Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
@primer/css
Advanced tools
Readme
The CSS implementation of GitHub's Primer Design System
:warning: The documentation of this repo is not maintained anymore. Please raise any documentation-specific pull requests in primer.style/design
Our documentation site lives at primer.style/css. You'll be able to find detailed documentation on getting started, all of the components, our theme, our principles, and more.
This repository is distributed with npm. After installing npm, you can install @primer/css
with this command:
npm install --save @primer/css
The included source files are written in Sass using SCSS syntax. After installing with npm, you can add your project's node_modules
directory to your Sass include paths (AKA load paths in Ruby), then import it like this:
@import "@primer/css/index.scss";
You can import individual Primer modules directly from the @primer/css
package:
@import "@primer/css/core/index.scss";
@import "@primer/css/product/index.scss";
@import "@primer/css/marketing/index.scss";
See DEVELOP.md for development docs.
You can find docs about our release process in RELEASING.md.
FAQs
The CSS implementation of GitHub's Primer Design System
The npm package @primer/css receives a total of 33,359 weekly downloads. As such, @primer/css popularity was classified as popular.
We found that @primer/css demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 11 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.