Research
Security News
Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
By Kush Pandya - May 08, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
daisywheel
Advanced tools
daisywheel
The Steam 'Big Picture' Daisywheel ported to JS and CSS. Supports Gamepad API.
DaisywheelJS
The Steam "Big Picture" Daisywheel ported to Javascript and CSS. Works with the Gamepad API, available in the latest modern browsers.
Note
This interface is something every game with text input needs. Not a single game should present a QWERTY keyboard to a user with a controller in their hands. I ported this so that the growing HTML5 gaming community can use it in their games as a standard library in the user interface toolkit.
A live demo can be found here
Setup/Install/Documentation
Instructions on use can be found at daisywheeljs.org.
There you'll find:
Contributing
To setup your own build and/or contribute, pull down a clone of the repo. Run npm install to install dependencies. After making changes to either the daisywheel.js file or the less files run gulp and a build version of the files will be generated. The process should look like this:
git clone git@github.com:likethemammal/daisywheeljs.git
cd daisywheeljs
npm install
//make some changes
gulp
Attributions
gamepad-mod.js interfaces with the browser API and organizes the data sent over in the controller's events. It was a modification of the gamepad.js library found in the example code for the HTML5Rocks gamepad tester, which can be found in its orginal form here
License
This is licensed under the MIT Open-source License.
todo
- multilanguage support
- controller brand specific button images
- complex actions (attach to a text editor like Atom or Light Table)
FAQs
The Steam 'Big Picture' Daisywheel ported to JS and CSS. Supports Gamepad API.
The npm package daisywheel receives a total of 5 weekly downloads. As such, daisywheel popularity was classified as not popular.
We found that daisywheel demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 22 Jul 2016
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Backdooring the IDE: Malicious npm Packages Hijack Cursor Editor on macOS
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.
By Kirill Boychenko - May 07, 2025
Security News
AI Slop Is Polluting Bug Bounty Platforms with Fake Vulnerability Reports
AI-generated slop reports are making bug bounty triage harder, wasting maintainer time, and straining trust in vulnerability disclosure programs.
By Sarah Gooding - May 06, 2025