profile
viewpoint
Roberto Wesley Overdijk RWOverdijk SpoonX Studio Heerhugowaard https://medium.com/@r.w.overdijk

RWOverdijk/AssetManager 213

AssetManager written for zf2. Managing assets for zend framework 2

BlueHotDog/sails-migrations 156

The missing, migrations, arm of the octopus

rmevans9/react-native-router-flux 1

First Declarative React Native Router

RWOverdijk/AssetLoader 1

AssetLoader module for ZF2

RWOverdijk/2048-android 0

The android port of the 2048 game (for offline playing)

RWOverdijk/about 0

About SpoonX.

RWOverdijk/about-1 0

About SWAN stack

RWOverdijk/admin-on-rest 0

A frontend framework for building admin SPAs on top of REST services, using React and Material Design

RWOverdijk/AdminLTE 0

AdminLTE - Free Premium Admin control Panel Theme That Is Based On Bootstrap 3.x

pull request commentreact-native-svg/react-native-svg

fix#1471: every element is focusable on web

I don't like being part of bumpers, but bump. I'm using a lot of ts-ignores now and I'm afraid I might get attacked by the other devs if I keep adding them.

intergalacticspacehighway

comment created time in 9 days

startedMPIB/arc-vr

started time in 11 days

issue openedGeekyAnts/react-native-aria

useOverlayPosition on scroll

When scrolling, the position provided by useOverlayPosition doesn't seem to update. What's the recommended approach to solving this? The scrolling occurs on an outer scrollview. Is there a way to hook that up and make it either update the position or close the tooltip?

created time in 23 days

issue commentveged/coa

Last release contains malicious code

It did seem that way, yes. I couldn't find any code downloaded (like the dll) or executed (other than the OS check) on anything other than windows.

RWOverdijk

comment created time in 23 days

issue commentveged/coa

Last release contains malicious code

Does anybody know what's the exact timeframe of the availability of the malware? At what time/date have they been published and when exactly have those versions been removed? Thanks

It's all in this thread. I'll update the description for convenience.

14:12 CET until 15:24 CET based on the comments.

RWOverdijk

comment created time in 24 days

issue openedthibault-vanderseypen/vsce-i18n-json-editor

Feature request: Namespaced and nested json files

It's not uncommon to have nested/namespaced translation files:

i18n
├── en
│   ├── components.json
│   └── screens.json
├── nl
│   ├── components.json
│   └── screens.json

It would be nice if those could get picked up the way (for example) Easy I18n does it.

created time in 24 days

issue commentexpo/eas-cli

Failed to install Expo CLI after trying to build with EAS

It's just weird to me, because those versions were pulled from npm. Is there some sort of build cache that needs to be invalidated maybe?

tusharkhatiwada

comment created time in a month

issue commentexpo/eas-cli

Failed to install Expo CLI after trying to build with EAS

That might be because you're not directly using it. Some other package is. Check your lock file and look for coa. Or use ls to see why it's in your project to find out where the problem is

tusharkhatiwada

comment created time in a month

issue commentexpo/eas-cli

Failed to install Expo CLI after trying to build with EAS

Resolutions only work with yarn I think.

You should install the version specifically, I think it's stuck in your lock file maybe?

tusharkhatiwada

comment created time in a month

issue commentveged/coa

Last release contains malicious code

I've really had it with these vulnerabilities being released, it's like playing whack-a-mole. Not saying this will completely solve the problem, but can we petition NPM to help the open source community by scanning packages before publishing?

https://chng.it/fWn48ybQqc

I love the initiative. But can it be expanded to enforce 2FA? I think it's a lot easier to circumvent a scan than it is to circumvent 2FA.

RWOverdijk

comment created time in a month

issue commentveged/coa

Last release contains malicious code

Versions 3.0.1, 2.1.1, 2.0.4 has payloads and probably still all your credentials, tokens and etc. Change your credentials everywhere! Enable 2FA. Versions 3.1.3, 2.1.3, 2.0.3 are just compromised and failing to install

Linux and Mac users are not affected, correct?

Correct. The code explicitly checked the OS.

image

centos7 error

When I said "affected" I meant security/vulnerability wise. This still caused errors across the board.

RWOverdijk

comment created time in a month

issue commentveged/coa

Last release contains malicious code

Versions 3.0.1, 2.1.1, 2.0.4 has payloads and probably still all your credentials, tokens and etc. Change your credentials everywhere! Enable 2FA. Versions 3.1.3, 2.1.3, 2.0.3 are just compromised and failing to install

Linux and Mac users are not affected, correct?

Correct. The code explicitly checked the OS.

RWOverdijk

comment created time in a month

issue commentveged/coa

Last release contains malicious code

Versions 3.0.1, 2.1.1, 2.0.4 has payloads and probably still all your credentials, tokens and etc. Change your credentials everywhere! Enable 2FA.

Versions 3.1.3, 2.1.3, 2.0.3 are just compromised and failing to install

Those versions were compromised and have been removed. Regarding what was stolen/done: I don't know. I didn't see the dll contents.

RWOverdijk

comment created time in a month

issue commentveged/coa

Last release contains malicious code

did the malicious code deal any damage or was this a failed attempt?

I am not sure. The last version did seem to have a working dll downloaded. I'm not sure what the dll does yet.

RWOverdijk

comment created time in a month

issue commentveged/coa

Last release contains malicious code

Looks like it. But isn't the account still compromised? How do we know none of the other packages have the same issue?

RWOverdijk

comment created time in a month

issue commentveged/coa

Last release breaks several other packages (broken preinstall)

@yarastqt it looks like an easy fix.

I'm just curious why this was published to begin with as well as the intention. Simply looking at the diff it looks like it is trying to run something in the background.

Is this a failed attempt at publishing malicious code? If not, please explain what happened. With millions of installs I think that's a good idea.

RWOverdijk

comment created time in a month

issue commentveged/coa

What happened?

More info in/duplicate of #99

cytle

comment created time in a month

issue openedveged/coa

Last release breaks svgr cli

I'm not sure why or what happened but 10 minutes ago there was a release (even though the last change on github was in 2018). Whatever this release did, it broke the svgr cli:

Error: Cannot find module '/Users/me/.npm/_npx/27078/lib/node_modules/@svgr/cli/node_modules/coa/compile.js'

created time in a month

PR opened react-navigation/react-navigation.github.io

fix: change channel name for discord

Upon joining I noticed the channel is archived and has been merged into #help-react-native.

I've read the read-me but I don't understand the instructions. So if this pr is wrong feel free to think of it as an issue instead.

+1 -1

0 comment

1 changed file

pr created time in a month

push eventRWOverdijk/react-navigation.github.io

Roberto Wesley Overdijk

commit sha 3cbd3a8a03cd561d49d6efeda3bd51bd3e3bd876

fix: change channel name for discord Upon joining I noticed the channel is archived and has been merged into #help-react-native.

view details

push time in a month

startedIjzerenHein/react-native-shared-element

started time in a month

fork RWOverdijk/svelte-kit-blog-demo

A demo of a markdown based blog with SvelteKit, deployed to Github Pages.

https://svelteland.github.io/svelte-kit-blog-demo/

fork in 2 months

issue closedakveo/react-native-ui-kitten

Use forwardRef

🚀 Feature Proposal

It's not really a feature proposal, more of a change proposal. I made a SectionList and used the current List as an example. I noticed that it overrides/proxies some methods such as scrollToIndex and scrollToEnd.

My suggestion is to use forwardRef for these components to make them cleaner and more compatible (any API changes in RN won't need changes in those components). Here's how I did it for my SectionList:

import React, { forwardRef } from 'react';
import { SectionList as NativeSectionList } from 'react-native';
import { styled } from '@ui-kitten/components';

const SectionList = forwardRef(({ style, themedStyle, ...derivedProps }, ref) => (
  <NativeSectionList
    {...derivedProps}
    ref={ref}
    style={[themedStyle, style]}
  />
));

SectionList.styledComponentName = 'SectionList'

export default styled(SectionList)

I've tested changing the mapping, checked if the methods are there (scrollToLocation) and verified everything works as I expect. The only difference is that it can now be made pretty using the styling system.

Thoughts?

closed time in 2 months

RWOverdijk

issue commentakveo/react-native-ui-kitten

Use forwardRef

I'm not using ui-kitten anymore and this ref stuff should probably be a different, new issue. I'm closing this and disabling notifications.

RWOverdijk

comment created time in 2 months

issue commentGeekyAnts/NativeBase

Discuss treeshaking approach here.

I just realised my issue (#4097) is a duplicate of this one, kinda.

Anyway, I woud split the components into their own directories like material-ui does:

import Box from '@mui/material/Box';
import List from '@mui/material/List';

This could be kept backwards compatible by keeping the index file as well.

Do note that this is not enough. Internally nativebase also uses imports from index files. Those will need to be either rewritten or otherwise resolved. If the bundled code gets used (which is currently the case in a default expo project for example) babel won't be able to solve it for us, meaning we solve nothing and only add confusion.

intergalacticspacehighway

comment created time in 2 months

issue closedGeekyAnts/NativeBase

Split up components and system or use direct imports

Is your feature request related to a problem? Please describe.

I've tested the bundle that gets created when using nativebase with expo, and everything ends up in there. Tree shaking seems to not be possible due to (I expect) the index file exporting everything.

On top of that I don't want to use most of the components that come with nativebase. I have to build my own. But I love the foundation (the API and primitives such as Box and Text).

So the problem is the size of the dependency. I already heard that styled-components will be taken out soon which is a great start.

Describe the solution you'd like

I think it would be nice to either split up the components into their own packages, or use direct imports.

The latter sounds easier, and accomplishes the same goal. As an example, look at material-ui:

import Box from '@mui/material/Box';
import List from '@mui/material/List';
import ListItem from '@mui/material/ListItem';
import ListItemButton from '@mui/material/ListItemButton';
import ListItemIcon from '@mui/material/ListItemIcon';
import ListItemText from '@mui/material/ListItemText';
import Divider from '@mui/material/Divider';
import InboxIcon from '@mui/icons-material/Inbox';
import DraftsIcon from '@mui/icons-material/Drafts';

It's a bit more verbose on the import side, but it comes with a lot of benefits.

I realise this would mean a breaking change (unless the index stays as an alternative solution).

Sidenote

I noticed this in the bundle: __source:{fileName:"/Users/suraj/Sites/projects/NativeBase/src/components/composites/AlertDialog/AlertDialogFooter.tsx"

I don't think that's what the source should point to. 😄

closed time in 2 months

RWOverdijk

issue commentGeekyAnts/NativeBase

Split up components and system or use direct imports

Duplicate of #3915

RWOverdijk

comment created time in 2 months

issue openedGeekyAnts/react-native-aria

Homepage

What's up with the homepage in package.json? I was looking into using the overlays on their own and ended up here.

https://github.com/intergalacticspacehighway/react-native-bob-mono

I think this perhaps needs to be updated.

created time in 2 months

issue commentGeekyAnts/NativeBase

[v3] [Feature Request] Request More Components

I am using another Portal, but i got some problem when i change the Host 's hierarchy Maybe Native Base's Modal component has a Portal too? Maybe we can just expose the internal Portal😊

I think you can just use Overlay for that. It's what modal uses, too.

likeSo

comment created time in 2 months

more