
Research
/Security News
Chrome and Firefox Extensions Posing as Free VPNs Add Clipboard Stealers via Malicious Updates
Malicious Chrome and Firefox extensions posed as free VPNs while stealing clipboard data through later extension updates.
This package is very simple with no dependencies and will help to implement a lot of useful features on canvas. This is main features:
npm install canv
import {Space} from 'canv';
window.onload = () => {
const s = Space(document.getElementById('canvas'), {scale: 0.7});
s.addDrawable({
x: 0, y: 0,
draw(ctx){
ctx.beginPath();
ctx.fillStyle = '#000';
ctx.rect(-100, -100, 200, 200);
ctx.fill();
ctx.closePath();
}
});
s.draw();
};
See all interface details in src/space.ts file
options (iSpaceOptions)
pixelRatio - (optional, number) - set if you need to set your custom pixelRatioonResize - (optional, () => void) - onResize handler (pixelRatio will be ignored if this param set)setupAutoResize - (optional, boolean) - flag to setup resize handler or not (default true)animationTick - (optional, (ts: number) => void) - set if you have dynamic content which should be always animated. The parameter of function is timestampproperties
canvas - (HTMLCanvasElement) - canvas you are bringing to space as a first paramobjects - (iObject[]) - all objects of a spacepixelRatio - (number) - canvas pixel ratioposition - (iPositioning) - some positional information (see interface section for details)options - (iSpaceOptions) - options of space (from constructor)methods
addDrawable(drawable) - add drawable as object to the spacedraw() - draws everythinglaunch() - should be called if you set animationTick in optionstransform(pos) - transforms position from page space to the current space.Usefull interface for creating new object
x - (number)y - (number)draw - (tDrawFunction)data - (optional, any) - data can be used in animation (see examples/animation.js)angle - (optional, number) - default 0scale - (optional, number) - default 1rotationCenter - (optional, iPosition) - default (0, 0) (center)hidden - (optional, boolean) - default falsechildren - (optional, iDrawable[])checkInside - (optional, tCheckInside) - checker to make interactions work (selecting, clicking, dragging objects) - see examples/selection.jsselectable - (optional, boolean) - default false, works with checkInside onlyfixedOrientation - (optional, boolean) - default false, set true to preserve angle of object while rotating space.fixedPosition - (optional, boolean) - default false, set true to preserve position (useful for things like hud)onClick - (optional, (pos: iPosition) => void) - click handler (see examples/animation.js)All objects in space stores as Objects not Drawables
parent - (iObject | iSpace) - parent nodeorig - (iDrawable)selectable - (boolean)data - (any)getSpace - (() => iSpace)position - (iPositioning)draw - (tDrawFunction)checkInside - (tCheckInside)inAnimationLoop - (boolean)click - (()=>void)clickable - (()=>boolean)selected - ((val?:boolean) => boolean)transform - ((position: iPosition) => iPosition)animate - ((options: iAnimateOptions) => void)applyAnimation - (tAnimationFunc)stopAnimation - ((all?: boolean) => void)To make some interaction methods work you need install them. So there are several methods for installing this methods:
installSelection(space) - install it to make object selection possible in your projectinstallClicks(space) - to make click on object workinstallCanvasControll(space) - the biggest feature which allows you to scale using wheel, move canvas space dragging with mouse and use touch features like pinch-n-zoom and rotate (with 2 fingers).npm uninstall canv if you've installed it alreadynpm i && npm run build (or npm run watch)npm linkimport {Space} from 'canv';Here are the list of known issues: Canv issues
FAQs
canvas interactive tool
The npm package canv receives a total of 12 weekly downloads. As such, canv popularity was classified as not popular.
We found that canv demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
Malicious Chrome and Firefox extensions posed as free VPNs while stealing clipboard data through later extension updates.

Research
/Security News
Miasma Mini Shai-Hulud hits @immobiliarelabs Backstage plugins, targeting GitLab and LDAP auth packages on npm.

Security News
Rolldown paused Rust React Compiler integration after a 5MB binary size increase raised concerns about shipping React-specific code to all Vite users.