Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@misk/components
Advanced tools
This package provides shared, styled React components across Misk tab repos. The top of each component/container file contains a usage example.
$ yarn add @misk/components
createApp(routes)
: builder function to create an <App history={history}/>
componentcreateIndex(tabSlug, App, Ducks)
: builder function to create bootstrapping objects necessary for index.tsx
ErrorCalloutComponent
: Processes a Redux / Axios error and dumps raw JSON for debuggingOfflineComponent
: NonIdealState component for Offline or Loading tab statePathDebugComponent
: outputs values passed in by props for hash
, pathname
, and search
in React-Router instanceSidebarComponent
: dashboard styled sidebarDesktopWideOnlyContainer
: Only shows container when window width >1200pxFlexContainer
: Container using CSS FlexBox to have enclosed items flow responsively to screen widthMobileNeverContainer
: Never show container when window width <768pxMobileOnlyContainer
: Only show container when window width <768pxResponsiveContainer
: Responsive container that all tabs and Nav Navbar use to ensure consistent view widthrouterDucks
: router management Redux-Sagas parts (actions, dispatcher, handlers, sagas, reducers, state interface)simpleNetworkDucks
: a standardized set of Axios based request Redux-Sagas parts (actions, dispatcher, handlers, sagas, reducers, state interface)Navbar
: Related components to a dashboard styled Navbarenvironment
: various utilities helpful in environment (color, default visibilities...)network
: wrapped functions around Axios requests to allow simplified syntax that with async await
returns an object of { data, error }
.FAQs
Microservice Kontainer Common Components
We found that @misk/components demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.