Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
factorial-components
Advanced tools
Library of React components to be used at Factorial.
This package offers two builds of the same components, one optimized for client-side applications and the other optimized for server side rendering.
This is due to the nature of CSS and how it needs to be treated in each case.
Default imports are from the client-side build, e.g:
import { Button } from 'factorial-components'
Styles are dynamically injected at runtime thanks to webpack's style-loader
To import components from server side simply append /server
to your imports, e.g:
import { Button } from 'factorial-components/server'
In this case, CSS is generated at compile time and extracted to a separate css file that needs to be served with your application.
File is available at factorial-components/dist/server/main.css
.
Here is an example importing the css file as a string and injecting it to the html served:
import React from 'react'
import styles from 'factorial-components/dist/server/main.css'
export default class YourDocument extends Document {
render () {
return (
<html>
<Head>
<title>Your page</title>
<style>
{styles}
</style>
</Head>
...
</html>
)
}
}
yarn storybook
will open a storybook on http://localhost:6006
Build both server and client packages with: yarn build
This command will generate a dist
folder containing subsequent server
and client
folders for each case.
If you don't have it, install git flow and initialize it in the repo like so: git flow init -d
.
To start a new release:
git flow release start <NEW_RELEASE_VERSION>
On the newly created branch modify package.json
's version to NEW_RELEASE_VERSION
and commit changes:
git ci -am '<NEW_RELEASE_VERSION>'
Finally close the release with :
git flow release finish <NEW_RELEASE_VERSION>
You are done, now simply npm publish
it ;)
FAQs
library of factorial components
The npm package factorial-components receives a total of 5 weekly downloads. As such, factorial-components popularity was classified as not popular.
We found that factorial-components demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.