Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socketโs threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@shopify/polaris-icons
Advanced tools
[![npm version](https://img.shields.io/npm/v/@shopify/polaris-icons.svg?style=flat)](https://www.npmjs.com/package/@shopify/polaris-icons)
@shopify/polaris-icons is a package that provides a collection of icons used in Shopify's Polaris design system. These icons are designed to be used in Shopify applications to maintain a consistent look and feel.
Importing Icons
You can import individual icons from the @shopify/polaris-icons package. This allows you to use specific icons in your application without importing the entire icon set.
import { CirclePlusMajor } from '@shopify/polaris-icons';
Using Icons in Components
You can use the imported icons in your components by passing them as a source to the Icon component from the Polaris library.
import { Icon } from '@shopify/polaris';
import { CirclePlusMajor } from '@shopify/polaris-icons';
function MyComponent() {
return (
<Icon source={CirclePlusMajor} />
);
}
Customizing Icon Size and Color
You can customize the size and color of the icons by passing additional props to the Icon component.
import { Icon } from '@shopify/polaris';
import { CirclePlusMajor } from '@shopify/polaris-icons';
function MyComponent() {
return (
<Icon source={CirclePlusMajor} color="red" backdrop />
);
}
react-icons is a popular library that provides a wide range of icons from various icon libraries such as Font Awesome, Material Design, and more. It offers a more extensive collection of icons compared to @shopify/polaris-icons and is highly customizable.
fontawesome is a widely-used icon library that offers a vast collection of icons. It provides both free and premium icons and is highly customizable. Font Awesome icons can be used in various frameworks and libraries, making it a versatile choice.
This package exports a JavaScript file containing the Polaris icons that can be used by partners building on the Shopify platform, and contains SVG files in the
/images/
directory.
Browse and search Polaris icons: https://polaris-icons.shopify.com.
Although it's possible to use this package directly, we recommend using the icons in this package through Polaris React in combination with the Icon
component from that project. Make sure that your app is using Polaris React version 3.10.0 or higher.
After you have Polaris React installed, you need to add Polaris icons as a dependency.
Run the following command using npm:
npm install @shopify/polaris-icons --save
If you prefer Yarn, then use the following command instead:
yarn add @shopify/polaris-icons
Import the Icon
component from Polaris React and any icon from Polaris icons into your project.
Include the icon component from Polaris React:
import {Icon} from '@shopify/polaris';
Include an icon from Polaris icons:
import {AddMajorMonotone} from '@shopify/polaris-icons';
Pass the imported Polaris icon to the source
prop of the Icon
component:
<Icon source={AddMajorMonotone} />
For consumers who donโt use React, we provide SVG files within the images
folder.
View the list of available files on unpkg.
Make changes to this package to add, remove, or rename publicly available icons. See our contributing guide. ๐
FAQs
[![npm version](https://img.shields.io/npm/v/@shopify/polaris-icons.svg?style=flat)](https://www.npmjs.com/package/@shopify/polaris-icons)
The npm package @shopify/polaris-icons receives a total of 111,639 weekly downloads. As such, @shopify/polaris-icons popularity was classified as popular.
We found that @shopify/polaris-icons demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago.ย It has 24 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socketโs threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.