Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
electrum-events
Advanced tools
The electrum-events
module forwards web component events to the bus.
Capturing the mouse on Chrome (and electron) is tricky.
electrum-events
provides some helper functions to make the developer's
life easier:
captureMouseEvents(e, listeners)
captures the mouse until the mouse
button gets released. The listeners
object can specify functions
onMouseMove(e)
and onMouseUp(e)
to process these events.preventGlobalMouseEvents()
and restoreGlobalMouseEvents()
can be
used to disable mouse events on a complete HTML document. This can come
in handy if you want to make an HTML page passive.Note that captureMouseEvents()
makes use of preventGlobalMouseEvents()
so there is no need to call these functions when capturing the mouse events.
The EventHandlers
class provides implementations for the various event
handlers needed by React web components:
handleBlur
and handleFocus
handleChange
handleKeyDown
, handleKeyUp
and handleKeyPress
handleSelect
Events are of two categories:
bus.notify()
function.bus.dispatch()
function.Usually, you won't use EventHandlers
yourself. It is Electrum's
responsibility to inject the handlers into wrapped components.
This is handled by Electrum's InjectingMiddleware
:
class Electrum {
...
reset () {
...
this._injectingMiddleware = new InjectingMiddleware ();
this._injectingMiddleware.register ('events', obj => {
obj._eventHandlers = EventHandlers.inject (obj, () => this.bus);
});
...
}
}
The instance of the event handlers class attached to a component
can be accessed through obj._eventHandlers
. This might be useful
when debugging (see below).
Every event handlers instance provides the following public properties:
component
→ the component to which the handlers are attached.props
→ the properties of the component.bus
→ the bus to which the events will be sent.Class EventHandlers
has a property debug
which can be set to log
events to the console, which may prove convenient to better understand
what happens.
For customized logging, set debug
to a function:
const eh = new EventHandlers (obj, bus);
eh.debug = (component, source, event) => { /* ... */ };
The component
argument refers to the component on which the event
was notified. The source
argument is one of focus
, change
,
key-down
, key-up
, key-press
and select
, while the event
argument gives full access to the event being processed.
FAQs
Electrum Events forwards web component events to the bus.
The npm package electrum-events receives a total of 4 weekly downloads. As such, electrum-events popularity was classified as not popular.
We found that electrum-events demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.