Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
elastic-svg
Advanced tools
=======
Scalable Vector Graphics are one of the Web's most triumphant technologies, but they're not as responsive as they might be. This is a very lightweight, dependency-free library that generates svg
elements that fit to their container and scale or don't scale as necessary.
var elasticSVG = require("elastic-svg");
var b = elasticSVG("#container", {
height: 400
});
var b = elasticSVG("#container", {
aspect: 0.5
});
You must pass base
a selector representing the parent element in width the SVG will be created. You can optionally pass an object as a second argument representing options. These are:
property | description |
---|---|
width | The initial width of the SVG. Defaults to width of parent |
height | The initial height of the SVG. Defaults to the aspect ratio. |
aspect | The aspect ratio of the SVG. Defaults to 0.618, approximately the golden ratio |
resize | Info about how the SVG should scale. Current options are:
|
onResize | callback function to fire whenever the SVG resizes. This function will receive three arguments: the (new) width, height, and scale, which is (current width) / (original width) |
Sometimes you want an SVG to resize according to its original proportions, other times you want the height to remain fixed while the width resizes. If you specify the height
, it will remain fixed. If you don't, but you specify aspect
, it remains proportional. If you specify neither, it defaults to an aspect ration of 0.618, or approximately the aspect ratio.
var elasticSVG = require("elastic-svg");
var b = base("#container", {
onResize: function(w, h, s) {
console.log("Scale is " + s);
}
});
Allow to make an existing SVG responsive
FAQs
Responsive SVGs with no dependencies
The npm package elastic-svg receives a total of 7 weekly downloads. As such, elastic-svg popularity was classified as not popular.
We found that elastic-svg demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.