Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
IconGo
Easily include popular icons in your React projects and provide an easy tool to convert svg into React components.
All Packages
| Name | NPM Version | Website |
|---|---|---|
@icongo/ad |  | #preview |
@icongo/ae |  | #preview |
@icongo/bi |  | #preview |
@icongo/bl |  | #preview |
@icongo/br |  | #preview |
@icongo/bs |  | #preview |
@icongo/bts |  | #preview |
@icongo/cb |  | #preview |
@icongo/cci |  | #preview |
@icongo/ccp |  | #preview |
@icongo/cg |  | #preview |
@icongo/ci |  | #preview |
@icongo/co |  | #preview |
@icongo/ct |  | #preview |
@icongo/cy |  | #preview |
@icongo/di |  | #preview |
@icongo/ei |  | #preview |
@icongo/ev |  | #preview |
@icongo/fa |  | #preview |
@icongo/fc |  | #preview |
@icongo/fd |  | #preview |
@icongo/fg |  | #preview |
@icongo/fi |  | #preview |
@icongo/fl |  | #preview |
@icongo/fp |  | #preview |
@icongo/fs |  | #preview |
@icongo/gi |  | #preview |
@icongo/go |  | #preview |
@icongo/gr |  | #preview |
@icongo/gy |  | #preview |
@icongo/hi |  | #preview |
@icongo/ic |  | #preview |
@icongo/ii |  | #preview |
@icongo/ik |  | #preview |
@icongo/im |  | #preview |
@icongo/io |  | #preview |
@icongo/ir |  | #preview |
@icongo/is |  | #preview |
@icongo/iu |  | #preview |
@icongo/ix |  | #preview |
@icongo/ji |  | #preview |
@icongo/la |  | #preview |
@icongo/lg |  | #preview |
@icongo/li |  | #preview |
@icongo/lu |  | #preview |
@icongo/mc |  | #preview |
@icongo/md |  | #preview |
@icongo/mi |  | #preview |
@icongo/mn |  | #preview |
@icongo/mp |  | #preview |
@icongo/mr |  | #preview |
@icongo/pbi |  | #preview |
@icongo/pk |  | #preview |
@icongo/pp |  | #preview |
@icongo/ps |  | #preview |
@icongo/ri |  | #preview |
@icongo/scwi |  | #preview |
@icongo/si |  | #preview |
@icongo/sk |  | #preview |
@icongo/sl |  | #preview |
@icongo/sn |  | #preview |
@icongo/sti |  | #preview |
@icongo/tb |  | #preview |
@icongo/ti |  | #preview |
@icongo/tii |  | #preview |
@icongo/tn |  | #preview |
@icongo/uiw |  | #preview |
@icongo/vl |  | #preview |
@icongo/vsc |  | #preview |
@icongo/vsi |  | #preview |
@icongo/vv |  | #preview |
@icongo/wi |  | #preview |
@icongo/wl |  | #preview |
Usage
import { DIAndroid } from "@icongo/di";
import { STIApple } from '@icongo/sti/lib/STIApple';
function Demo() {
return (
<div>
<STIApple />
<DIAndroid />
</div>
)
}
icongo
npm i icongo
Usage: icongo [options] [--help|h]
Options:
--output, -o Output the svg icon component to the specified directory. Default: "components"
--source, -s svg icon folder. Default: "icons"
--prefix SVG component name prefix.
--filter Matching some icons does not generate components.
--rename, -r Icon rename E.g: '{"jet-pack": "JetPack1"}'.
--config, -c SVGR supports project configuration files for SVGR, SVGO and Prettier.
--version, -v Show version number
--help, -h Displays help information.
Example:
npm icongo --output components
npm icongo --source icons
npm icongo --source icons --config='{"svgProps": {"viewBox": "0 0 20 20"}}'
npm icongo -s svg -o src -r '{"jet-pack": "JetPack1"}'
npm icongo --source icons --filter='(calendar).svg'
npm s2r --source icons
Usage
{
"name": "@wcjiang/icons",
"version": "0.0.1",
"main": "./lib/index.js",
"module": "./esm/index.js",
"types": "./lib/index.d.ts",
"scripts": {
"build": "tsbb build src/*.tsx --useBabel",
"start": "icongo --prefix BS --source data/icons -o ./src"
},
"devDependencies": {
"icongo": "*",
"tsbb": "^4.0.3"
}
}
Docker
The Icons search website can be deployed to your personal server via docker.
docker pull wcjiang/icongo
# Or
docker pull ghcr.io/jaywcjlove/icongo:latest
docker run --name icongo --rm -d -p 9112:80 wcjiang/icongo:latest
# Or
docker run --name icongo -itd -p 9112:80 wcjiang/icongo:latest
# Or
docker run --name icongo -itd -p 9112:80 ghcr.io/jaywcjlove/icongo:latest
Visit the following URL in your browser:
License
Licensed under the MIT License.
Keywords
FAQs
SVG icon to react component.
The npm package icongo receives a total of 2 weekly downloads. As such, icongo popularity was classified as not popular.
We found that icongo demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 17 Apr 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025