Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
The purpose of this module is to create After Effects JSX/JS Script cript to:
Documentation on Adobe's After Effects scripting guide can be found here:
There are a few ways that you can consume this module. They are documented below:
after-effects
moduleafter-effects
moduleThe after-effects
allows you to run "functions" in After effects. Pass it one function it will return you the value in Node. No need to use the After Effects Scripting tools. To use with after-effects
:
Install after-effects
:
$ npm i ae-to-json after-effects --save
In Javascript:
var aeToJSON = require('ae-to-json/after-effects');
var ae = require('after-effects');
ae.execute(aeToJSON)
.then(function(json) {
// do something with the json outout
})
.catch(function(e) {
throw e;
});
Copy the contents of dist/index.js
. The dist build will bring in es-5 shims and a JSON shim.
In After Effects go to:
You should now be able to do something like:
JSON.stringify(aeToJSON(), null, ' ');
Since After Effects currently uses a Ecma Script 3 engine you will need to shim in Ecma Script 5. Also you should shim in JSON also.
Install:
$ npm i ae-to-json es5-shim JSON2 --save
Javascript:
// shim in es5 functionality
require('es5-shim');
// you might want to make JSON be a global
JSON = require('JSON2');
var aeToJSON = require('ae-to-json');
// do something with the aeToJSON function
After this you'll most likely want to browserify the Javascript file defined above.
$ browserify index.js -o bundle.js
Here's an example on an high level what will be exported from After Effects. For a more detailed example of an export check out: https://raw.githubusercontent.com/Jam3/ae-to-json/master/example/example.json
These files can be very large since we attempt to export everything but at least this small bit of documentation will help you get started traversing the exports:
{
// meta data for the project
project: {
// items which are used in the Project panel
// this includes:
// Compositions,
// Footage (images, videos, solids, etc.),
// Solids,
// etc.
items: [
// Composition Type
{
typeName: 'Composition',
// these are the Compositions layers
layers: [
{
// this includes all properties for this layer
// properties are things like:
// Transform, (position, scale, rotation, anchor, etc.)
// Material Options,
// Effects,
// etc.
properties: {
// this is what the transform property would look like
Transform: {
// Transform's have their own properties
// This is what X Position on a high level would look like
"X Position": {
// if a property is animatable it will contain keyframes
// keyframes will be a two dimension array where each element
// on the second dimension is a key frame
"keyframes": [
// each key frame has a time (in seconds) which is at [0]
// a value which is at [1] (values can be scalar values
// or arrays represented by arrays)
//
// And an optional ease value. Generally you'd need more
// than one keyframe to have ease values.
//
// It should be noted if no keyframes were added in After
// Effects for ease of use one keyframe will be output with
// the value at time 0
[ time, value, ease ]
]
}
}
}
}
]
},
{
typeName: 'Footage'
},
{
typeName: 'Folder',
items: [
// this items folder would contain
// Compositions, Footage, Solids, etc.
]
}
]
}
}
You can view an export example at (be forewarned these files are huge):
https://raw.githubusercontent.com/Jam3/ae-to-json/master/example/example.json
To run tests there are two scenarios. Run a test just once or watch the src/
and test/
folders and run tests. Below are the commands to run tests:
To run test once:
$ npm test
To watch and run (better for development):
$ npm start
When run unit tests are run on the JSON out along with a testOutput.json
file is exported to the root director of this repo.
MIT, see LICENSE.md for details.
FAQs
will export an After Effects project as a JSON object
We found that ae-to-json demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.