Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@shopify/ui-extensions
Advanced tools
This package contains the public type definitions and utilities needed to create a Shopify UI extension. This is a generalized package that is intended to be the long-term home of the surface-specific UI extension packages, like [`@shopify/checkout-ui-ext
@shopify/ui-extensions
This package contains the public type definitions and utilities needed to create a Shopify UI extension. This is a generalized package that is intended to be the long-term home of the surface-specific UI extension packages, like @shopify/checkout-ui-extensions
and @shopify/admin-ui-extensions
.
Is your extension currently using
@shopify/checkout-ui-extensions
? You can learn what you need to do to upgrade to this API versioned package in the migration guide.
Currently, this package only contains the extension APIs for the checkout
and admin
surfaces, but other Shopify surfaces will be added here soon.
All extensions, regardless of where they appear in Shopify, make use the same underlying technology, and most of the same “core” components (e.g., BlockStack
, Button
, TextField
, etc) and capabilities (e.g., direct API access, session tokens). Separating APIs by surface makes it easier for a developer to see what is available to them in each context, and gives us a flexible system for introducing components and APIs available in only some areas of Shopify.
A checkout extension using “vanilla” JavaScript would be written as follows:
import {extension, TextField} from '@shopify/ui-extensions/checkout';
export default extension(
'Checkout::Dynamic::Render',
(root, {i18n, metafields, applyMetafieldChange}) => {
const metafield = metafields.current.find(
(metafield) =>
metafield.namespace === 'custom' && metafield.key === 'gift_note',
);
const textfield = root.createComponent(TextField, {
label: i18n.translate('gift_note.label'),
value: metafield?.value ?? '',
onChange(value) {
textfield.updateProps({value});
applyMetafieldChange({
namespace: 'custom',
key: 'gift_note',
value,
valueType: 'string',
});
},
});
root.appendChild(textfield);
},
);
FAQs
This package contains the public type definitions and utilities needed to create a Shopify UI extension. This is a generalized package that is intended to be the long-term home of the surface-specific UI extension packages, like [`@shopify/checkout-ui-ext
The npm package @shopify/ui-extensions receives a total of 14,055 weekly downloads. As such, @shopify/ui-extensions popularity was classified as popular.
We found that @shopify/ui-extensions demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.