Security News
JSR Working Group Kicks Off with Ambitious Roadmap and Plans for Open Governance
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
@homebound/beam
Advanced tools
[![npm](https://img.shields.io/npm/v/@homebound/beam)](https://www.npmjs.com/package/@homebound/beam)
Homebound's React component design system.
To see the latest designs, check out the Figma file.
# Only when running for the first time to install dependencies for Beam & Truss
> yarn
> cd ./truss && npm i # Note that this will change director to /truss
# Easiest way to start. This runs Storybook.
> yarn start
# Re-build src/Css.ts after changing truss/ config files
> yarn build:truss
# Automatically re-build src/Css.ts after changing truss/ config files
> yarn watch:truss
Beam is specifically "Homebound's Design System". Given this extremely narrow purpose, we can lean into the simplicity of:
The most concrete manifestation of this is that we want to provide as few props as possible.
Fewer props generally means:
All of these points are generally in stark contrast to traditional, "big" UI toolkits like Material UI, Carbon from IBM, Spectrum from Adobe, etc., where they have to be "everything for everyone", and have the large API surface areas and complexity that comes with it.
For them, a MUI application in Company A shouldn't have to look & behave exactly like a MUI application in Company B. Which makes sense.
But for Beam at Homebound, we specifically want a component that behaves in our App A to look & behave the same as it does in our App B.
As we open source Beam, this vision of "as few props as possible", "components must look the same in every app" doesn't seem like something that other companies/projects would adopt (i.e. surely they want different colors, slightly different behavior to suit their user base, etc.).
Our proposal for solving this tension is to adopt a radically different model than "pull in the Beam npm library into your app and just use it as-is" (although you're free to do that too): it's forking.
"Adopters" of Beam should of course contribute back bug fixes and feature improvements; but they should also feel free (and encouraged) to run their own company-specific forks, and "customize by changing the source".
In this way, Beam should be seen as a place to "copy & paste" start from, rather than a project that will have 1,000s of npm downloads, and 100s of companies all collaborating on getting this one TextField
implementation to behave in the 101 different ways that they each want.
FAQs
[![npm](https://img.shields.io/npm/v/@homebound/beam)](https://www.npmjs.com/package/@homebound/beam)
We found that @homebound/beam demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.