Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
draggable-helper
Advanced tools
A js library to simplify your drag and drop functions. Start with a element, it will expose hooks(drag, moving, drop). You can stop drag, moving and drop by conditions. You can set minTranslate. Its code is easy, you can check source code. ## features * s
A js library to simplify your drag and drop functions. Start with a element, it will expose hooks(drag, moving, drop). You can stop drag, moving and drop by conditions. You can set minTranslate. Its code is easy, you can check source code.
npm install draggable-helper
import draggableHelper from 'draggable-helper'
// dragHandlerEl will be added mouse and touch event listener
const {destroy, options} = draggableHelper(HTMLElement dragHandlerEl, Object opt = {})
// opt
// opt will pass to hook, so you can attach custom data into opt, such the data of the element
// startEvent is mousedown or touchstart
opt = {
// [Object] style, set the style of dragging element
// getStyle(store, opt), set the style of dragging element
// [String] draggingClass, default dragging, set the class of dragging element
// [Boolean] clone, move the element or move a cloned one
// minTranslate default 10, unit px
// getEl(dragHandlerEl, store, opt), optional, get the el that will be moved. default is dragHandlerEl
// afterGetEl(store, opt)
// [Boolean] triggerBySelf if trigger only by dragHandlerEl self, can not be triggered by children
// hook, before drag start
// [Boolean] opt.restoreDOMManuallyOndrop the changed DOM will be restored automatically on drop. This disable it and pass restoreDOM function into store.
beforeDrag(startEvent, moveEvent, store, opt){
// when trigger drag, the position must be moved, so there are two event. startEvent also can be accessed by store.startEvent
// The dragged element at this time has not yet been obtained, store.el is null. 此时要移动的元素还没有获得到, 即store.el是空.
// return false to prevent drag
},
// hook, when drag start
drag(startEvent, moveEvent, store, opt){
// when trigger drag, the position must be moved, so there are two event. startEvent also can be accessed by store.startEvent
// return false to prevent drag
},
// hook, when mouse moving
moving: (moveEvent, store, opt) => {
// return false to prevent moving
},
// hook, when drop
drop: (endEvent, store, opt) => {
},
}
// store. life cycle: drag-end
store = {
el // the moving el
originalEl // the original moving el, used when clone
initialMouse
initialPosition // relative to offsetParent
mouse
move
movedCount // start from 0
startEvent // mousedown or touchstart event
endEvent,
restoreDOM() // function if opt.restoreDOMManuallyOndrop else null
}
Advance usage: bind to parent element, make children element as trigger element or moved element.
import draggableHelper from 'draggable-helper'
const {destroy, options} = draggableHelper(document.body, {
drag(startEvent, moveEvent, store, opt) {
// check trigger el
if (startEvent.target not has class 'your trigger class') {
return false
}
},
// get the element which will be moved
getEl: (dragHandlerEl, store, opt) => get the el which will be moved by `store.startEvent.target`
})
In follow case, drag event will be prevented.
const IGNORE_TRIGGERS = ['INPUT','TEXTAREA', 'SELECT', 'OPTGROUP', 'OPTION']
undraggable
or its ancestor till dragHandlerEl has.FAQs
To simplify drag and drop.
The npm package draggable-helper receives a total of 3,694 weekly downloads. As such, draggable-helper popularity was classified as popular.
We found that draggable-helper demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.