Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
org.webjars.bower:photoswipe
Advanced tools
JavaScript image gallery for mobile and desktop.
npm install photoswipe
.bower install photoswipe
.Coded something useful? Email me and I’ll post a link to it here.
To compile PhotoSwipe by yourself, make sure that you have Node.js, Grunt.js, Ruby and Jekyll installed, then:
Clone the repository
Go inside the PhotoSwipe folder that you fetched and install Node dependencies
cd PhotoSwipe && npm install
Run grunt
to generate the JS and CSS files in the dist
folder and the site in the _site/
folder
grunt
Optionally:
grunt watch
to automatically rebuild files (JS, CSS, demo website and documentation) when you change files in src/
or in website/
.grunt nosite
to build just JS and CSS files (output is folder dist/
).grunt pswpbuild
to build just JS files. Param --pswp-exclude
allows to exclude modules, for example grunt pswpbuild --pswp-exclude=history
will exclude history module.If you’ve used PhotoSwipe in some interesting way, or on the site of a popular brand, I’d be very grateful if you shoot me a link to it.
Script is licensed under MIT license with one exception: Do not create a public WordPress plugin based on it, as I will develop it. If you need to use it for a public WordPress plugin right now, please ask me by email first. Thanks!
Attribution is not required, but much appreciated, especially if you’re making a product for developers.
PhotoSwipe 4.0+ is developed by Dmitry Semenov. But initially script was created in 2011 by Code Computerlove, a digital agency in Manchester, they passed on development in March 2014. You can view source and documentation of old PhotoSwipe (<4.0) in history of this repo.
FAQs
WebJar for photoswipe
We found that org.webjars.bower:photoswipe demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.