![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@vonage/vvd-scheme
Advanced tools
Changelog
Readme
This package is imported and executed by default in all core dependent packages but can also be consumed on its own. By default, (if not explicitly defined otherwise by the consumer) scheme will result in the user's preferred os option (light|dark|auto)
Each scheme will provide the same exact color tokens to support main context and its alternating - contrasting - context (e.g. sidenav, top-bar etc'...). Once imported and set, these tokens are reflected as CSS variables.
Scheme will apply main context on body selector and will never apply alternate unless explicitly set. To also be able to modify HTML scopes manually in apps, we include the following css selectors:
body
.vvd-scheme-main
::part(vvd-scheme-main)
- for elements within a shadow tree with a matching part attribute.vvd-scheme-alternate
::part(vvd-scheme-alternate)
- for elements within a shadow tree with a matching part attributeyarn add @vonage/vvd-scheme
or
npm i @vonage/vvd-scheme
<script type="module" src="../node_modules/@vonage/scheme/vvd-scheme.js"></script>
or
import scheme from '@vonage/vvd-scheme';
As colors are critical identities of our style, it's advised to include a link type:modulepreload to hint the browser of the module importance, its high priority and preemptively fetch it.
<script rel="modulepreload" src="../node_modules/@vonage/scheme/vvd-scheme.js"></script>
Name | Description |
---|---|
set | a method to set the scheme. options: light, dark, syncWithOsSettings (defaults to syncWithOsSettings) |
eventBus | acts as EventTarget to polyfill the absence of element. can be hooked and callback upon selection - eventBus.addEventListener('vvd-scheme-select', console.log); |
getSelectedScheme | get current applied scheme (light, dark) |
getSelectedSchemeOption | get current option (light, dark, syncWithOsSettings) |
Scheme is nicely paired with the vwc-theme-switch UI component that toggles the available options.
FAQs
Unknown package
We found that @vonage/vvd-scheme demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 51 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.