Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@material/rtl
Advanced tools
UIs for languages that are read from right-to-left (RTL), such as Arabic and Hebrew, should be mirrored to ensure content is easy to understand.
npm install @material/rtl
rtl
is the most flexible mixin, because it can work with multiple CSS properties. All other RTL mixins logic could be engineered by only using rtl
, but we provide these mixins for convenience.
Both reflexive-property
and reflexive-box
work with one base box-model property, e.g. margin, border, padding. But reflexive-property
is more flexible because it accepts different left and right values. reflexive-box
assumes the left and right values are the same, and therefore that the box-model is symmetrical.
reflexive-position
is the least flexible mixin. It only works with one horizontal position property, "left" or "right". It also assumes the left and right values are the same.
Mixin | Description |
---|---|
rtl($root-selector) | Creates a rule that is applied when the root element is within an RTL context |
reflexive-box($base-property, $default-direction, $value, $root-selector) | Applies the value to the #{$base-property}-#{$default-direction} property in a LTR context, and flips the direction in an RTL context. This mixin zeros out the original value in an RTL context. |
reflexive-property($base-property, $left-value, $right-value, $root-selector) | Emits rules that assign #{$base-property} -left to #{left-value} and #{base-property} -right to #{right-value} in a LTR context, and vice versa in a RTL context. Basically it flips values between a LTR and RTL context. |
reflexive-position($position-property, $value, $root-selector) | Applies the value to the specified position in a LTR context, and flips the direction in an RTL context. $position-property is a horizontal position, either "left" or "right". |
reflexive($left-property, $left-value, $right-property, $right-value, $root-selector) | Applies the pair of property values to the specified position in a LTR context, and flips the direction in an RTL context. |
A note about [dir="rtl"]: rtl($root-selector)
checks for [dir="rtl"]
on the ancestor element. This works in most cases, it will sometimes lead to false negatives for more complex layouts, e.g.
<html dir="rtl">
<!-- ... -->
<div dir="ltr">
<div class="mdc-foo">Styled incorrectly as RTL!</div>
</div>
</html>
Unfortunately, we've found that this is the best we can do for now. In the future, selectors such as :dir will help us mitigate this.
14.0.0 (2022-04-27)
unset
is unsupported in IE. (f460e23)validateTooltipWithCaretDistances
method. (3e30054)theme-styles
mixin... the value being retreived from the $theme
map and css property name was swapped. The mixin would request font-size
/font-weight
/letter-spacing
from the $theme
map (which expects size
/weight
/tracking
)... so these values would always be null
. (32b3913)attachTo
. (05db65e)showTimeout
is not set (indicating that this tooltip is about to be re-shown). (6ca8b8f)minRange
param to range sliders to request a minimum gap between the two thumbs. (8fffcb5)valueToAriaValueTextFn
and valueToValueIndicatorTextFn
functions are called for. (b6510c8)PiperOrigin-RevId: 444830518
PiperOrigin-RevId: 419837612
FAQs
Material Components for the web RTL Scss helpers
The npm package @material/rtl receives a total of 991,678 weekly downloads. As such, @material/rtl popularity was classified as popular.
We found that @material/rtl demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 15 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.