Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
@paypal/muse-components
Advanced tools
MUSE component included in unified PayPal/Braintree client SDK.
See src/index.js
npm test
npm run karma -- --browser=Chrome
npm run karma -- --browser=Safari
npm run karma -- --browser=Firefox
npm run karma -- --browser=Chrome,Safari,Firefox
npm run karma -- --browser=Chrome --keep-open
npm run release
npm run release:patch
, npm run release:minor
, npm run release:major
/src
- any code which should be transpiled, published, and end up in production/test
- karma tests for everything in /src
__sdk__.js
- metadata for compiling and bundling the final component/src/component.js
This module exports the public interface for the component.
export let LebowskiPay = {
render(options) {
...
}
};
Then the integrating site can run:
paypal.LebowskiPay.render({ ... });
/__sdk__.js
__sdk__.js
defines any metadata which helps the sdk server compile and serve up the component.
export default {
/**
* Define the lebowski-pay component
* Now developers can include paypal.com/sdk/js?components=lebowski-pay
*/
'lebowski-pay': {
/**
* Entry point. Everything exported from this module will be exported
* in the `window.paypal` namespace.
*/
entry: './src/index',
/**
* Define a static namespace.
* Server config will be available under the `__lebowski_pay__.serverConfig` global
*/
staticNamespace: '__lebowski_pay__',
/**
* Define configuration required by this module
*
* - This should be in the form of a graphql query.
* - The query will be merged with queries defined by other modules
* - The final config will be passed as `__lebowski_pay__.serverConfig` in `./src/index`
*/
configQuery: `
fundingEligibility {
card {
branded
}
}
`
}
};
Why is there no webpack config, dist folder, or npm build command?
This module (and modules like it) are not intended to be built as standalone components. It will be pulled in and compiled/bundled on the server-side, then combined with other modules.
When should I publish?
When you publish, you're signing off on your changes being code-complete, fully tested, and ready for release. Publishing will not immediately trigger a deploy, but please only publish changes which are in a deployable state.
Can I define multiple components in one repo?
Absolutely. __sdk__.js
allows defining multiple entry points. These should generally represent different logical ui components, with separate concerns, and loose coupling. For example:
modules: {
'lebowski-pay': {
entry: './src/components/lebowski-pay'
},
'walter-pay': {
entry: './src/components/walter-pay'
},
'donnie-pay': {
entry: './src/components/donnie-pay'
}
},
Please bear in mind that this opens the door to any combination or permutation of these modules to be requested by the merchant -- hence the need for loose coupling. donnie-pay
should never have a hard dependency on lebowski-pay
being present.
Where is all of the karma, webpack, eslint, etc. config coming from?
This module uses @krakenjs/grumbler-scripts
as a common source of configuration and defaults. Any of these can be overriden, either partially, or entirely, depending on the individual needs of the module. You'll notice .eslintrc.js
, karma.conf.js
, etc. are lightweight wrappers which only define module-specific overrides.
FAQs
MUSE component for unified PayPal/Braintree web sdk
The npm package @paypal/muse-components receives a total of 14 weekly downloads. As such, @paypal/muse-components popularity was classified as not popular.
We found that @paypal/muse-components demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 23 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.