Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@pluralsight/react
Advanced tools
A library of React components and hooks that help manage advanced React features like State and accessibility.
Are you planning on contributing to this package? Please review the Contributing Guidelines.
erDiagram
PANDO ||--o{ DESIGN-TOKENS : contains
PANDO ||--o{ ICONS : contains
PANDO ||--o{ HEADLESS-STYLES : contains
PANDO ||--o{ REACT : contains
PANDO ||--o{ REACT-UTILS : contains
DESIGN-TOKENS ||..|{ NORMALIZE-SETUP : contains
NORMALIZE-SETUP ||..|{ THEMES : contains
HEADLESS-STYLES ||--|{ DESIGN-TOKENS : uses
REACT ||--|{ HEADLESS-STYLES : uses
REACT ||--|{ REACT-UTILS : uses
This package utilizes the latest version of React to deliver component-based abstractions, helpers, and hooks of the Headless-styles library.
The react package is dependant on the Headless-styles library, and works cohesively with the other libraries when combined with them. It's true purpose is to provide a component and hook library within the Pando Normalize system (i.e. themes, etc.).
This project uses pnPm so there are no setup commands needed. If you get any errors, you may need to run an initial pnpm install
or ensure you are using Node >= 18.
We use a custom Vite TS/React sandbox to help keep security issues, complexity, and dependency size down.
From the root directory of the project, run:
pnpm run start:sandbox
To run your unit tests, make sure you are in the project root directory not this workspace - and run:
pnpm test packages/react/tests
If you plan on contributing to this project, please take time to read our CONTRIBUTING.md. Pull requests that do not adhere to the requirements in this doc will automatically be flagged and closed.
Icon
component - React v19 forces an API change for SSR compatibility)FAQs
A React component library for Pando.
The npm package @pluralsight/react receives a total of 559 weekly downloads. As such, @pluralsight/react popularity was classified as not popular.
We found that @pluralsight/react demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.