Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
canvasjs
Advanced tools
Readme
CanvasJS, as depicted in its official website, is a charting library:
CanvasJS is an easy to use JavaScript & HTML5 Charts library built on Canvas element. It runs across devices including iPhone, iPad, Android, Windows Phone, Microsoft Surface, Desktops, etc. This allows you to create rich dashboards that work on all the devices without compromising on maintainability or functionality of your web application. CanvasJS comes with beautiful themes and is over 10x faster than conventional Flash and SVG Charts – resulting in lightweight, beautiful and responsive dashboards.
npm install canvasjs
First of all, you need to import it. This can be achieved in different ways depending up on what module definition pattern your application is using.
The CanvasJS package works by default with CommonJS so you can use it with browserify/webpack as shown below:
// CommonJS
var CanvasJS = require('canvasjs');
// If you are using ES6, then
import CanvasJS from 'canvasjs';
It is also possible to use it with AMD loaders as Require.js. If so, you can import it this way:
// AMD
require('canvasjs/dist/canvasjs.js', function(CanvasJS){
// Add your stuff here
});
Finally, you may also import it as a global dependence:
<script src="canvasjs/dist/canvasjs.js">
Then you can access the global variable CanvasJS
.
** Note: dist folder also contains a minified version located at dist/canvasjs.min.js and ready for production, and also a wrapper for using it with jQuery.
npm run build
This repository just extends the original code by including new features and several fixes.
The original code can be found at http://canvasjs.com. It was released as CC for personal use and it needs to be licensed under commercial use - see terms here.
FAQs
CanvasJS charting library
We found that canvasjs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.