
Research
/Security News
Toptalโs GitHub Organization Hijacked: 10 Malicious Packages Published
Threat actors hijacked Toptalโs GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
@vueuse/gesture
Advanced tools
Vue Composables making your app interactive
Let's get started quickly by installing the package and adding the plugin.
From your terminal:
pnpm add @vueuse/gesture
In your Vue app entry file:
import { createApp } from 'vue'
import { GesturePlugin } from '@vueuse/gesture'
import App from './App.vue'
const app = createApp(App)
app.use(GesturePlugin)
app.mount('#app')
You can now interact with any of your component, HTML or SVG elements using v-drag
or any other directive.
<template>
<div v-drag="dragHandler" />
</template>
<script lang="ts">
const dragHandler = (dragState) => {
// Do something with dragState
}
</script>
To see more about the gestures events data, check out Gesture State.
To see more about the gestures options, check out Gesture Options.
Also, here is a list of the available gestures:
This package is a fork react-use-gesture by pmndrs.
If you like this package, consider following me on GitHub and on Twitter.
๐
FAQs
๐น Vue Composables making your app interactive
The npm package @vueuse/gesture receives a total of 11,554 weekly downloads. As such, @vueuse/gesture popularity was classified as popular.
We found that @vueuse/gesture demonstrated a not healthy version release cadence and project activity because the last version was released a year ago.ย It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Threat actors hijacked Toptalโs GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Research
/Security News
Socket researchers investigate 4 malicious npm and PyPI packages with 56,000+ downloads that install surveillance malware.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.