Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@sanity/default-layout
Advanced tools
This package is part of Sanity Studio v2, which has been superseded by Sanity Studio v3, the current major version released on Dec 7th, 2022. This package is no longer used/needed for Sanity Studio in its current version and will be retired on Dec 7th, 2023. The core packages for Sanity Studio v2 will only receive critical bug fixes until this date.
Please head over to the documentation for Sanity Studio v3 to learn more.
The Sidecar will be enabled in a Studio if there is an implementations of the part part:@sanity/default-layout/sidecar
part:@sanity/default-layout/sidecar
An implementation of part:@sanity/default-layout/sidecar
must export these:
SidecarToggleButton
React component. The button which will appear in the Navbar to toggle on/off the SidecarSidecarLayout
React component. The content of the Sidecar (once it appears)isSidecarEnabled
Function. Call this to check if the Sidecar implementation is happy and good to go (typically, the sidecar impl. wants to verify if config is present)If you need inspiration, the @sanity/studio-hints
package is an implementation of this part.
part:@sanity/default-layout/sidecar-datastore
In addition, Sidecar relies on part:@sanity/default-layout/sidecar-datastore
. This part already exists and shouldn't be overridden unless there's a good reason. This part exports:
isSidecarOpenSetting
listen to this to get realtime updates on the sidecar open/close statetoggleSidecarOpenState
call this to flip the sidecar open/close stateFAQs
The default layout components for Sanity
The npm package @sanity/default-layout receives a total of 5,098 weekly downloads. As such, @sanity/default-layout popularity was classified as popular.
We found that @sanity/default-layout demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 39 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.