab-svgs
Advanced tools
Gitlab SVG's
Repository to manage all SVG Assets for GitLab. Creates SVG Sprites out of Icons and optimises SVG based Illustrations.
SVG Online Viewer - http://gitlab-org.gitlab.io/gitlab-svgs/
Commands
On first time use locally you need to install dependencies through yarn install
yarn run svg - Runs all tasks that are available, if you want to release a new version just run this task
All output is saved to the dist folder, from where it is also taken from our main applications.
Adding something
If you add something in master automatically all the steps will be done for previewing the icons.
To add new icons, simply place them in the sprite_icons folder, afterwards run the yarn run svg command.
To add new illustrations, simply copy them in the illustrations folder, afterwards run the yarn run svg command.
On a Merge Request also run 'yarn run svg' to check in the updated SVG Sprite and corresponding files until we have an automatic CI/CD solution.
Preview Application
The application for previwing is based on NUXT and is located in the folder svgpreviewer.
You can run it locally through yarn run dev then it will available under http://localhost:3333/.
With yarn run generate you can generate the static output to the public folder.
Publish a new version
Follow these steps when publishing a new version:
-
Update the version in
package.jsonwithnpm version. We usually publish minor versions:npm version minor -m "Explain which SVGs are added/modified"This command will also tag the version for you.
-
Push the new version.
git push -
Push the new tag
git push origin <tagname> -
Make sure
package.jsonhas an updated version and the tag are correctly set -
Publish the new version Note: You will need an npm account with the correct permissions. Please contact Tim Zallman
npm publish
Maintainers
Contributing
GitLab is an open source project and we are very happy to accept community contributions. Please refer to CONTRIBUTING.md for details.
FAQs
SVG Assets for GitLab
The npm package @gitlab-org/gitlab-svgs receives a total of 6 weekly downloads. As such, @gitlab-org/gitlab-svgs popularity was classified as not popular.
We found that @gitlab-org/gitlab-svgs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Package last updated on 29 Oct 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025