Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
github.com/notsatvrn/gl
- Version published
- Created
XGL
XGL is a cross-platform binding to OpenGL for Go, exposing an OpenGL ES-like API.
The API is very similar to OpenGL ES, with a few important changes.
- Addition of
GetBoundFramebufferfunction. - Functions which use pointers to arrays for returning data have versions for getting a single value.
- For example, you can use
GetShaderivto store integer values from a parameter in an array, orGetShaderito return only one. - The purpose of this is simply ease of use.
- For example, you can use
- All
Genfunctions are renamed toCreate.- For example,
GenBuffersbecomesCreateBuffers. - There are also functions for simply generating 1 of each type, such as
CreateBuffer.
- For example,
- No
GetVertexAttribPointervorShaderBinaryfunctions.GetVertexAttribPointervrequires a complicated implementation and wont be used by most programs.ShaderBinaryis impossible to implement for WebGL. Other platforms can supportShaderBinary, but its usage is considered a security risk anyways, and we want to provide a consistent API on all platforms. No platform-specific functions.
- Functions which fail if an argument doesn't have a specific value don't ask the user for that argument.
- Because, really, why?
Support
Below is a table showing the versions of XGL and the minimum required GL versions for each platform.
| XGL | OpenGL (Desktop) | OpenGL ES (Mobile) | WebGL (Browser) |
|---|---|---|---|
| 2.0 | 2.1 | 2.0 | 1.0 |
Support for OpenGL ES 3.0 and 3.1 is planned.
OpenGL ES 3.2 is not planned, due to WebGL not supporting it yet.
Installation
go get -u github.com/notsatvrn/xgl/...
GOARCH=js go get -u -d github.com/notsatvrn/xgl/...
Usage
These bindings implement a glfw.ContextWatcher interface.
Recommended usage is with github.com/notsatvrn/glfw package, which accepts a ContextWatcher in its Init, and takes on the responsibility of notifying it when context is made current or detached.
if err := glfw.Init(gl.ContextWatcher); err != nil {
// Handle error.
}
defer glfw.Terminate()
If you're not using a ContextWatcher-aware glfw library, you must call methods of gl.ContextWatcher yourself whenever you make a context current or detached.
window.MakeContextCurrent()
gl.ContextWatcher.OnMakeCurrent(nil)
glfw.DetachCurrentContext()
gl.ContextWatcher.OnDetach()
FAQs
Unknown package
Package last updated on 17 Dec 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024