
Research
Security News
Lazarus Strikes npm Again with New Wave of Malicious Packages
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
ghost-design-system
Advanced tools
npm install ghost-design-system
// Neutral pallet
$chalk: rgb(228, 228, 228);
$charcoal: rgb(51, 51, 51);
$pebble: rgb(117, 117, 117);
$silver: rgb(196, 196, 196);
$smoke: rgb(248, 248, 248);
$white: rgb(255, 255, 255);
// Additional pallet
$scooter: rgb(38, 186, 212);
$buttercup: rgb(244, 174, 38);
$cerulean: rgb(1, 82, 129);
$cinnabar: rgb(232, 61, 71);
$fern: rgb(92, 184, 92);
$sky: rgb(16, 156, 241);
$tangerine: rgb(229, 114, 0);
$error: rgb(255, 52, 24);
$primary: $scooter;
$secondary: $pebble;
$tertiary: $charcoal;
$fontfamily: 'Montserrat', sans-serif;
index.scss
file by starting it with:@import 'colors.scss';
@import '~ghost-design-system/dist/assets/_global.scss';
@import '~ghost-design-system/dist/assets/_general.scss'; // Optional
This react components library uses the following:
Peer dependencies:
Dev dependencies:
├── .storybook
├── src
│ ├── Components
| | ├── Atoms
| | | ├── Example
| | | | ├── __tests__
| | | | | ├── Example.test.tsx
| | | | ├── Example.stories.mdx
| | | | ├── Example.tsx
| | | | ├── index.ts
| | | ├── index.ts
| | ├── index.ts
| ├── index.ts
├── LICENSE
├── package.json
├── README.md
Once you have created your new component make sure you have exported it in the src/components/index.ts
file. Doing so allows the component to be compiled.
// src/components/index.ts
export \* from './MyComponent';
export \* from './SomeOtherComponent';
You can develop your new component using storybook as your playground. Once you have added the .stories.tsx
file for you new component, you can run yarn storybook
to start the service.
$ npm run test
Watch
$ npm run test:watch
Coverage
$ npm run test:coverage
$ npm run format
Validate project formatting
$ npm run format:check
$ npm run lint
Fix
$ npm run lint:fix
$ npm run storybook
Build storybook
$ npm run build-storybook
$ npm run build
The build output will go into the dist
directory
Must be one of the following:
PATCH
in semantic versioning)MINOR
in semantic versioning).PATCH
in semantic versioning).PATCH
in semantic versioning).PATCH
in semantic versioning).The Description contains a succinct description of the change:
Use the imperative, present tense: "change" not "changed" nor "changes". The body should include the motivation for the change and contrast this with previous behavior.
The footer should contain any information about Breaking Changes and is also the place to reference issues that this commit Closes.
A commit that has the text BREAKING CHANGE:
at the beginning of its optional body or footer section introduces a breaking API change (correlating with MAJOR
in semantic versioning). A BREAKING CHANGE can be part of commits of any type.
should start with the word BREAKING CHANGE:
with a space or two newlines. The rest of the commit message is then used for this.
If the commit reverts a previous commit, it should begin with revert:
, followed by the header of the reverted commit. In the body it should say: This reverts commit <hash>.
, where the hash is the SHA of the commit being reverted.
The changelog.md is automatically generated from the following types of commits:
feat
fix
perf
revert
In addition to these types, any breaking change
will also be added to the changelog.
FAQs
Ghost design system - React Component Library
The npm package ghost-design-system receives a total of 6 weekly downloads. As such, ghost-design-system popularity was classified as not popular.
We found that ghost-design-system demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.