Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@spectrum-web-components/action-bar
Advanced tools
A `<sp-action-bar>` delivers a floating action bar that is a convenient way to deliver stateful actions in cases like selection mode. `<sp-action-bar>` can be deployed in two variants beyond the default: `[varient="fixed"]` to position the element in rela
A <sp-action-bar>
delivers a floating action bar that is a convenient way to deliver stateful actions in cases like selection mode. <sp-action-bar>
can be deployed in two variants beyond the default: [varient="fixed"]
to position the element in relation to the page, and [variant=sticky]
to position the content in relation to content that may scroll.
yarn add @spectrum-web-components/action-bar
Import the side effectful registration of <sp-action-bar>
via:
import '@spectrum-web-components/action-bar/sp-action-bar.js';
When looking to leverage the ActionBar
base class as a type and/or for extension purposes, do so via:
import { ActionBar } from '@spectrum-web-components/action-bar';
<sp-action-bar open>
<sp-checkbox indeterminate>228 Selected</sp-checkbox>
<sp-action-group quiet>
<sp-action-button label="Edit">
<sp-icon-edit slot="icon"></sp-icon-edit>
</sp-action-button>
<sp-action-button label="More">
<sp-icon-more slot="icon"></sp-icon-more>
</sp-action-button>
</sp-action-group>
</sp-action-bar>
When using [variant="fixed"]
, the <sp-action-bar>
will display by default at the bottom left of the window and can be customized via CSS from the outside.
<h4>Look down and to the left when toggling.</h4>
<sp-action-bar variant="fixed">
<sp-checkbox indeterminate>228 Selected</sp-checkbox>
</sp-action-bar>
<sp-button
onclick="javascript:this.previousElementSibling.open = !this.previousElementSibling.open;"
>
Toggle fixed action bar
</sp-button>
When using [variant="sticky"]
, be sure you've spent some time touching up on how sticky
really works to ensure the most successful delivery of your content.
<section style="position: relative; max-height: 6em; overflow: auto;">
<h4>Scroll down for toggle button</h4>
<sp-action-bar variant="sticky" style="top: 0;">
<sp-checkbox indeterminate>228 Selected</sp-checkbox>
</sp-action-bar>
<p>
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod
tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim
veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea
commodo consequat. Duis aute irure dolor in reprehenderit in voluptate
velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint
occaecat cupidatat non proident, sunt in culpa qui officia deserunt
mollit anim id est laborum.
</p>
<sp-button
onclick="javascript:this.previousElementSibling.previousElementSibling.open = !this.previousElementSibling.previousElementSibling.open;"
>
Toggle sticky action bar
</sp-button>
</section>
FAQs
A `<sp-action-bar>` delivers a floating action bar that is a convenient way to deliver stateful actions in cases like selection mode. `<sp-action-bar>` can be deployed in two variants beyond the default: `[varient="fixed"]` to position the element in rela
The npm package @spectrum-web-components/action-bar receives a total of 2,986 weekly downloads. As such, @spectrum-web-components/action-bar popularity was classified as popular.
We found that @spectrum-web-components/action-bar demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.