Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@paypal/checkout-components

Package Overview
Dependencies
Maintainers
20
Versions
506
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@paypal/checkout-components

PayPal Checkout components, for integrating checkout products.

  • 5.0.309-alpha-ba04f9f.0
  • alpha-ba04f9f
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
386
decreased by-61.93%
Maintainers
20
Weekly downloads
 
Created
Source

PayPal Checkout

build status code coverage npm version apache license

A set of components allowing easy integration of PayPal Buttons and PayPal Checkout into your site, powered by zoid.

Dev Docs

See developer.paypal.com/docs/checkout

Issues

Please submit any issues about the JS SDK here: https://github.com/paypal/paypal-js/issues


Development

Please feel free to follow the Contribution Guidelines to contribute to this repository. PRs are welcome, but for major changes please raise an issue first.

Quick Setup

Set up your env:

npm install

Run tests:

npm test

Run in dev mode:

npm run dev

Testing Tasks

npm test

Runs all testing tasks lint, flow, karma, jest-ssr, jest-screenshot, & check-size.

FlagsDescription
--clear-cacheClear Babel Loader and PhantomJS cache
--debugDebug mode. PhantomJS, Karma, and CheckoutJS
--quickFastest testing. Minimal output, no coverage
--browserChoose Browser

 

lint

npm run lint

npm run lint -- --fix
# attempt to automatically fix any problems

Runs eslint using definitions extended from Grumbler-Scripts.

flow

npm run flow

Checks for typing issues using Flow. Prior to running this task, flow-typed should be run to generate type interfaces for the various 3rd-party libraries we use.

karma

npm run karma

npm run karma -- --keep-open
# keeps the test browser window open to allow debugging
npm run karma -- --capture-console
# dumps the browser's console output into the terminal

Runs Karma tests using the Mocha framework. Responsible for running the test/e2e & test/integration directories.

jest-ssr

npm run jest-ssr

Checks for the correct rendering of components on the server-side using Jest.

jest-screenshot

npm run jest-screenshot

Uses Puppeteer & Jest to take screenshots and checks against existing views to look for discrepancies. Tests are defined in test/screenshot/config.js.

check-size

npm run check-size

Checks to make sure that the compiled & gzipped bundle doesn't exceed the recommended size limit.

Releasing

This package is published weekly, Every Wednesday. Please view our Changelog to stay updated with bug fixes and new features.

Logo Strategy with paypal-sdk-logos

Our usage of svg logos is optimized for performance. Here's how it works for the two-phased render for the Buttons component:

  • First Render - Buttons are first rendered on the client-side inside an <iframe> tag using the code bundled inside the JS SDK script. This <iframe> tag has no src attribute at this point in the rendering life cycle. We leverage the __WEB__ global variable to determine if we are rendering client-side or server-side. The __WEB__ global variable will equal true when rendering client-side. To minimize the bundle size of the JS SDK script, we load these svg logos from the www.paypalobjects.com CDN as external images (ex: <PayPalLogoExternalImage />).

  • Second Render - The second phase of rendering happens on the server-side. This <iframe> tag is fully rendered by setting the src attribute and making an http request to the server to populate the contents which are securely hosted by PayPal's servers on www.paypal.com. The same code in this repo is used to render the buttons on the server-side. To ensure there are no issues with the logos, we have decided to inline the svg code for this server-side render (ex: <PayPalLogoInlineSVG />). The __WEB__ global variable is set to false to control what code executes during the server render.

Keywords

FAQs

Package last updated on 16 May 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc