
Research
/Security News
Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
@warp-ds/css
Advanced tools
This is the CSS package for WARP.
The package includes resets, component classes and tokens.
The CSS files should be used directly from Eik. This is because we can alias releases by major versions.
We publish 4 css files.
https://assets.finn.no/pkg/@warp-ds/css/v2/resets.css
https://assets.finn.no/pkg/@warp-ds/css/v2/components.css
https://assets.finn.no/pkg/@warp-ds/css/v2/tokens/[BRANDNAME e.g. tori-fi].css
https://assets.finn.no/pkg/@warp-ds/css/v2/tokens/dataviz.css
Only component classes are published to npm to be used in the component libraries.
pnpm add @warp-ds/css
The package includes component classes for components like:
And shortcuts for covering use-cases from predecessors of Warp DS, such as:
Run pnpm build
to generate brand CSS and dataviz CSS files containing CSS variables which refer to tokens used in Warp.
The majority of Warp tokens generated upon build are imported from Figma and initially processed using a library called Style Dictionary in the @warp-ds/tokens repository. The output files are then made available for download by iOS, Android and web.
In the event when tokens are removed from Figma or for some reason are different for each brand, we can add them manually to the tokens directory in the current repository (in a .yml format). We then use a tool called Tokenizer to build CSS variables from those files. The output is added to the final CSS files.
If you'd like to contribute to @warp-ds/css
, start by reviewing the contributing guidelines.
FAQs
This is the CSS package for WARP.
The npm package @warp-ds/css receives a total of 1,981 weekly downloads. As such, @warp-ds/css popularity was classified as popular.
We found that @warp-ds/css demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
Security News
Socket now integrates with Bun 1.3’s Security Scanner API to block risky packages at install time and enforce your organization’s policies in local dev and CI.
Research
The Socket Threat Research Team is tracking weekly intrusions into the npm registry that follow a repeatable adversarial playbook used by North Korean state-sponsored actors.