Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
nhsuk-frontend
Advanced tools
The NHS website frontend styles, for creating NHS websites and services.
NHS.UK Frontend contains all the code you need to start building user interfaces for NHS websites and services.
You can see examples of components, and guidance on when to use them, in the NHS digital service manual.
There are 2 ways you can start using NHS.UK Frontend in your websites and services.
We recommend installing NHS.UK Frontend via package managers; node package manager (npm), yarn, or the Python Package Index (PyPi).
If you are not using one of the above package managers, you can install by using our compiled files.
Please see our browser support information to see which browsers NHS.UK Frontend supports.
Please see our contributing guidelines on how to set up the project locally and contribute changes to NHS.UK Frontend.
Special thanks to the following for their contributions:
NHS.UK Frontend is actively maintained by a team at NHS Digital, you can contact us on Slack or send us an email.
Unless stated otherwise, the codebase is released under the MIT License. This covers both the codebase and any sample code in the documentation. The documentation is © Crown copyright and available under the terms of the Open Government 3.0 licence.
0.1.5 (Prerelease) - 22 November 2018
:wrench: Fixes
FAQs
NHS.UK frontend contains the code you need to start building user interfaces for NHS websites and services.
The npm package nhsuk-frontend receives a total of 7,580 weekly downloads. As such, nhsuk-frontend popularity was classified as popular.
We found that nhsuk-frontend demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.