Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@vercel/toolbar
Advanced tools
@vercel/toolbar
Manually inject the Vercel toolbar on any site.
Install
npm install @vercel/toolbar
Usage
This library can be used with any framework
Plain JS
import { mountVercelToolbar } from '@vercel/toolbar';
if (userIsEmployee) {
mountVercelToolbar();
}
React
import { mountVercelToolbar, unmountVercelToolbar } from '@vercel/toolbar';
function VercelToolbar() {
const shouldInjectToolbar = useIsUserEmployee();
useEffect(() => {
if (shouldInjectToolbar) {
// Returns a cleanup function to unmount the toolbar
return mountVercelToolbar();
}
}, [shouldInjectToolbar]);
return null;
}
Next.js
For usage in Next.js, you can instead import the VercelToolbar component which will use next/script:
import { VercelToolbar } from '@vercel/toolbar/next';
export default function MyApp({ Component, pageProps }) {
const shouldInjectToolbar = useIsUserEmployee();
return (
<>
<Component {...pageProps} />
{shouldInjectToolbar && <VercelToolbar />}
</>
);
}
Usage in localhost
Allows you to view comments left in your preview deployment while developing locally.
Prerequisites:
- You have linked your project with the Vercel project via
vc link - You have checked out the same branch as the preview
Adjust the code above, to always inject the toolbar in development
import { VercelToolbar } from '@vercel/toolbar/next';
export default function MyApp({ Component, pageProps }) {
const isUserEmployee = useIsUserEmployee();
const shouldInjectToolbar =
process.env.NODE_ENV === 'development' || isUserEmployee;
return (
<>
<Component {...pageProps} />
{shouldInjectToolbar && <VercelToolbar />}
</>
);
}
Then, import and use the Next.js plugin in your next.config.js:
// next.config.js
const withVercelToolbar = require('@vercel/toolbar/plugins/next');
const nextConfig = {
...
}
module.exports = withVercelToolbar(nextConfig);
Now, when running next dev you will see the Vercel toolbar and will be able to authenticate and interact with all the comments left in the preview environment of that branch.
Docs
See the documentation for details.
FAQs
Vercel Toolbar
The npm package @vercel/toolbar receives a total of 35,410 weekly downloads. As such, @vercel/toolbar popularity was classified as popular.
We found that @vercel/toolbar demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 15 Jun 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024