![Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack](https://cdn.sanity.io/images/cgdhsj6q/production/6af25114feaaac7179b18127c83327568ff592d1-1024x1024.webp?w=800&fit=max&auto=format)
Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
govuk-frontend
Advanced tools
Changelog
5.2.0 (Feature release)
In this release, we’ve adjusted our responsive type scale, which is available behind a feature flag. The type scale change is to make text easier to read on smaller screens. We’ve also deprecated the useTudorCrown
parameter.
To install this version with npm, run npm install govuk-frontend@5.2.0
. You can also find more information about how to stay up to date in our documentation.
We've made the following adjustments to our responsive type scale:
To enable these changes, set the feature flag variable $govuk-new-typography-scale
to true
before you import GOV.UK Frontend in your Sass files:
// application.scss
$govuk-new-typography-scale: true;
@import "govuk-frontend/all";
If your service uses custom elements made using GOV.UK Frontend, test your service against the new typography scale to assess if you need to make any adjustments.
You can read more on upgrading your service to the new type scale in our upgrade guide.
This change was introduced in pull request #2421: Adjust the responsive type scale
You can now insert custom HTML into form group wrappers for all components with form fields.
govukInput({
formGroup: {
beforeInput: {
html: "example"
},
afterInput: {
html: "example"
},
}
})
This change was introduced in pull request #4567: Add beforeInput(s)
and beforeInput(s)
options to form groups.
useTudorCrown
parameter in the Heading componentThe rollout for the revised GOV.UK logo has started and the Tudor crown logo is now shown by default. We’ve deprecated the useTudorCrown
parameter and will remove it in the next major release.
You can now remove the useTudorCrown
parameter, along with any other adjustments made to display the Tudor crown logo in your service.
This change was introduced in pull request #4740: Make Tudor Crown logo the default
We've made fixes to GOV.UK Frontend in the following pull requests:
Readme
GOV.UK Frontend contains the code you need to start building a user interface for government platforms and services.
See live examples of GOV.UK Frontend components, and guidance on when to use them in your service, in the GOV.UK Design System.
GOV.UK Frontend is maintained by a team at Government Digital Service. If you want to know more about GOV.UK Frontend, please email the Design System team or get in touch with them on Slack.
There are 2 ways to start using GOV.UK Frontend in your app.
Once installed, you will be able to use the code from the examples in the GOV.UK Design System in your service.
We recommend installing GOV.UK Frontend using node package manager (npm).
You can also download the compiled and minified assets (CSS, JavaScript) from GitHub.
You need to import the GOV.UK Frontend styles into the main Sass file in your project. You should place the below code before your own Sass rules (or Sass imports) if you want to override GOV.UK Frontend with your own styles.
To import add the below to your Sass file:
@import "node_modules/govuk-frontend/dist/govuk/all";
More details on importing styles
Some of the JavaScript included in GOV.UK Frontend improves the usability and accessibility of the components. You should make sure that you are importing and initialising JavaScript in your application. This will ensure all users can use it successfully.
You can include JavaScript for all components by copying both govuk-frontend.min.js
and govuk-frontend.min.js.map
from node_modules/govuk-frontend/dist/govuk/
into your application and referencing the JavaScript directly:
<script type="module" src="{path-to-javascript}/govuk-frontend.min.js"></script>
Next you need to import and initialise GOV.UK Frontend by adding:
<script type="module">
import { initAll } from '{path-to-javascript}/govuk-frontend.min.js'
initAll()
</script>
More details on importing JavaScript and advanced options
In order to import GOV.UK Frontend images and fonts to your project, you should configure your application to reference or copy the relevant GOV.UK Frontend assets.
More details on importing assets
To be notified when there’s a new release, you can either:
Find out how to update with npm.
Unless stated otherwise, the codebase is released under the MIT License. This covers both the codebase and any sample code in the documentation. The documentation is © Crown copyright and available under the terms of the Open Government 3.0 licence.
If you want to help us build GOV.UK Frontend, view our contribution guidelines.
FAQs
GOV.UK Frontend contains the code you need to start building a user interface for government platforms and services.
The npm package govuk-frontend receives a total of 82,198 weekly downloads. As such, govuk-frontend popularity was classified as popular.
We found that govuk-frontend demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.