Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@prestashopcorp/puik
Advanced tools
Puik is a component library that aims to provide a complete set of reusable components based on the PrestaShop Design System for all the PrestaShop ecosystem.
For the moment this package is only available through Github packages
To install it you must configure a .npmrc file in your project
@prestashopcorp:registry=https://npm.pkg.github.com
//npm.pkg.github.com/:_authToken=YOUR_GITHUB_TOKEN
You can create a github token by going in the Github Developer settings
Your token must have the read:packages rights
# chose your favorite package manager
# NPM
$ npm install @prestashopcorp/puik --save
# Yarn
$ yarn add @prestashopcorp/puik
# pnpm
$ pnpm install @prestashopcorp/puik
First you need to install unplugin-vue-components
$ npm install -D unplugin-vue-components
# Yarn
$ yarn add unplugin-vue-components -D
# pnpm
$ pnpm install unplugin-vue-components -D
Then add the code below in your vite.config file
import { defineConfig } from 'vite'
import Components from 'unplugin-vue-components/vite'
import { PuikResolver } from '@prestashopcorp/puik'
export default defineConfig({
plugins: [
// ...
Components({
resolvers: [PuikResolver()],
}),
],
})
Import the vue component and the component css directly into your vue file
<script setup>
import '@prestashopcorp/puik/es/components/button/style/css'
import { PuikButton } from '@prestashopcorp/puik'
</script>
<template>
<puik-button>Example button</puik-button>
</template>
If you don't care about bundle size you can full import the library by following these instructions
Import the vue library and the css directly into your main.js / main.ts
import { createApp } from 'vue'
import Puik from '@prestashopcorp/puik'
import '@prestashopcorp/puik/dist/index.css'
import App from './App.vue'
const app = createApp(App)
app.use(Puik)
app.mount('#app')
If you don't use VueJS for your application, you can use the CSS only version of our components. It includes all the styles used in the VueJs component library.
<link
rel="stylesheet"
href="https://unpkg.com/@prestashopcorp/puik/dist/index.css"
/>
<button class="puik-button">Example button</button>
Please make sure to read the Contributing Guide before making a pull request
FAQs
PUIK - This includes all public packages of PrestaShop UI kit.
The npm package @prestashopcorp/puik receives a total of 514 weekly downloads. As such, @prestashopcorp/puik popularity was classified as not popular.
We found that @prestashopcorp/puik demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.