npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@kit-ng-ui/icons

v0.1.0

Published

Kit UI icon component + ant-design-style icon registry.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

hoangns832hoangns832

Keywords

Readme

@kit-ng-ui/icons

SVG icon component + registry for Kit UI.

Install

pnpm add @kit-ng-ui/icons @kit-ng-ui/core

Use

import { Component } from '@angular/core';
import { KitIconComponent } from '@kit-ng-ui/icons';

@Component({
  standalone: true,
  imports: [KitIconComponent],
  template: `
    <kit-icon name="search" size="lg" />
    <kit-icon name="loading" spin />
    <kit-icon name="chevron-right" [rotate]="180" />
  `,
})
export class Demo {}

Built-in icons

loading, check, close, plus, minus, search, chevron-down, chevron-up, chevron-left, chevron-right, info, warning, error, success, sun, moon, github, copy.

Register custom icons

At bootstrap:

import { provideKitIcons } from '@kit-ng-ui/icons';

const heartIcon = {
  name: 'heart',
  viewBox: '0 0 24 24',
  body: '<path fill="currentColor" d="M12 21s-7-4.5-9.5-9A5.5 5.5 0 0 1 12 6a5.5 5.5 0 0 1 9.5 6c-2.5 4.5-9.5 9-9.5 9z"/>',
};

bootstrapApplication(AppComponent, {
  providers: [provideKitIcons([heartIcon])],
});

Or at runtime via KitIconRegistry.register(def).

Security model

KitIconComponent renders the registered SVG body via Angular's DomSanitizer.bypassSecurityTrustHtml for performance — re-sanitizing every icon on every render would dominate paint cost. To stay safe, every body goes through a regex allowlist at registration time (see svg-validator.ts). Rejected constructs include:

  • <script>, <style>, <iframe>, <foreignObject>, <image>
  • on* event handler attributes
  • javascript: URLs
  • href / xlink:href (external references blocked)
  • Any element or attribute not on the explicit allowlist

Trust boundary. Callers MAY hand-author SVG fragments (the starter set does), MAY load fragments from a build-time-generated module, but MUST NOT pass strings sourced from user input, an untrusted API, or any other adversary-reachable channel without sanitising upstream. The icon registry is the wrong place to put attacker-controlled SVG — for that, use Angular's default sanitization on the host element.

If a registration fails the allowlist, the component refuses to register the icon and logs an error (dev mode: throws KitIconValidationError). This errs on the safe side: a missing glyph is better than rendering attacker-controlled markup.

API

| Input | Type | Default | Description | | ----------- | ------------------------------------------------------------- | ------- | ---------------------------------------- | | name | string | — | Registered icon name (required) | | size | 'xs' \| 'sm' \| 'md' \| 'lg' \| 'xl' \| '2xl' \| number | 'md' | Preset key or raw pixel value | | spin | boolean | false | Continuous rotation animation | | rotate | 0 \| 90 \| 180 \| 270 | 0 | Static rotation | | ariaLabel | string \| null | null | If set, marks the icon as role="img" |