Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@xfers/design-system
Advanced tools
@xfers/design-system
- Use antd as our base library. - Storybook Document: https://storybook-xfers-frontend.vercel.app/
- 2.29.0
- npm
Design System @xfers
- Use antd as our base library.
- Storybook Document: https://storybook-xfers-frontend.vercel.app/
Scripts
yarn test: Run test suiteyarn start: Runyarn buildin watch modeyarn test:watch: Run test suite in interactive watch modeyarn test:prod: Run linting and generate coverageyarn build: Generate bundles and typings, create docsyarn lint: Lints codeyarn commit: Commit using conventional commit style (husky will tell you to use it if you haven't :wink:)
Excluding peerDependencies
On library development, one might want to set some peer dependencies, and thus remove those from the final bundle. You can see in Rollup docs how to do that.
Good news: the setup is here for you, you must only include the dependency name in external property within rollup.config.js. For example, if you want to exclude lodash, just write there external: ['lodash'].
Update Version
Please update the version when you make any changes. The Defintions of versions:
1st number(MAJOR): when you make structural breaking change2nd number(MINOR): when you are adding new features3rd number(PATCH): when you make backwards compatible bug fixes
FAQs
- Use antd as our base library. - Storybook Document: https://storybook-xfers-frontend.vercel.app/
The npm package @xfers/design-system receives a total of 44 weekly downloads. As such, @xfers/design-system popularity was classified as not popular.
We found that @xfers/design-system demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 31 Oct 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024