
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
@patterninc/react-ui
Advanced tools
A reusable React component library for Pattern applications.
React UI provides a set of consistent, accessible, and customizable UI components for Pattern web applications.
pnpm add @pattern/react-ui
import { Button } from '@pattern/react-ui'
export function MyComponent() {
return <Button>Click me</Button>
}
pnpm install
pnpm storybook
When making updates, it is important to get changes approved by the UX team and team Nexus. Please utilize Chromatic to demo your updates before getting your PRs raised.
pnpm storybook
pnpm chromatic
Before running Chromatic, you'll need to generate a .env
file with the necessary credentials and tokens. This process fetches secure parameters from AWS Parameter Store.
Ensure you have AWS CLI access configured by following the instructions in the Pattern Wiki - AWS CLI Access.
NOTES:
aws configure sso
command.return
or enter
to continue on in the setup.Authenticate with AWS: Login to AWS through the command line using the development profile:
aws sso login --profile dev
Generate the .env file: Run the environment setup script to fetch parameters from AWS Parameter Store:
bash scripts/env.sh --profile dev
Verify setup: The script will create a .env
file populated with Chromatic token mappings from the AWS development account parameter store.
Run Chromatic: You can now run Chromatic as usual within your application:
pnpm chromatic
Note: The .env
file contains sensitive information and should never be committed to version control. It's already included in .gitignore
for security.
Team Nexus will handle version bumping and change log entries.
pnpm changelog
FAQs
A reusable React component library for Pattern applications.
The npm package @patterninc/react-ui receives a total of 62 weekly downloads. As such, @patterninc/react-ui popularity was classified as not popular.
We found that @patterninc/react-ui demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.