Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
aframe-blend-transforms
Advanced tools
This is a companion component to screen-display, which supports giving an object a transform (i.e. position, rotation & scale) that is a weighted blend of two different object transforms (we call these "anchors")
The can be used in combination with the animation component to smoothly move objects from a position on screen to a position in the 3D world, and vice-versa.
See examples:
This component is pretty new. It has been used in one application and performed well, but may hit problems in novel situations.
It explicitly can handle:
Currently, scale, position & rotation are all controlled by a single parameter - more flexibility may be desirable in future - see "Other Notes" below for an explanation why.
Via CDN
<script src="https://cdn.jsdelivr.net/npm/aframe-screen-display@0.1.1/index.min.js"></script>
Or via npm
npm install aframe-screen-display
See the examples folder for some examples of how to use the component, including examples of how to combine it with the animation component.
Typically, you will set up two invisible anchor objects, and then refer to them from the component that you wish to position with a blend of their transforms.
The following attributes are supported on the blend-transforms component:
Position, scale and rotation are all weighted linearly, using the configured percentage.
This may lead to unexpected behaviour when using this component in combination with screen-display. Although the object may be moving linearly in space, if it starts far from the camera, and ends up close to it, then it may appear to be moving slowly at the start, and very fast at the end.
This effect can be compensates for by using a non-linear easing function in the animation (e.g. quadratic or cubic). However, while that might "correct"the apparent rate of positional change, it will also make the rotation speed non-linear, which may look odd.
In future, I hope to to enhance this component to allow options for independent control of each of rotation, position and scale.
FAQs
Give an A-Frame object a transform (i.e. position, rotation & scale) that is a weighted blend of two different object transforms.
The npm package aframe-blend-transforms receives a total of 2 weekly downloads. As such, aframe-blend-transforms popularity was classified as not popular.
We found that aframe-blend-transforms demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.