Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
@vanillaforums/theme-boilerplate
Advanced tools
It's a starter's kit to build Vanilla Forums custom themes. It contains all files necessary for a theme with customizable styles.
Node and Yarn are prerequisites to use this tool. Please download and install the latest stable release from the official Node.js download page and yarn.
Notice: It is important that you install Node in a way that does not require you to
sudo
.
yarn add @vanillaforums/theme-boilerplate
yarn run boilerplate-install my-pretty-theme "My Pretty Theme"
my-pretty-theme
with your theme key. This should be unique and must exactly match the folder name, including capitalization. It should also follow the dashed-lower-case
naming convention.My Pretty Theme
with your theme name (keep the double quotes). This is the name that appears on the dashboard.vanilla build
You might want to start taking a look at src/scss/_variables.scss
. There you can find most of the variables you need to customize your theme.
A good starting point is to create variables containing your brand values on the top of the _variables.scss
, like colors, font family, sizes, etc. Make sure to use the $theme-
namespace to keep things organized.
Once your variables are set, you may start customizing!
To know more about the boilerplate SCSS structure please visit the variables description page. There you can find information about what each variable represents, naming conventions and folder structure.
Essentially you can overwrite whatever you like but be careful! Some variables are heavily inherited and not meant to be overwritten. Doing so may break your layout.
1.1.1 - Updates _variables.scss
, make sure you update together with your variable sheet otherwise the build will not run.
1.1.0 - Updated default.master.tpl
to solve security vulnerability.
The boilerplate frontend assets are built with the Vanilla CLI.
FAQs
A boilerplate for Vanillaforums themes
The npm package @vanillaforums/theme-boilerplate receives a total of 8 weekly downloads. As such, @vanillaforums/theme-boilerplate popularity was classified as not popular.
We found that @vanillaforums/theme-boilerplate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.