Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@internetstiftelsen/styleguide
Advanced tools
The styleguide is a set of components that follows the Atomic Design methodology and is powered by Fractal. It is built to be fully modular so one can include only what is needed when using the styleguide.
The styleguide is a set of components that follows the Atomic Design methodology and is powered by Fractal. It is built to be fully modular so one can include only what is needed when using the styleguide.
To use the styleguide in your website or interface you need to install the styleguide and then decide which components you need.
To install it, run npm i @internetstiftelsen/styleguide
.
When that's done, you need to configure your build. So open up your main SCSS file and add the components you need like this:
// Configurations, foundation, fonts, utilities etc..
@import '~@internetstiftelsen/styleguide/src/globals';
// Set a project namespace for namespace prefixed classes
$namespace: 'mysite-';
// Configuration/Base components
@import '~@internetstiftelsen/styleguide/src/configuration/grid/grid';
@import '~@internetstiftelsen/styleguide/src/configuration/colors/colors';
// Atoms
@import '~@internetstiftelsen/styleguide/src/atoms/button/button';
@import '~@internetstiftelsen/styleguide/src/atoms/input/input';
// Molecules
@import '~@internetstiftelsen/styleguide/src/molecules/card/card';
// Organisms
@import '~@internetstiftelsen/styleguide/src/organisms/header/header';
@include e(nested-element) {} // Element (.parent-element__nested-element)
@include m(modifier-name) {} // Modifier (.parent-element--modifier-name)
@include b(block-name) {} // Block (.block-name)
Peek into the app.scss to see the full set of components.
For javascript it's basically the same thing. In a javascript file:
// ES5 build version
import Button from '@internetstiftelsen/styleguide/dist/atoms/button/button';
// Standard ES6 version
import Button from '@internetstiftelsen/styleguide/src/atoms/button/button';
Depending on your browser requirements you may use the src version which is not transpiled to ES5.
Be sure to include the following features in your setup.
Add the class no-js
as default and a javascript that switches that to js
e.g. below. Some styles are relying on this class to properly display tab highlighting but of course it can be handy in many other cases too.
<html class="no-js"
<script type="text/javascript">
document.querySelector('html').classList.remove('no-js');
document.querySelector('html').className += 'js';
</script>
Add Tab Highlighting to your site. This ensures clear visual focus styles when navigating the site by tabbing. https://github.com/sewebb/iis-styleguide/tree/master/src/utilities/tab-highlighting
Add a "skip navigation" to your site. This navigation should contain anchor links to allow users to easily skip to and passed repeating content that is included on every page such as header and main navigation. https://styleguide.internetstiftelsen.se/components/detail/skip.html
Before you start, make sure you read and understand our coding standards and conventions.
npm install
.npm run dev
This will watch the files you edit and automatically start the dev environment. The code is validated and fixed on save using our coding standards and convention
To be able to deploy you need to build a static version of the styleguide.
The command npm run build
will build the static site in the build
directory in the root of the your project. NOTE: Always run this command before pushing your to git.
FAQs
The styleguide is a set of components that follows the Atomic Design methodology and is powered by Fractal. It is built to be fully modular so one can include only what is needed when using the styleguide.
We found that @internetstiftelsen/styleguide demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.