
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
angularjs-date-picker
Advanced tools
Yet another date picker for Angularjs.
Install from npm:
npm install angularjs-date-picker
Your app must include moment, angular and bootstrap (which will also require Jquery) before the date picker will render correctly.
Add them to your index.html:
<link rel="stylesheet" href="bootstrap/dist/css/bootstrap.css">
<script src="jquery/dist/jquery.js"></script>
<script src="bootstrap/dist/js/bootstrap.js"></script>
<script src="angular/angular.js"></script>
<script src="node_modules/moment/min/moment.min.js"></script>
Additionally, you must add the directive source files:
<script src="angularjs-date-picker/src/angularjs-date-picker.js"></script>
<script src="angularjs-date-picker/src/angularjs-date-picker.template.js"></script>
Include the date picker module as a dependency in your module:
angular.module('my.module', ['ui.date.picker'])
Then use the tag in html controlled by that controller:
<div><date-picker></div>
The only exposed event is when a date is selected. Add the attribute onDateSelected
to the html tag:
<div><date-picker on-date-selected="fireDateChange(date)"></div>
onDateSelected
takes a function with the input parameter of a Moment object. Your outer function passed to the directive could look like this:
function fireDateChange(date){
var currentDate = date.format('YYYY-MM-DD');
}
FAQs
Yet another Angular Date-picker
The npm package angularjs-date-picker receives a total of 5 weekly downloads. As such, angularjs-date-picker popularity was classified as not popular.
We found that angularjs-date-picker demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.