Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
hypernova-amp
Advanced tools
Aphrodite bindings for Hypernova for rendering AMP pages.
npm install hypernova-amp
Here's how use use it in your module:
import { renderReactAmpWithAphrodite } from 'hypernova-amp';
import MyComponent from './src/MyComponent.jsx';
export default renderReactAmpWithAphrodite(
'MyComponent.hypernova.js', // this file's name (or really any unique name)
MyComponent,
{/* Options */},
);
prependCSS
(string)Inserts css before the generated CSS.
appendCSS
(string)Inserts css after the generated CSS.
enableAmpBind
(bool)Set to true
to enable amp-bind.
Default: false
.
This will transform any attribute named amp-bind-x
into an attribute named [x]
. This is necessary
because react does not support [x]
prop even in conjunction with is
(see next section).
enableRemoveIs
(bool)Utilizes regex to remove is
attribute. React has an undocumented is
prop that when added to an element,
prevents React from transforming/filtering props that you add to the element. Any prop that you
add will be added as an attribute with the same name. For example, adding a class
prop to a <div>
will add a class
attribute to the <div>
. This also means that adding a
className
prop will not do what you normally would expect it to do. You'll want to add the is
prop when using amp-bind-class
together with class
, for example. However, the problem arises
where the is
attribute is also added to the element which causes an AMP validation error. Enabling
the enableRemoveIs
option will remove the is
attribute and thus eliminate the validation error.
Here's an example which utilizes enableAmpBind
and enableRemoveIs
:
<div
is
amp-bind-class={`showThing ? '${thingClass} ${thingOpenClass}' : '${thingClass}'`}
class={ampSearchBarClass}
>
...
</div>
... elsewhere you might have a button like this:
<div
is
role="button"
on="tap:AMP.setState({ showThing: !showThing })"
tabindex="0"
>
Toggle Thing Component
</div>
scripts
(array)Each element of the array is an object with any of the following values:
scripts.customElement
(string)scripts.customTemplate
(string)scripts.src
(string):ampExperimentToken
(string)Adds amp-experiment-token
meta tag with token.
title
(string)Page title
canonicalUrl
(string)Adds meta tag with canonical URL.
jsonSchema
(object)Adds json schema meta tag.
ampState
(object)Adds amp-state tag.
ampAnalytics
(object)Adds amp-analytics tag
ampGoogleAnalytics
(object)Adds amp-analytics (google type) tag
git tag vX.Y.Z
git push --tags
npm install && npm test && npm publish
FAQs
Aphrodite bindings for Hypernova
The npm package hypernova-amp receives a total of 1 weekly downloads. As such, hypernova-amp popularity was classified as not popular.
We found that hypernova-amp demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.