Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
vital
- 2.2.1
- Rubygems
Note: Vital v2.x is not backwards compatible with v1.x. Some things may break. You may need to do some refactoring.
Vital
A minimally invasive CSS framework for modern web applications.
- Vital is a reverse approach to "everything and the kitchen sink" CSS frameworks.
- Built with Sass and Slim for readability and maintainability.
- No ridiculous amounts of classes or nesting. No excessively buried code.
- Written almost entirely in em values, allowing for easy and consistent scaling.
- Small:
| Size | Gzipped | |
|---|---|---|
| Javascripts | 0 | |
| Vital CSS | 23 KB | 6 KB |
Usage
A couple installation options are available:
- Download the latest release tarball from https://github.com/doximity/vital/releases.
- Install the
vitalRubyGem, NPM or Bower package on your project. - Use a precompiled release from RawGit.
Check out our docs for information on installation methods, framework contents, templates, examples and more.
Development
NOTE: The project requires Ruby 2.0+ for building its assets and documentation.
Initial setup:
git clone https://github.com/doximity/vital.git
cd vital
bundle
# If you want to build / work on documentation
cd docs
bundle
Compiling assets locally
cd vital
bundle exec rake vital:build
Build the documentation
Vital is built using a simple static generator: https://middlemanapp.com/
cd vital/docs
bundle
bundle exec middleman
Publishing
Publishing and deployment should be performed by a Doximity member.
Releasing a new version
- Ensure docs,
README.md,CHANGELOG.mdare up to date - Bump version on
lib/vital/version.rb - Bump version on
package.json#L3 bundle exec rake vital:buildbundle, commit and push theGemfile.lockfilegit add ...all of the updated filesgit commit -m 'vX.Y.Z'- Create a branch, get it approved, merge the branch and checkout
master bundle exec rake releaseto push to RubyGemsnpm publishto push to NPM- Go to https://github.com/doximity/vital/releases and create a new release with the tarball attached
- In Slack, run
doxbot ship vitalto deploy documentation site - Visit http://vitalcss.s3-website-us-east-1.amazonaws.com and http://vitalcss.com and ensure it has been updated
Reporting Issues and Suggestions
Please submit GitHub issues for problems with the library. Also, feel free to submit a pull-request with suggested changes.
FAQs
Unknown package
We found that vital demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 26 May 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024