Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
An ES6+ sourced DOMMatrix shim for Node.js apps and legacy browsers. Since this source is modernized, legacy browsers might need some additional shims.
The constructor is almost equivalent with the DOMMatrix in many respects, but tries to keep a sense of simplicity. In that note, we haven't implemented DOMMatrixReadOnly methods like flipX()
or inverse()
or aliases for the main methods like translateSelf
or the old rotate3d
.
See DOMMatrix shim in action, click me and start transforming.
npm install dommatrix
Download the latest version and copy the dist/dommatrix.min.js
file to your project assets folder, then load the file in your front-end:
<script src="./assets/js/dommatrix.min.js">
Alternativelly you can load from CDN:
<script src="https://cdn.jsdelivr.net/npm/dommatrix/dist/dommatrix.min.js">
In your regular day to day usage, you will find yourself writing something like this:
import CSSMatrix from 'dommatrix';
// init
let myMatrix = new CSSMatrix('matrix(1,0.25,-0.25,1,0,0)');
// apply methods
myMatrix.translate(15);
myMatrix.rotate(15);
// apply to styling to target
element.style.transform = myMatrix.toString();
For the complete JavaScript API, check the JavaScript API section in our wiki.
For more indepth guides, head over to the wiki pages for developer guidelines.
In contrast with the original source there have been a series of changes to the prototype for consistency, performance as well as requirements to better accomodate the DOMMatrix interface:
afine
property at initialization only and based on the number of arguments or the type of the input CSS transform syntax;translate()
, scale()
and rotate()
instance methods to work with one axis transformation, also inline with DOMMatrix;toString()
instance method to utilize the new method toArray()
described below;setMatrixValue()
instance method to do all the heavy duty work with parameters;is2D
(getter and setter) property;isIdentity
(getter and setter) property;fromMatrix
static method, not present in the constructor prototype;fromString
static method, not present in the constructor prototype;fromArray()
static method, not present in the constructor prototype, should also process Float32Array / Float64Array via Array.from()
;toArray()
instance method, normalizes values and is used by the toString()
instance method;toJSON()
instance method will generate a standard Object which includes {a,b,c,d,e,f}
and {m11,m12,m13,..m44}
properties and excludes is2D
& isIdentity
properties;transformPoint()
instance method which works like the original.afine
property, it's a very old WebKitCSSMatrix defined property;inverse()
instance method, will be re-added later for other implementations (probably going to be accompanied by determinant()
, transpose()
and others);setIdentity()
instance method due to code rework for enabling better TypeScript definitions;toFullString()
instance method, probably something also from WebKitCSSMatrix;feedFromArray
static method, not present in the constructor prototype, fromArray()
will cover that;toFloat64Array()
and toFloat32Array()
instance methods are not supported, a quick FromFloat32Array(myMatrix.toArray())
should achieve just that;fromFloat64Array()
and fromFloat32Array()
static methods are not supported since fromArray()
should handle them just as well;flipX()
or flipY()
instance methods of the DOMMatrixReadOnly prototype are not supported,translateSelf()
or rotateSelf()
instance methods of the DOMMatrix prototype are not supported, instead we only implemented the most used DOMMatrixReadOnly instance methods.DOMMatrix shim is MIT Licensed.
FAQs
ES6+ shim for DOMMatrix
The npm package dommatrix receives a total of 366,257 weekly downloads. As such, dommatrix popularity was classified as popular.
We found that dommatrix demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.