Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Automatic icon resizing for Mobile Apps. Supports Native, Cordova and React Native. Inspired by cordova-icon.
Icon management for Mobile Apps. Create icons, generate all required sizes, label and annotate. Supports Native, Cordova, React Native, Xamarin and more. Inspired by cordova-icon. Node 10 and onwards supported.
This simple tool allows you to create a single icon in your app project, then create icons of all required sizes from it. It currently works for iOS and Android. You can also add labels to your app icons.
Create a single large icon.png
at least 192 pixels square, or run app-icon init
to create this icon, then run:
# If you are using npm 5.2 onwards...
npx gcon generate
# ...for older versions of npm
npm install -g gcon
gcon generate
You can also use the module directly in node:
/**
* appIcon = {
* labelImage(inputFilePath, outputFilePath, topText, bottomText),
* generate({ sourceIcon, platforms, search }),
* templates: {
* 'AndroidManifest.icons': {...json file...},
* 'AppIcon.iconset': {...json file...},
* },
* }
*/
import appIcon from 'gcon';
Promise.resolve()
.then(() => appIcon.labelImage('./inputfile.png', './out.png', 'UAT', '0.12.3'))
.then(() => appIcon.labelImage('./inputfile.png', './out.png', 'UAT')) // Bottom text optional
.then(() => appIcon.labelImage('./inputfile.png', './out.png', null, '0.12.3')) // Top text optional
.then(() => appIcon.generate()) // will use all default values
.then(() => appIcon.generate({
sourceIcon: './icon.png', // Path of the icon to use
platforms: 'android,ios', // The platforms to generate icons for (i.e. 'android')
searchRoot: './',
}));
Install with:
npm install -g gcon
You will need imagemagick installed:
brew install imagemagick # OSX
sudo apt-get install imagemagick # Debian/Ubuntu/etc
sudo yum install imagemagick # CentOS/etc
The gcon
tool can be used to create a simple template icon, generate icons of all sizes from a template icon, or label icons.
If you do not already have a single icon to use as the main icon for your project, you can create one with the init
command:
gcon init # generates an icon named icon.png
You can also add a simple label to the icon.
gcon init --caption "App" # creates an icon with the text 'App'
To create template Adaptive Icons for Android include the --adaptive-icons
flag.
Add an icon (ideally at least 192x192 pixels) named icon.png
to your project root (or run gcon init
). To automatically generate icons of all sizes for all app projects in the same folder, run:
gcon generate
If an iOS project is present, then the icon will be copied at all required sizes to:
./ios/<ProjectName>/Images.xcassets/AppIcon.appiconset
If an Android project is present, then the icon will be copied at all required sizes to:
./android/app/src/main/res
You can limit the platforms which icons are generated for with the --platforms
flag, specifying:
gcon generate --platforms=ios
gcon generate --platforms=android,ios
By default the tool will generate icons for both platforms.
You can search in specific directories for icons, if the presence of other projects is interfering, just use the --search
or -s
parameter:
gcon generate -s ./ios -s ./android
You can specify the path to the source icon, as well as the folder to search for app projects, just run gcon generate -h
to see the options.
Add labels to an icon with the command below:
gcon label -i icon.png -o output.png --top UAT --bottom 0.12.3
This would produce output like the below image:
This is a useful trick when you are creating things like internal QA versions of your app, where you might want to show a version number or other label in the icon itself.
To label adaptive icons, simply run the label
command against the foreground adaptive icon image.
Support for Adaptive Icons for Android is being introduced. This will happen in stages and should be considered an 'alpha' feature until otherwise noted.
The current goals are:
--adaptive-icons
flagNone of the current commands support the --adaptive-icons
flag. The init
command will be the first to bring support, then generate
. If the feature is working well for users then I will document in detail its usage, until then it is an 'experimental' feature!
There is an excellent guide on developing Adaptive Icons here.
To test how adaptive icons will look when animated, swiped, etc, the Adaptive Icons website by Marius Claret is very useful!
Note that Adaptive Icons of all supported sizes are generated. However, we also generate the res/mipmap-anydpi-v26/
adaptive icon. This is a large size icon which Android from v26 onwards will automatically rescale as needed to all other sizes. This technically makes the density specific icons redundant. The reason we generate both is to ensure that after generate
is run, all icons in the project will be consistent.
The only dependencies are Node 10 (or above) and Yarn.
Useful commands for development are:
Command | Usage |
---|---|
npm test | Runs the unit tests. |
npm run test:debug | Runs the tests in a debugger. Combine with .only and debugger for ease of debugging. |
npm run cov | Runs the tests, writing coverage reports to ./artifacts/coverage . |
Currently the linting style is based on airbnb. Run npm run lint
to lint the code.
Install the dependencies (I recommend Node Version Manager):
nvm install 8
nvm use 8
git clone git@github.com:dwmkerr/app-icon.git
cd app-icon
npm install && npm test
Run the tests with:
npm test
Tests are executed with Mocha and coverage is handled by Istanbul. Coverage reports are written to an ./artifacts
folder.
Note that best practices are to pass Mocha a quoted string with a glob pattern for cross-platform execution of tests (see Mocha Docs). However for some reason on AppVeyor this doesn't seem to work. Leaving the pattern unquoted works for cmd
as well as the shell in builds for now. So please be careful if changing the quotes and test on both platforms.
Conventional Commits should be used. This allows the CHANGELOG to be kept up to date automatically, and ensures that semantic versioning can be expected from the library.
To create a release.
npm run release
.git push --tags && git push && npm publish
Note that semantic-version
is used, meaning a changelog is automatically kept up to date, and versioning is handled semantically based on the commit message.
Builds are run on CircleCI. You can run the CircleCI build locally with the following command:
make circleci
The builds use custom docker images which contain the appropriate Node.js runtime, as well as the ImageMagick binaries. These custom images are stored in the .circleci/images
folder. You can use the .circleci/images/makefile
makefile to build them, but permissions to push to the dwmkerr
Docker Hub account are required to publish these images. In general, these should not need to be modified.
The debug
package is used to support low-level debugging. If you want to see debug messages when running the tool, just set the DEBUG
environment variable to gcon
:
DEBUG=gcon gcon generate --platforms android
This project includes some sample apps in the test
folder, which are used for the tests. You can also run these apps to see the icons produced in action.
To run:
cd ./test/ReactNativeIconTest/
npm install
react-native run-ios
# OR react-native run-android
To run:
cd ./test/CordovaApp/
npm install
cordova run ios
# OR cordova run android
To run the native apps, open the ./test/NativeApp
directory, then open the iOS/Android projects in XCode/AndroidStudio as needed.
gcon
dependds on ImageMagick. ImageMagick 6 is installed by default on many Linux distributions, as well as OSX. Some platforms are regularly tested (such as Ubuntu, via CircleCI). Other platforms may work but are not tested when I make a release, so your results may vary.
The table below shows the current confirmed compatibility:
Platform | gcon | ImageMagick | Status |
---|---|---|---|
OSX | 0.6.x | 6, 7 | ✅ |
Ubuntu 14 | 0.6.x | 6 | ✅ |
Images labelled with gcon label
have the text slightly vertically offset
This seems to be an issue with Imagemagick 6 - try upgrading to 7.
MIT
FAQs
Automatic icon resizing for Mobile Apps. Supports Native, Cordova and React Native. Inspired by cordova-icon.
The npm package gcon receives a total of 0 weekly downloads. As such, gcon popularity was classified as not popular.
We found that gcon demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.