Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@egjs/flicking
Advanced tools
Everyday 30 million people experience. It's reliable, flexible and extendable carousel.
Everyday 30 million people experience. It's reliable, flexible and extendable carousel.
📱💻🖥
renderOnlyVisible
, isEqualsSize
, isConstantSize
) to make your carousel more performant.circular
and bound
).$ npm install --save @egjs/flicking
import Flicking from "@egjs/flicking";
const flicking = new Flicking("#el", { circular: true });
<script src="https://cdnjs.cloudflare.com/ajax/libs/egjs-flicking/3.x.x/flicking.js"></script>
var flicking = new eg.Flicking("#el", { circular: true });
⚠️ NOTICE: Flicking requires minimal structure to initialize properly.
As Flicking applies position: absolute
for panels, either wrapper or panel should have fixed height value.
✅
<div id="wrapper" style="height: 120px">
<div class="panel"></div>
<div class="panel"></div>
<div class="panel"></div>
</div>
<div id="wrapper">
<!-- Least one of them should have fixed height -->
<div class="panel" style="height: 120px;"></div>
<div class="panel"></div>
<div class="panel"></div>
</div>
❌
<div id="wrapper"> <!-- Wrapper height is dependent on panel height -->
<div class="panel" style="height: 100%;"></div>
<div class="panel" style="height: 100%;"></div>
<div class="panel" style="height: 100%;"></div>
</div>
Flicking applies Google Analytics (GA) to collect which features are useful to users. For example, the use of the freeScroll
option, or the value of the gap
option, and so on. Statistics also DO NOT contain any information that can identify an individual. Statistics on the usage will serve as basis for making better products. To disable GA, set the collectStatistics
option to false
as follows:
var flicking = new eg.Flicking("#el", { collectStatistics: false });
Package | Version | Description |
---|---|---|
@egjs/flicking-plugins | Readymade effects for your carousel | |
@egjs/ngx-flicking | Angular port of @egjs/flicking | |
@egjs/react-flicking | React port of @egjs/flicking | |
@egjs/vue-flicking | Vue.js port of @egjs/flicking |
10+ | Latest | Latest | Latest | 7+ | 4+ |
Check our Demos.
See Documentation page.
See CONTRIBUTING.md.
Please file an Issue.
See our Roadmap.
@egjs/flicking is released under the MIT license.
Copyright (c) 2015-present NAVER Corp.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
FAQs
Everyday 30 million people experience. It's reliable, flexible and extendable carousel.
We found that @egjs/flicking demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.