Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
edx-pattern-library
Advanced tools
The (working) UI library and Front End Styleguide for edX/Open edX applications and sites.
This library contains the following:
The code in this repository is licensed the Apache 2.0 license unless otherwise noted. Please see the LICENSE file for details.
Using the edX Pattern Library source code in a project current requires:
Also, the Pattern Library currently relies on the following thrd party libraries:
Library | Version | Purpose |
---|---|---|
Bourbon | 4.2.6 | basic sass/CSS utilities |
bi-app-sass | latest | right-to-left/left-to-right directional support for layouts |
breakpoint-sass | 2.6.1 | CSS breakpoint/media-query management |
susy | 2.2.9 | Grid configuration and utilities |
Font Awesome | 4.6.3 | Accessibility-minded iconic font |
The edX Pattern Library has its own living documentation site at http://ux.edx.org. Additionally, we have many styleguides and how-to wiki documents in the Github repository.
Contributions are very welcome. The easiest way is to fork this repo, and then make a pull request from your fork. The first time you make a pull request, you may be asked to sign a Contributor Agreement.
Please refer to our contributor guidelines in the main edx-platform repo for important additional information.
There are a few additional details alongside our general guidelines to keep in mind contributing to the edX Pattern Library:
If you're looking to suggest an idea or you're thinking about developing a feature, start a discussion by visiting the Open edX JIRA site and create a new "Issue" by selecting the "Create" button at the top of the page. Choose the project "edX Pattern Library" and the issue type "New Feature" or "Improvement" (you may first need to create a free JIRA account).
If you notice an issue or a bug with the Pattern Library, we would love ot hear about it! Follow the above instructions on logging a new edX Pattern Library JIRA issue and then assign the issue type of "Bug" to your issue. An edX UX & Front End Development Team member will then take it from there and triage your bug.
Conversely, if you want to help resolve any known bugs/issues, which are tracked in JIRA, you can create a free JIRA account and then comment on the ticket to indicate that you are working on it. Don't hesitate to ask clarifying questions on the ticket as needed, too, if anything is unclear.
For code contributions, please open up a pull request! PRs will get OSPR tickets assigned to them, as mentioned in the above contributing guidelines.
An edX UX or Front End Development Team member will be working with you on any pull requests you make. They will be evaulating your pull request from a design point of view as well as from a Front End Development perspective. Other team members as well as UI/Front End Developers may also lend a hand.
The edX Pattern Library source code doesn't currently leverage the Open edX test suite nor are there any automated tests configured for this codebase currently.
In addition to the general contributor documentation, any contributions should meet specific Front End Development requirements, including the guidelines and principles listed in:
FAQs
The (working) Visual, UI, and Front End Styleguide for edX Apps
The npm package edx-pattern-library receives a total of 70 weekly downloads. As such, edx-pattern-library popularity was classified as not popular.
We found that edx-pattern-library demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 11 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.