Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
bigwheel is an unopinionated, minimalist frontend framework that manages application state
bigwheel is an unopinionated, minimalist framework which handles frontend application state. It can be used to organize your application into "sections"/pages which are brought in by routes. Animation is a first class citizen and is accounted for when managing application states. bigwheel does not conform to a specific render engine framework so a project which is based on the DOM, WebGL, Canvas2D, SVG, or even Console applications can be built using bigwheel.
https://github.com/bigwheel-framework/documentation
Note this is not a "best practice" example but simply a concise example that shows many of the features of bigwheel
. Refer to the documentation link above for best practices and other information.
var bigwheel = require('bigwheel');
var Tween = require('gsap');
// create our framework instance
var framework = bigwheel( function(done) {
// the function passed to bigwheel should return
// a setting object or alternately you can pass
// the setting object to the callback defined as
// done. This is nice if you need to do assynchronous
// loading before content should be shown
return {
// define our routes
// routes are associated to "sections"
// sections are functions or objects
routes: {
'/': Section,
'/about': Section,
'/contact': Section
}
};
});
// this will start bigwheel and it will start resolving routes
framework.init();
// This is the definition for the sections which bigwheel will run
// sections can define init, resize, animateIn, animateOut, destroy functions
// these will methods will be called by bigwheel
function Section() {
var el;
return {
// the init function creates the view and initializes it
// after init finishes the view should not be visible
init: function(req, done) {
el = createEl(req);
el.onclick = function() {
framework.go(getToSection(req));
};
done();
},
// the resize function will be called imediately after init
// here you can apply "responsive" calculations on your view
resize: function(width, height) {
var fontSize = width / 500 * 30;
el.style.fontSize = fontSize + 'px';
el.style.top = Math.round(( height - fontSize ) * 0.5) + 'px';
},
// in animateIn you'll animate in your hidden content that
// was created in init
animateIn: function(req, done) {
Tween.from(el, 1, {
y: -100,
opacity: 0,
ease: Back.easeOut,
onComplete: done
});
},
// in animateOut you'll animate out your content that
// was created in init
animateOut: function(req, done) {
Tween.to(el, 0.25, {
y: 100,
opacity: 0,
ease: Back.easeIn,
onComplete: done
});
},
// in destroy you'll clean up the content which was
// created in init
destroy: function(req, done) {
el.parentNode.removeChild(el);
}
};
}
// this is just a utility function created for this example to create
// an element which will be added to the dom and initialized
function createEl(req) {
var el = document.createElement('a');
el.innerHTML = 'Click to go from "' + req.route + '" to "' + getToSection(req) + '"';
el.style.position = 'absolute';
el.style.cursor = 'pointer';
return document.body.appendChild(el);
}
// this function acts as almost like a model for this example
// generally you'd either load your model from a server or
// have a static model object
function getToSection(req) {
return {
'/': '/about',
'/about': '/contact',
'/contact': '/'
}[ req.route ];
}
MIT, see LICENSE.md for details.
FAQs
bigwheel is an unopinionated, minimalist frontend framework that manages application state
The npm package bigwheel receives a total of 31 weekly downloads. As such, bigwheel popularity was classified as not popular.
We found that bigwheel demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.