Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@sanity/incompatible-plugin
Advanced tools
Changelog
Readme
Small helper library that will display a warning in Sanity Studio v2 when a plugin built for Studio v3 is installed.
npm i @sanity/incompatible-plugin
or
yarn add @sanity/incompatible-plugin
In your plugin root directory, create two files:
v2-incompatible.js
const {showIncompatiblePluginDialog} = require('@sanity/incompatible-plugin')
const {name, version} = require('./package.json')
export default showIncompatiblePluginDialog({
name: name,
versions: {
v3: version,
// Optional: If there is not v2 version of your plugin, v2 can be omitted
v2: '^1.2.5',
},
// Optional: Feel free to put this as field in package.json and import it alongside name and version above
sanityExchangeUrl: 'https://www.sanity.io/plugins/<plugin-on-sanity-exchanged>',
})
sanity.json
{
"parts": [
{
"implements": "part:@sanity/base/sanity-root",
"path": "./v2-incompatible.js"
}
]
}
Add these to files
in the plugin package.json
alongside anything else already there, for instance:
{
"files": ["src", "lib", "v2-incompatible.js", "sanity.json"]
}
Done!
If your v3 plugin gets installed in a v2 studio by mistake, a dialog will display how to fix it.
Run "CI & Release" workflow. Make sure to select the main branch and check "Release new version".
Semantic release will only release on configured branches, so it is safe to run release on any branch.
FAQs
Display an error dialog in Sanity Studio v2 when a v3 plugin has been installed.
The npm package @sanity/incompatible-plugin receives a total of 53,056 weekly downloads. As such, @sanity/incompatible-plugin popularity was classified as popular.
We found that @sanity/incompatible-plugin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 34 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.