Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@manifoldco/mercury
Advanced tools
Design tokens auto-generated from our Figma files.
With Node installed, run the following in the project folder of your choice:
npm install @manifoldco/mercury
Mercury ships with some Sass Modules which can be imported and extended if you’re
using version 1.23.0
or greater:
@use "node_modules/@manifoldco/mercury";
.Manifold__Button {
@include mercury.Manifold__Button; /* extend button styles */
@include mercury.Manifold__Typography__Body;
background: mercury.$color-purple; /* provide overrides from common variables */
color: mercury.$color-white;
font-family: mercury.$typography-bodyMono-fontFamily;
}
For reference, please see the generated .scss
files which are tracked in version
control.
import { css } from 'linaria';
import { color, typography } from '@manifoldco/mercury';
const header = css`
font-family: ${typography.body.fontFamily};
color: ${color.black};
`;
Group | Sass | JS |
---|---|---|
Color | $color-* | color.* |
Gradient | $gradient-* | gradient.* |
Shadow | $shadow-* | shadow.* |
Typography | $typography-* | typography.* |
Component | Description |
---|---|
.Manifold__Button | Those Manifold buttons you know and love |
.Manifold__Typography | Global typography styles to really lighten that copy/paste load |
Icons are all included in the icons/
folder as .svg
files. You should be able to
import these however you normally import files from npm. If using webpack, you may need to enable
raw-loader for SVG files.
npm run dev
In your .zshrc
or .bashrc
, add your Figma access token (needed to access Manifold
files):
export FIGMA_TOKEN=myaccesstoken
Then run:
npm run extract
If something breaks, bug Drew.
Simply draft a new release and tag it:
Tag | Release |
---|---|
v#.#.# | Stable: ⚠️ dependabot will update all our repos using it! |
v#.#.#-beta.0 | Unstable: this is safe for testing |
⚠️ Note: deploying won’t update the tokens! You’ll need to run npm run extract
to pull the
latest values.
FAQs
Manifold Design System
The npm package @manifoldco/mercury receives a total of 0 weekly downloads. As such, @manifoldco/mercury popularity was classified as not popular.
We found that @manifoldco/mercury demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 11 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.