Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Readme
⌨️ A tiny keyboard shortcut handling library.
callback
function =>
get results.KeyboardEvent
listener (keyup
, keydown
, keypress
, etc.)Example
import combi from 'combi'
const onShortcut = combi((shortcut, keyEvent) => {
console.log(shortcut) // -> 'ctrl+z'
})
window.addEventListener('keydown', onShortcut)
npm install --save combi
Alternatively, you can download and/or import it from unpkg.com/combi as an ES or UMD module.
import combi from 'https://unpkg.com/combi/dist/combi.es.js'
<!-- This adds `combi` to the global context (`window`) -->
<script src="https://unpkg.com/combi/dist/combi.umd.js"></script>
You can find the library on window.combi
combi
takes a handler function as an argument. This handler function should take two arguments. The first one: the keyboard shortcut that has been pressed. The second one: the original keyboard event. You can match these shortcuts however you want.
import combi from 'combi'
const onShortcut = combi((shortcut) => {
switch ((shortcut, event)) {
case 'meta+s':
case 'ctrl+s':
event.preventDefault()
action('save')
break
case 'shift+meta+z':
case 'ctrl+y':
event.preventDefault()
action('redo')
break
case localStorage.getItem('shortcut'):
event.preventDefault()
action('custom-action')
break
default:
// do nothing.
}
})
window.addEventListener('keydown', onShortcut)
You can use combi
to create custom input fields for specifying key combinations. Useful when building apps with configurable keyboard shortcuts.
import combi from 'combi'
// pass `true` as second argument to call preventDefault() when a combination is used
const onShortcut = combi((combination, event) => {
event.target.value = combination
localStorage.setItem('shortcut', combination)
}, true)
const inputElement = document.querySelector('#shortcut-input')
inputElement.addEventListener('keydown', onShortcut)
combi(callback: Function, preventDefault?: Boolean)
{Function}
A function that handles shortcuts, that looks like this:
(shortcut: String, event: KeyboardEvent) => any
shortcut {String}
- keyboard shortcut that has been pressed (e.g. shift+meta+x
, ctrl+y
)
event {KeyboardEvent}
- the original KeyboardEvent
passed to combi
by the event listener
{Boolean}
Whether combi
should always call .preventDefault()
when receiving a keyboard event. Defaults to false
These are the modifiers combi
supports. Shortcuts detected will always be parsed in this order:
meta
on Windows is highly discouraged for non-system shortcuts)In order to maintain combi
as simple as possible, while enabling the most common and standard use cases, some rules are in place:
+
alt+
shift+
meta+
somekeyKeyboardEvent.code
with the words Key
and Digit
removed
KeyA
becomes a
Digit0
becomes 0
BracketLeft
becomes bracketleft
Note: These considerations are not arbitrary. Most of them are derived from the following guidelines:
Something does not work as expected or perhaps you think this project needs a feature? Please open an issue using GitHub issue tracker.
Make sure that an issue pointing out your specific problem does not exist already. Please be as specific and straightforward as possible.
Pull Requests (PRs) are welcome! You should follow the same basic stylistic conventions as the original code.
Make sure that a pull request solving your specific problem does not exist already. Your changes must be concise and focus on solving a discrete problem.
Copyright (c) 2018 Kristian Muñiz
FAQs
A tiny keyboard shortcut handling library
We found that combi demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.