Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@mirohq/design-system-icons
Advanced tools
The process of adding a new icon is the result of the collaboration of the design and development team. For this to happen follow this procedure:
Figma is the chosen tool to collaborate between designers and the DS team when it comes to icons. It also serves as a source of truth, therefore it is important to keep in sync the DS icons package with it, right now the process is manual, and it can be done by executing this command in the root repo:
pnpm sync:icons
The execution of this command does the following:
figma-sync
command to obtain all icons coming from the specified figma file and store them in svg format inside svg folder. You can go in-depth about the synchronization process here.svg-to-react
command to take all svg files and create their ccorresponding react components.The execution of the figma-sync
command does the following:
For technical details, please check it here.
To convert the svgs obtained and formatted by figma-sync into react components, the utility SVGR takes care of it, and helps to automate the process. Overall the only thing that needs as an input is the path where the svg files are stored, and the file where the react auto-generated components should live.
The overall process can be started by using the following command svg-to-react
, which does the following:
svgrrc.js
file where some configurations are specified, such as the paths where templates to generate icons and the index file are, as well as the attributes to be kept inside icon react components.svg/24
folder, and based on the icon template templates/icon.js
. It creates the content for the icon react component and stores it inside react folder.FAQs
## Adding a new Icon
The npm package @mirohq/design-system-icons receives a total of 589 weekly downloads. As such, @mirohq/design-system-icons popularity was classified as not popular.
We found that @mirohq/design-system-icons demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.