Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
mouse-event-offset
Advanced tools
Readme
Computes the [ offsetX, offsetY ]
from a mouse or touch event, relative to the top left of the target
element.
var offset = require('mouse-event-offset')
window.addEventListener('touchstart', function (ev) {
var target = ev.currentTarget
var touch = ev.changedTouches[0]
var pos = offset(touch, target)
//=> [ 128, 52 ]
})
position = offset(event, [target], [out])
Pass a MouseEvent or TouchEvent as event
.
Optionally, you can specify a target
element which the touch event should be relative to. Defaults to event.currentTarget
, falling back to event.srcElement
for older IE.
You can also specifiy out
to store the position in that array, and avoid creating a new one.
3.x
new version; simpler API, less assumptions, avoids GC thrashing2.x
uses ev.currentTarget
instead of ev.target
1.x
simple implementation using ev.target || ev.srcElement
MIT, see LICENSE.md for details.
FAQs
get relative position from an event
The npm package mouse-event-offset receives a total of 179,393 weekly downloads. As such, mouse-event-offset popularity was classified as popular.
We found that mouse-event-offset demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.