Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
a11y-disabled-modifier
Advanced tools
Implement accessible and usable button-disabling (inspired by this fantastic post on CSS Tricks) with a modifier:
<form {{on "submit" this.submit}}>
<label>some text: <input type='text' /></label>
<button type='submit' {{disabled when=this.isInvalid}}></button>
</form>
When the modifier is enabled with the required when
named argument:
aria-disabled="true"
This project follows the current draft of the Semantic Versioning for TypeScript Types pro posal.
-private
module are public-majors
Note: for the moment, the types provided here are basically inert. Glint users can see the implementation for types to use there.
ember install a11y-disabled-modifier
Use this modifier in place of the disabled
attribute, which causes a variety of usability problems, when you absolutely must disable a button programmatically. Most of the time, you shouldn't use this at all: prefer to provide feedback on form submission instead!
For custom styling for disabled elements, you can use the [aria-disabled="true"]
and [aria-disabled="false"]
selectors. This guarantees that your styles will stay in sync with the runtime behavior of the app:
.my-button {
/* default styles... */
}
.my-button[aria-disabled="true"] {
cursor: not-allowed;
}
See the Contributing guide for details.
This project is licensed under the MIT License.
FAQs
Accessible and usable button-disabling with a modifier
The npm package a11y-disabled-modifier receives a total of 2 weekly downloads. As such, a11y-disabled-modifier popularity was classified as not popular.
We found that a11y-disabled-modifier demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.