Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@heroku/ember-hk-components
Advanced tools
Reusable Ember components
Usage of these components assumes you are using the Purple3 CSS framework and Malibu.
Install ember-cli-eyeglass
if it's not installed already.
ember install --save ember-cli-eyeglass
Install @heroku/ember-hk-components
ember install --save @heroku/ember-hk-components
You'll need to import the scss files that support the actual components into your app. Ensure that you have installed ember-cli-eyeglass
and that you are
using app.scss
for your app's styles.
You can import css for all the components like this:
@import "ember-hk-components/ember-hk-components";
If you want to import the css for only a specific component, like hk-slide-panel
, you can include it like this:
@import "ember-hk-components/hk-slide-panel";
See ember-hk-components.herokuapp.com for a complete list of components that are available.
git clone https://github.com/heroku/ember-hk-components
cd ember-hk-components
yarn install
ember serve
yarn test
(Runs ember try:each
to test your addon against multiple Ember versions)ember test
ember test --server
The demo app is useful for developing this addon, but it can often be helpful to consume your version of this addon in another application either to more easily develop your changes or to validate that your changes work as you expect. You can use your local version of ember-hk-components
in another application that consumes it via yarn's link command.
// in your ember-hk-components directory
> yarn link
// in your consuming app directory
> yarn link @heroku/ember-hk-components
// to put consuming app back on the release version
> yarn unlink @heroku/ember-hk-components
Now, when you make changes in your copy of ember-hk-components
those changes will be reflected in the consuming application.
This library does its best to follow the principles of Semantic Versioning. Every effort should be made to ensure all non-major versions are released in a backwards compatible way.
This project's changelog is generated using lerna-changelog
. You can find instructions on how to setup your local environment for this in the project's Readme. Note that the Personal access token you use must be SSO-enabled for this to work.
lerna-changelog
works off a system of labels defined in this project's package.json. Pull requests will be collated into the changelog based on which label has been applied to them.
Once you are ready to make a new release follow these steps:
package.json
yarn run changelog --from x.x.x
where x.x.x
is the last version of this library that was released. This should generate changelog of changes since that last release.Once the PR is approved and merged you can then tag your new version by running git tag x.x.x
where x.x.x
is the new version number. Push your tag to GitHub using git push origin --tags
.
Publish your new version to npm with the command npm publish
🎉
Note that you must have publish access to the @heroku npm organization to successfully publish
FAQs
Ember HK Components
The npm package @heroku/ember-hk-components receives a total of 212 weekly downloads. As such, @heroku/ember-hk-components popularity was classified as not popular.
We found that @heroku/ember-hk-components demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 222 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.