Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@primer/octicons-react
Advanced tools
$ npm install @primer/octicons-react --save
<Octicon>
The <Octicon>
component is really just the "shell" of an Octicon that renders
the <svg>
element and all of its attributes. To render a specific icon, you
must pass it either via the icon
prop, or as the only child:
/**
* The prop form is shorter, but doesn't allow you to pass icon props.
*/
<Octicon icon={Icon} />
/**
* The child form allows you to pass props.
*/
<Octicon><Icon x={10}/></Octicon>
Note that none of our builtin icons take props, so unless you're creating
custom icons you'll probably want to use the icon
prop form.
The @primer/octicons-react
module exports the Octicon
component as
default
and the individual icon symbols as separate named
exports. This
allows you to import only the icons that you need without blowing up your
bundle:
import React from 'react'
import Octicon, {Beaker, Zap} from '@primer/octicons-react'
export default function Icon({boom}) {
return <Octicon icon={boom ? Zap : Beaker}/>
}
If you were to compile this example with a tool that supports tree-shaking (such as Webpack, Rollup, or Parcel) the resulting bundle would only include the "zap" and "beaker" icons.
If you don't mind your bundle being huge or you need to be able to render arbitrarily named icons at runtime, you can import either of the following named exports:
getIconByName()
The getIconByName
export is a function that takes a lowercase octicon name
(such as arrow-right
) and returns the corresponding icon class. Using this
helper, it's possible to create an Octicon class that takes a name
prop and
resolves it to the right component:
import React from 'react'
import Octicon, {getIconByName} from '@primer/octicons-react'
export default function OcticonByName({name, ...props}) {
return <Octicon {...props} icon={getIconByName(name)} />
}
iconsByName
The iconsByName
export is an object that maps keys (such as arrow-right
or
zap
) to component functions, which you can use to generate listings of all
the octicons:
import React from 'react'
import Octicon, {iconsByName} from '@primer/octicons-react'
export default function OcticonsList() {
return (
<ul>
{Object.keys(iconsByName).map(key => (
<li key={key}>
<tt>{key}</tt>
<Octicon icon={iconsByName[key]}/>
</li>
))}
</ul>
)
}
By default the octicons have vertical-align: text-bottom;
applied as inline
styles. You can change the alignment via the verticalAlign
prop, which can be
either middle
, text-bottom
, text-top
, or top
.
import Octicon, {Repo} from '@primer/octicons-react'
export default () => (
<h1>
<Octicon icon={Repo} size='large' verticalAlign='middle' /> github/github
</h1>
)
ariaLabel
You have the option of adding accessibility information to the icon with the
aria-label
attribute via the ariaLabel
prop (note the
capitalization of L
!).
// Example usage
import Octicon, {Plus} from '@primer/octicons-react'
export default () => (
<button>
<Octicon icon={Plus} ariaLabel="Add new item" /> New
</button>
)
The size
prop takes small
, medium
, and large
values that can be used to
render octicons at standard sizes:
Prop | Rendered Size |
---|---|
size='small' | 16px height by computed width |
size='medium' | 32px height by computed width |
size='large' | 64px height by computed width |
// Example usage
import Octicon, {LogoGithub} from '@primer/octicons-react'
export default () => (
<h1>
<a href='https://github.com'>
<Octicon icon={LogoGithub} size='large' ariaLabel='GitHub'/>
</a>
</h1>
)
Each of our icon components is really just a function that renders its SVG
<path>
. To accommodate icons varying aspect ratios, the Octicon
component
determines the viewBox
of the <svg>
element by first looking for a size
array on the icon component class. For instance, if you wanted to create a
custom icon that consisted of three circles side by side, you could do this:
import React from 'react'
import Octicon from '@primer/octicons-react'
function CirclesIcon() {
return (
<React.Fragment>
<circle r={5} cx={5} cy={5}/>
<circle r={5} cx={15} cy={5}/>
<circle r={5} cx={25} cy={5}/>
</React.Fragment>
)
}
CirclesIcon.size = [30, 10]
export default CirclesOcticon(props) {
return <Octicon {...props} icon={CirclesIcon} />
}
(c) GitHub, Inc.
When using the GitHub logos, be sure to follow the GitHub logo guidelines.
9.1.1
shield-lock
https://github.com/primer/octicons/issues/323 @ashygeeFAQs
A scalable set of icons handcrafted with <3 by GitHub.
The npm package @primer/octicons-react receives a total of 35,590 weekly downloads. As such, @primer/octicons-react popularity was classified as popular.
We found that @primer/octicons-react demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 15 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.