Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@vrbo/fpsmeter
Advanced tools
Small utility that measures frames per second in a browser context.
Optimized javascript utility for measuring frames per second in a browser environment. Useful for observing end-user client run-time performance without adversly impacting performance.
npm install --save @vrbo/fpsmeter
Within your javascript files, import the component:
import FPSMeter from '@vrbo/fpsmeter';
// Configure FPSMeter
const meter = new FPSMeter({
calculatePerMs: 500, // calculation window for FPS
onUpdate: (update) => {
// update.fps - FPS of last window (per defined calculatePerMs option)
// update.avgfps - FPS average since start()
},
onStop: (reason) {
// reasons why FPSMeter can halt:
// FPSMeter.stop() initiated by: user
// FPSMeter.stop() initiated by: document visibilitychange event
// FPSMeter.stop() initiated by: rAF timed out
// FPSMeter.stop() initiated by: window blur event
}
});
// Start
meter.start();
// Stop
meter.stop();
Example of collecting 10 FPS calculations of 500ms windows to add to client telemetry summary:
import FPSMeter from '@vrbo/fpsmeter';
const meter = new FPSMeter({
calculatePerMs: 500,
maxCalculations: 10
});
meter.start();
function onSummarizeClientTelemetry() {
let summary = {};
// stop meter
meter.stop();
// collect fps windows into string attribute
summary.fps = meter.fpsWindows.join(',');
return summary;
}
setTimeout(() => {
let summary = onSummarizeClientTelemetry();
console.log(summary.fps); // prints "60,60,60,60,60,60,60,60,60,60" if perfect client performance
}, 10000);
** Note: You may see less than 10 FPS measurements if FPSMeter stops for any reason (see below Caveat)
When a user loses focus on the page for any reason, we need to halt the measure of FPS due to the browser engine no longer actively executing the internal API requestAnimationFrame which the FPSMeter library relies on, otherwise our FPS measurements will be skewed.
To mitigate this, FPSMeter will halt when either of the following three conditions occur:
This ensures that FPSMeter data is clean and comparable across page views.
To test this for yourself, try the demo link at the top of the page.
npm start
This projects supports auto-formatting of source code! Simply find your favorite IDE from the list in the following list: https://prettier.io/docs/en/editors.html
For VSCode support, perform the following steps:
ext install esbenp.prettier-vscode
FAQs
Small utility that measures frames per second in a browser context.
The npm package @vrbo/fpsmeter receives a total of 0 weekly downloads. As such, @vrbo/fpsmeter popularity was classified as not popular.
We found that @vrbo/fpsmeter demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.