Product
Announcing Socket Certified Patches: One-Click Fixes for Vulnerable Dependencies
A safer, faster way to eliminate vulnerabilities without updating dependencies
By Mikola Lysenko, Jordan Harband, Jonah Ghebremichael - Nov 18, 2025
🚀 DAY 2 OF LAUNCH WEEK: Announcing Socket Certified Patches: One-Click Fixes for Vulnerable Dependencies.Learn more →
@stitch-fix/sf-next
Advanced tools
Package was removed
Sorry, it seems this package was removed from the registry
Next UI
Developer toolkit for building Next UI apps.
Guides
- Getting started (go here first!)
- Migrating to Next UI
- Defining page-based routes, redirects and rewrites
- Rendering pages
- Setting up app deployment with fixops
- Handling client-facing authentication
- Handling client-facing internationalization
- Monitoring client-side errors
- Leveraging Production observability
- Setting up client-side analytics
- Retrieving data with GraphQL
- Gating features using client-facing feature flags
- Styling with CSS Modules
- Running the production server locally
- Browser testing with
sf-browser-testing - Using docker
- Contributing to
sf-next - Understanding the Next UI Architecture
Features
Next UI apps are set up with:
- Git initialization
- TypeScript
- Linting, type-checking, and Jest unit tests
- Browser-based testing framework using webdriver.io
- CircleCI configuration
- Branch previews to preview your branch/PR before final merge and deployment
- Server-side rendering (SSR)
- Storybook for testing components in isolation, especially edge/error cases
- Percy for visual integration testing
- Browser testing for automated browser testing
- Default page layout that includes the global header & footer
- Client auth
- Internationalization
<GraphQLApiProvider>wrapping the app- Client Analytics Reporter (CAR) initialization
- Browser testing
- Bugsnag initialization, including wrapping the app in an
<ErrorBoundary> - GraphQL-backed feature flags
- Google Tag Manager (GTM) initialization
Need more help?
If you still have questions after reading the guides, feel free to reach out in slack at #next-ui.
For off-hours support, see our PagerDuty. Please use this only for urgent issues (i.e. a service outage related to the sf-next platform).
Analyzing bundle size
You can analyze bundle sizes using webpack bundle analyzer by setting the BUNDLE_ANALYZE environment variable to true. For example, running:
BUNDLE_ANALYZE=true npx sf-next dev
Set BUNDLE_ANALYZE to no-open to prevent it from automatically opening the analysis files in your browser. It will only write the files.
FAQs
Developer toolkit for building frontend-only apps at Stitch Fix.
We found that @stitch-fix/sf-next demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 168 open source maintainers collaborating on the project.
Package last updated on 30 Aug 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Reachability for Ruby Now in Beta
Reachability analysis for Ruby is now in beta, helping teams identify which vulnerabilities are truly exploitable in their applications.
By Oskar Haarklou Veileborg - Nov 17, 2025
Research
/Security News
npm Malware Campaign Uses Adspect Cloaking to Deliver Malicious Redirects
Malicious npm packages use Adspect cloaking and fake CAPTCHAs to fingerprint visitors and redirect victims to crypto-themed scam sites.
By Olivia Brown - Nov 17, 2025