Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
ECSY (pronounced as "eksi") is an highly experimental Entity Component System framework implemented in javascript, aiming to be lightweight, easy to use and with good performance.
For detailed information on the architecture and API please visit the documentation page
world
instanceNot
operator: https://ecsy.io/examples/factoryInstalling the package via npm
:
npm install --save ecsy
import {World, System} from 'ecsy';
// Acceleration component
class Acceleration {
constructor() {
this.value = 0.1;
}
}
// Position component
class Position {
constructor() {
this.x = 0;
this.y = 0;
this.z = 0;
}
}
// Create world
var world = new World();
var entityA = world
.createEntity()
.addComponent(Position);
for (let i = 0; i < 10; i++) {
world
.createEntity();
.addComponent(Acceleration)
.addComponent(Position, { x: Math.random() * 10, y: Math.random() * 10, z: 0});
}
// Systems
class MovableSystem extends System {
init() { // Do whatever you need here }
// This method will get called on every frame by default
execute(delta, time) {
// Iterate through all the entities on the query
this.queries.moving.forEach(entity => {
var acceleration = entity.getComponent(Acceleration).value;
var position = entity.getMutableComponent(Position);
position.x += acceleration * delta;
position.y += acceleration * delta;
position.z += acceleration * delta;
});
}
}
// Define a query of entities that have "Acceleration" and "Position" components
System.queries = {
moving: {
components: [Acceleration, Position]
}
}
// Initialize entities
var entityA = world
.createEntity()
.addComponent(Position);
for (let i = 0; i < 10; i++) {
world
.createEntity();
.addComponent(Acceleration)
.addComponent(Position, { x: Math.random() * 10, y: Math.random() * 10, z: 0});
}
// Run!
function run() {
// Compute delta and elapsed time
var time = performance.now();
var delta = time - lastTime;
// Run all the systems
world.execute(delta, time);
lastTime = time;
requestAnimationFrame(animate);
}
var lastTime = performance.now();
run();
You can also include the hosted javascript directly on your HTML:
<!-- Using UMD (It will expose a global ECSY namespace) -->
<script src="https://ecsy.io/build/ecsy.js"></script>
<!-- Using ES6 modules -->
<script src="https://ecsy.io/build/ecsy.module.js"></script>
FAQs
Entity Component System in JS
We found that ecsy demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.