Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@keboola/indigo-ui
Advanced tools
Indigo UI library, its CSS and React components. Also Styleguide app showing usages of this library.
node -v
yarn global add grunt-cli
yarn
yarn dev
docker-compose build
(See Dockerfile
to check what's inside)docker-compose run --rm --service-ports node
yarn
, yarn dev
, ...)yarn dev
: Start Storybook serveryarn test
: Run testsyarn build-lib
: Build package prepared for publishing to npmjs registryyarn build-storybook
: Prepare Storybook for deploymentyarn stylelint
: Check less files for errorssrc/indigo/components
(e.g. Loader.jsx
).Loader.test.js
).src/indigo/components/index.js
to enable its export.indigo-ui
in kbc-ui
Make sure you have package prepared yarn build-lib
.
yarn link
(preferred)yarn link
yarn link "@keboola/indigo-ui"
Similar (but reversed) process applies for yarn unlink
.
yarn add
yarn add file:/path/to/indigo-ui
Check KBC.md
First, check the content of .travis.yml
file and documentation about
Travis Deployment.
main
branchsrc/indigo
folder and you want to make
those changes available for users.Steps:
main
branchyarn version
command
package.json
) and tag for you.package.json
manually or create tag manually.main
branch - e.g git push origin main
main
branch is deployed)git push origin v2.0.0-beta-3
<- This triggers deploy to npmjs!Run yarn test
. It'll start tests in interactive mode.
Run npm pack
. Check its manual here.
If published version does not match installed version.
git clone git@github.com:react-bootstrap/react-bootstrap.git
cd react-bootstrap
git fetch --all
git checkout v0.31.5 # use version you need
npm run docs
Open browser at localhost:4000
MIT licensed, see LICENSE file.
FAQs
Keboola UI library
We found that @keboola/indigo-ui demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.