Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
kdan-ui-revamp
Advanced tools
kdan-ui-revamp
React library library of foundational and advanced components by Kdan web design system
Kdan UI
The Setup
- React v18
- TypeScript
- StyledComponent for css styling
- UI development with Storybook
- Unit test with Testing-library
- Build the library with Rollup
- Automated release with changesets
Development
-
Build the library:
yarn build -
Run storybook:
yarn storybook -
Unit test component with:
yarn test -
Create changeset:
yarn changeset
Release & Publish package
This boilerplate uses changesets to automatically generate CHANGELOG, create releases and publish to NPM registry via GitHub Actions. You can see action details at release.yml.
To automating publish your library, follow these steps:
-
Create a
NPM_TOKEN. See this article for more details. Make sure the type of access token is Automation. -
Follow this instruction to add the created token to your GitHub Actions secrets. Name of the secret is
NPM_TOKEN. -
Install changeset bot.
P/S: Remember to check the Allow GitHub Actions to create and approve pull requests in your repo Settings > Actions > General & scroll to Workflow permissions.
FAQs
React library library of foundational and advanced components by Kdan web design system
The npm package kdan-ui-revamp receives a total of 81 weekly downloads. As such, kdan-ui-revamp popularity was classified as not popular.
We found that kdan-ui-revamp demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 26 Feb 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025