Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
gatsby-theme-koncrete
Advanced tools
koncrete is the basis for Gatsby projects, adding **Typescript integration** (which you opt not to use) and **`react-helmet`** (as well as `gatsby-plugin-react-helmet`) by default. Optionally, you can also add `gatsby-plugin-sitemap`, `gatsby-transformer-
koncrete is the basis for Gatsby projects, adding Typescript integration (which you opt not to use) and react-helmet
(as well as gatsby-plugin-react-helmet
) by default. Optionally, you can also add gatsby-plugin-sitemap
, gatsby-transformer-sharp
and gatsby-plugin-netlify
via theme options.
This theme doesn't add any component or functionality, it's purely for packing dependencies. If you're looking for higher-level themes, browse kompanion's theme repository.
npm i gatsby-theme-koncrete
# or
yarn add gatsby-theme-koncrete
All the available options are listed in the example below:
// in your gatsby-config.js
module.exports = {
__experimentalThemes: [
{
resolve: 'gatsby-theme-koncrete',
options: {
// You can edit postcss-preset-env options
presetEnvOptions: { stage: 0 }, // optional
// and add your own postcss plugins. If adding stylelint, for
// example, you'll have to add a .stylelintrc config file
postcssPlugins: [ require('stylelint') ] // optional
}
}
]
// ...
}
Many npm packages aren't transparent about why and how they add dependencies to your projects, and that's part of the reason why our node_modules
folder is so bloated... if your dependency graph concerns you, be sure to read below.
This theme includes the following packages as dependencies, meaning you'll download all of them when using it:
{
"dependencies": {
"@babel/plugin-transform-typescript": "^7.1.0",
"@kompanion/utils": "*",
"@types/react-helmet": "^5.0.8",
"gatsby-plugin-page-creator": "^2.0.10",
"gatsby-plugin-react-helmet": "^3.0.7",
"gatsby-plugin-sharp": "^2.0.28",
"gatsby-plugin-sitemap": "^2.0.9",
"gatsby-plugin-typescript": "^2.0.9",
"gatsby-transformer-sharp": "^2.1.17",
"gatsby-plugin-netlify": "^2.0.11",
"react-helmet": "^5.2.0",
"typescript": "^3.3.0"
},
}
This is an intended behavior to simplify development as, by doing so, you need only install gatsby-theme-koncrete
and not have to worry about the other packages, freeing space and complexity in your package.json
.
Also, having the package doesn't mean you have to use it: if you don't turn them on in the theme's properties, Gatsby won't do anything about it and your runtime won't be affected 😉
prettier
and tslint
/eslint
to run on sites
FAQs
koncrete is the basis for Gatsby projects, adding **Typescript integration** (which you opt not to use) and **`react-helmet`** (as well as `gatsby-plugin-react-helmet`) by default. Optionally, you can also add `gatsby-plugin-sitemap`, `gatsby-transformer-
The npm package gatsby-theme-koncrete receives a total of 0 weekly downloads. As such, gatsby-theme-koncrete popularity was classified as not popular.
We found that gatsby-theme-koncrete demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.