Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@nordnet/design-tokens
Advanced tools
This project turns design tokens into usable formats for our frontends. By using design tokens, we can maintain consistency across all platforms, tools, and products. Currently, we only provide colors for our different themes through design tokens.
This project turns design tokens into usable formats for our frontends. By using design tokens, we can maintain consistency across all platforms, tools, and products. Currently, we only provide colors for our different themes through design tokens.
Design Tokens get exported from Figma using the Design Tokens plugin which sends the data through Githubs repository_dispatch event. A Github action listens to that event and saves the data as JSON and lets Style Dictionary transforms the tokens into the desired formats. The GitHub action then continues to create a PR with all the changes.
For local development, follow these steps:
npm i
to install dependencies.npm run transform-tokens
to transform tokens using Style Dictionary.src/generated
directory.If you only want to use the themes provided by this project then simply import them into your codebase like this:
npm install -D @nordnet/design-tokens
to install the package.import { lightTheme } from '@nordnet/design-tokens'
.This project generates design tokens for each theme in the following formats:
GitHub Actions has a payload limit of 50kB, which prevents exporting all design tokens at once. To circumvent this limitation, we export tokens in chunks by creating a new branch for each chunk. When these new branches are merged, tests run in the master branch to verify that all themes have the same token names. Only then do we release a new version.
As mentioned in the Limitations section, updates to tokens will come in chunks (usually one PR per theme). Merge these PRs together until only one PR remains, which can then be merged into the main/master branch. This approach ensures that all information regarding the update (all the chunks) can be found in one place, and in case of a breaking change, we can make a breaking change commit in a single branch. Furthermore, the release GitHub action runs only once.
FAQs
This project turns design tokens into usable formats for our frontends. By using design tokens, we can maintain consistency across all platforms, tools, and products. Currently, we only provide colors for our different themes through design tokens.
The npm package @nordnet/design-tokens receives a total of 31 weekly downloads. As such, @nordnet/design-tokens popularity was classified as not popular.
We found that @nordnet/design-tokens demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.