Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@nlo/nuxt-common
Advanced tools
The purpose of this package is to provide tooling and runtime utilities to make developing a front-end for NLO websites easier.
To set up your own NLO Nuxt3 application, please read the setup page
<CommonHeader/>
and <CommonFooter/>
const { $nloPortal } = useNuxtApp();
useNloPlayer
composableuseNloFlashMessage
composable<common-recaptcha/>
(see playground for example)const { trackPage } = useNloGtm();
<common-lottie-animation/>
<CommonConsent />
<PortalCommonButton />
see https://localhost:3000/portal-common-components for moreuseStepInUrl
composable. (see playground for example)useAsyncDataMutation
composable. (see unit tests for example)<common-icon name="..." />
<common-stepper />
(see playground for example)<common-more-info />
(see playground for example)<common-tooltip />
(see playground for example)<common-modal>
(see playground for example)<common-promises />
(see playground for example)<CommonHeading />
(see playground for example)<CommonParagraph />
(see playground for example)<CommonMarkdown />
(see playground for example)<CommonColumn />
(see playground for example)<CommonRow />
(see playground for example)<CommonButton />
(see playground for example)<CommonButtonLink />
(see playground for example)<CommonLink />
(see playground for example)<CommonButtonEqualChoice />
(see playground for example)<CommonExpandableList />
(see playground for example)<CommonImage imageUrl="..." />
(see playground for example)<CommonResponsiveImage />
(see playground for example)<CommonMarketingImage />
(see playground for example)<CommonMarketingGifts />
(see playground for example)<CommonThreeColumnBlock />
(see playground for example)<CommonBackgroundImage />
(see playground for example)<CommonPageError />
(see playground for example)<CommonResponsiveBackgroundImage />
(see playground for example)<CommonListItemLink/>
(see playground for example)<CommonMarketingHeader />
special header for marketing pages, props are for the background and campaign visual (see playground for example)<CommonMarketingHeaderContentBasic />
(see <CommonMarketingHeader />
for example)<CommonPromoCodeForm />
for the promo code forms (this component it self is 'dumb' the submit logic should be handled in a wrapper) so that it can be used with validated and unvalidated promo's (see <CommonMarketingHeader />
for example)<CommonPromoCodeInput />
(see <CommonPromoCodeForm />
for example)<CommonInteractiveNumberInput />
(see playground for example)<CommonRadioGroup />
(see playground for example)<CommonRadioInput />
(see playground for example)<CommonCheckbox />
(see playground for example)<CommonDivider />
(see playground for example)<CommonQrCodeScanner />
a full screen qr code scanner overlay (see playground for example)useBraze()
see Braze Demo for more infoAdd this as a dependency
npm install @nlo/nuxt-common
Add the layer to your nuxt.config.ts
import { createResolver } from '@nuxt/kit';
const { resolve } = createResolver(import.meta.url);
{
extends: '@nlo/nuxt-common',
runtimeConfig: {
public: {
nloNuxtCommon: {
recaptcha: {
siteKey: RECAPTCHA_SITE_KEY,
},
scripts: {
optimalScripts: [],
limitedScripts: [],
basicScripts: [],
},
},
},
},
alias: {
'@nlo-assets': resolve('./node_modules/@nlo/nuxt-common/assets'),
}
}
Add type definitions to your tsconfig.json:
{
"include": ["./node_modules/@types/grecaptcha", "./.nuxt/nuxt.d.ts", "./**/*"],
"vueCompilerOptions": {
"strictTemplates": true,
"dataAttributes": ["data-test"]
}
}
SSL certificates are required to run Nuxt3 locally on SSL. To generate these certificates, use the following command:
npx generate-ssl-certificates --dir secrets
This will create two files in the provided secrets
folder. These certificates can be used when starting up Nuxt in development mode, by adding this to the startup command:
Allowing local certificate: export NODE_TLS_REJECT_UNAUTHORIZED=0
(add this before the nuxt dev command)
Tell Nuxt what certificates to use: --https --ssl-cert secrets/cert.pem --ssl-key secrets/key.pem
(add this after the nuxt dev command)
Full command example:
export NODE_TLS_REJECT_UNAUTHORIZED=0 && nuxt dev --port 3010 --https --ssl-cert secrets/key.cert --ssl-key secrets/key.pem
To generate typescript definition files from swagger json, use the following script:
npx generate-api-types --input ./path/to/swagger.json --output ./path/to/mytypes.d.ts
The nuxt common components come with Storybook support. To show the stories in the Storybook of the vertical, use the following:
Add to .storybook/main.ts
of the vertical Storybook story locations.
'../node_modules/@nlo/nuxt-common/components/**/*.stories.@(js|jsx|ts|tsx)',
In .storybook/preview.ts
of the vertical Storybook add:
Add the import
import { commonThemeControls } from '@nlo/nuxt-common/storybook-utils/storybook-vertical-themes';
Add, spread or pick the theme controls you need. To make every story work, include all.
globalTypes: {
commonThemeControls,
},
This nuxt layer uses environment variables to configure the features to your runtime needs. The following environment variables are available:
NUXT_PUBLIC_COMMON_RECAPTCHA_SITE_KEY
The site key for recaptchaNUXT_PUBLIC_COMMON_BRAZE_SETTINGS_API_KEY
The api key for Braze (see Braze web)NUXT_PUBLIC_COMMON_BRAZE_SETTINGS_SDK_ENDPOINT
The endpoint to our Braze project (see Braze web)NUXT_PUBLIC_COMMON_BRAZE_SETTINGS_ENABLE_LOGGING
Boolean that switches logging on and off (please don't enable this on production)npm run dev:prepare
to generate type stubs.The playground is a Nuxt application that allows you to try out your feature within this repository.
npx generate-ssl-certificates --dir secrets
to generate SSL certificatesnpm install
in ./playground
npm run dev
to start playground in development mode.The GTM implementation works by exposing a composable called useNloGtm
that you can use in your application.
Tracking events to GTM uses a trackEvent
datalayer push, and uses the eventLabel parameter (context) as a value for the event label. Since the value of context is reliant on where the tracking is performed, we also provide an easy way to provide context through provide/inject using the provideContextName
function.
When using provideContextName
, you can easely set the context for all descendant components without the need of prop drilling. However, you can override the injected context by passing the eventLabel in the tracking functions of the composable.
Using the trackButtonPress
method, you can track a click event on a button or a link.
Example usage:
// Text of the button is required
// Context of the button is optional, if not provided, the injected context name is used.
trackButtonPress('Text of the button', 'Context of the button');
When adding an icon to the library there are a couple of requirements:
FAQs
Nuxt3 layer for the common user interface of NLO lottery websites
The npm package @nlo/nuxt-common receives a total of 4 weekly downloads. As such, @nlo/nuxt-common popularity was classified as not popular.
We found that @nlo/nuxt-common demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 11 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.